kp.ua Open in urlscan Pro
108.138.17.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kp.ua/
Effective URL:
https://kp.ua/ua/
Submission: On December 06 via api (December 6th 2022, 12:33:24 am UTC) from GB — Scanned from GB

Summary HTTP 188 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 22 domains to perform 188 HTTP transactions. The main IP is 108.138.17.31, located in United States and belongs to AMAZON-02, US. The main domain is kp.ua. The Cisco Umbrella rank of the primary domain is 832522.
TLS certificate: Issued by Amazon on May 25th 2022. Valid for: a year.

This is the only time kp.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	108.138.17.65 108.138.17.65	16509 (AMAZON-02) (AMAZON-02)
1 44	108.138.17.31 108.138.17.31	16509 (AMAZON-02) (AMAZON-02)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
1	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
5	78.159.118.240 78.159.118.240	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	145.239.237.56 145.239.237.56	16276 (OVH) (OVH)
6	212.8.250.83 212.8.250.83	49981 (WORLDSTREAM) (WORLDSTREAM)
1	212.32.253.229 212.32.253.229	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
8	2606:4700:1::... 2606:4700:1::6813:864e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	167.71.9.19 167.71.9.19	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:1::... 2606:4700:1::6813:854e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	141.95.33.111 141.95.33.111	16276 (OVH) (OVH)
1	2001:41d0:701... 2001:41d0:701:1000::96f	16276 (OVH) (OVH)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
32	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
3 4	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	185.89.210.82 185.89.210.82	29990 (ASN-APPNEX) (ASN-APPNEX)
8	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
188	35

1 108.138.17.65 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-65.fra56.r.cloudfront.net

kp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 108.138.17.31 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-31.fra56.r.cloudfront.net

kp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 78.159.118.240 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com

cdn.umh.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.cdn.umh.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.237.56 (France)

ASN16276 (OVH, FR)
PTR: ip56.ip-145-239-237.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 212.8.250.83 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl

ad.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.32.253.229 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

z.cdn.adtarget.market	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

bgstats.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:1::6813:854e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:41d0:701:1000::96f (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (France)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.82 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
57	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 144	613 KB
45	kp.ua 2 redirects kp.ua — Cisco Umbrella Rank: 832522	1 MB
23	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 98 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203 googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 cm.g.doubleclick.net — Cisco Umbrella Rank: 234 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 316	250 KB
9	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7611 c.mgid.com — Cisco Umbrella Rank: 5697 cdn.mgid.com — Cisco Umbrella Rank: 10293 servicer.mgid.com — Cisco Umbrella Rank: 7790 s-img.mgid.com — Cisco Umbrella Rank: 5272 cm.mgid.com — Cisco Umbrella Rank: 1514	98 KB
8	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 288	219 KB
7	mox.tv ad.mox.tv — Cisco Umbrella Rank: 47559 bgstats.mox.tv — Cisco Umbrella Rank: 52645	126 KB
6	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 87	2 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 588	4 KB
5	umh.ua cdn.umh.ua — Cisco Umbrella Rank: 250239 z.cdn.umh.ua — Cisco Umbrella Rank: 270188	10 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 58336 ls.hit.gemius.pl — Cisco Umbrella Rank: 10826	22 KB
4	gstatic.com fonts.gstatic.com	103 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	167 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 238	3 KB
3	google.de www.google.de — Cisco Umbrella Rank: 5234 adservice.google.de — Cisco Umbrella Rank: 7808	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38	20 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51	2 KB
2	eu-1-id5-sync.com lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1209 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1431	591 B
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1107 id5-sync.com — Cisco Umbrella Rank: 476	17 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 926	43 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 942	691 B
1	adtarget.market z.cdn.adtarget.market — Cisco Umbrella Rank: 354264	41 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	46 KB
188	22

	Domain	Requested by
45	kp.ua	2 redirects kp.ua
32	tpc.googlesyndication.com	googleads.g.doubleclick.net 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com tpc.googlesyndication.com kp.ua s0.2mdn.net securepubads.g.doubleclick.net
23	pagead2.googlesyndication.com	z.cdn.umh.ua pagead2.googlesyndication.com kp.ua 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net www.googletagservices.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com
8	s0.2mdn.net	kp.ua s0.2mdn.net
6	ad.mox.tv	z.cdn.umh.ua ad.mox.tv kp.ua
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.google.com	2 redirects kp.ua tpc.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	ad.mox.tv 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com googleads.g.doubleclick.net
4	z.cdn.umh.ua	cdn.umh.ua
4	gaua.hit.gemius.pl	1 redirects kp.ua gaua.hit.gemius.pl
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
3	www.google-analytics.com	kp.ua www.google-analytics.com
2	googleads4.g.doubleclick.net	kp.ua
2	fonts.googleapis.com	tpc.googlesyndication.com
2	036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cm.mgid.com	jsc.mgid.com
2	cdn.mgid.com	kp.ua
2	unpkg.com	ad.mox.tv
2	www.google.de	kp.ua
2	jsc.mgid.com	z.cdn.umh.ua jsc.mgid.com
2	stats.g.doubleclick.net	www.google-analytics.com
1	id5-sync.com	cdn.id5-sync.com
1	lbs.eu-1-id5-sync.com	cdn.id5-sync.com
1	lb.eu-1-id5-sync.com	cdn.id5-sync.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	jsc.mgid.com
1	s-img.mgid.com	kp.ua
1	servicer.mgid.com	jsc.mgid.com
1	c.mgid.com	jsc.mgid.com
1	bgstats.mox.tv	kp.ua
1	z.cdn.adtarget.market	kp.ua
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	cdn.umh.ua	kp.ua
1	www.googletagmanager.com	kp.ua
188	40

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
telegram.me
twitter.com
www.youtube.com
www.instagram.com
mediadim.com.ua
widgets.mgid.com
www.mgid.com
clck.mgid.com

Subject Issuer	Validity	Valid
kp.ua Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
cdn.umh.ua R3	`2022-10-07` - `2023-01-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
ad.mox.tv R3	`2022-11-26` - `2023-02-24`	3 months	crt.sh
adtarget.market R3	`2022-11-24` - `2023-02-22`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-11` - `2023-05-11`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
bgstats.mox.tv R3	`2022-11-26` - `2023-02-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.eu-1-id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
*.id5-sync.com R3	`2022-11-09` - `2023-02-07`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://kp.ua/ua/
Frame ID: BEAC940AED5A38E1468175B4CAB6DEB1
Requests: 102 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 2561DFC655024BDA275DA97CABD01CF5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
Frame ID: CEA772B8F603F4C5D34D5715A5986B23
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1670286798648761538998
Frame ID: 32849DE944CBED6DD8782C2540AE96AE
Requests: 1 HTTP requests in this frame

Frame: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 909FB40D0BFC32F985691D2D805C457D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1670286719&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fkp.ua%2Fua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670286798368&bpp=4&bdt=1324&idt=383&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5487520907343&frm=20&pv=2&ga_vid=749560619.1670286797&ga_sid=1670286799&ga_hid=1709559253&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531705%2C44770880%2C21065725%2C31065825&oid=2&pvsid=3761264670364495&tmod=1138291117&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=402
Frame ID: 8E0D4FD6694728B37B1B0B356A25C172
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=8892904890&adk=2177230830&adf=1512214346&pi=t.ma~as.8892904890&w=728&lmt=1670286719&format=728x90&url=https%3A%2F%2Fkp.ua%2Fua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670286798372&bpp=1&bdt=1329&idt=402&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5487520907343&frm=20&pv=1&ga_vid=749560619.1670286797&ga_sid=1670286799&ga_hid=1709559253&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531705%2C44770880%2C21065725%2C31065825&oid=2&pvsid=3761264670364495&tmod=1138291117&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mBxLOytJob&p=https%3A//kp.ua&dtd=406
Frame ID: C90EF28379A8A526848B3F5F3C0C8CCD
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=2247890902&adk=2732461197&adf=4266451336&pi=t.ma~as.2247890902&w=300&lmt=1670286719&format=300x600&url=https%3A%2F%2Fkp.ua%2Fua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670286798374&bpp=1&bdt=1330&idt=407&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5487520907343&frm=20&pv=1&ga_vid=749560619.1670286797&ga_sid=1670286799&ga_hid=1709559253&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531705%2C44770880%2C21065725%2C31065825&oid=2&pvsid=3761264670364495&tmod=1138291117&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kusYUoQh2J&p=https%3A//kp.ua&dtd=409
Frame ID: 8A36E9E92546190A0822200FB747C779
Requests: 7 HTTP requests in this frame

Frame: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C18A6FCCA2C34AEF24EEEA9F6601BAF7
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html
Frame ID: 45E91635C0011DB7E62D667D984F8315
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIY2Ybo2gEwAQ&v=APEucNXtiuPOW8oRNU6wB1dtfZSodrJLRlVRXqQNEh3LwrBM0QXea8JW8ZwZTQga9n8RcEw3zWDcmLohsI6jvClXw-wWSQhAYfBMkz9LSJHQ3i4SjC1Jhs0AAdm4qYLAqmJQVZq06mlYKBQGbQOjvDndxcbE7H4_qbaZlckrd3c5OtPEt-V0fNo
Frame ID: F8C05CE5A8AE0B2EA750CC32C10D7D71
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 294072F66F170D23B355BF3E5FEF4206
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html
Frame ID: 16367FA118BD1B76BA2C374966E93516
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B14F79A02CECD7822E70E5B120D906BC
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/198363499651877342/300x250.html?e=69&leftOffset=0&topOffset=0&c=Kxp8ZMX4hw&t=1&renderingType=2&ev=01_247
Frame ID: E58A11BED929926F8135D9E953081C3F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F53E841558B528C0615ABBBC266657F0
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js
Frame ID: 1A753651E891602309536B093357AA82
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F15776C20E17A0E99F2F74F683AA97F3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 86F663BBF755E3986587EE522F8C5844
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини України. Останні новини в Україні сьогодні. Стрічка новин Україна за день | KP.UA - Новини на KP.UA

Page URL History Show full URLs

http://kp.ua/ HTTP 301
https://kp.ua/ HTTP 302
https://kp.ua/ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Page Statistics

188
Requests

96 %
HTTPS

60 %
IPv6

22
Domains

40
Subdomains

35
IPs

7
Countries

2973 kB
Transfer

6934 kB
Size

44
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/kp.kyiv

Search URL Search Domain Scan URL

URL: https://telegram.me/kp_in_ua

Search URL Search Domain Scan URL

URL: https://twitter.com/kp_ukraine

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/KievKp

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kp_ukraine

Search URL Search Domain Scan URL

URL: https://mediadim.com.ua/donate
Title: Допомогти КП в Україні

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=kp.ua&utm_medium=referral&utm_campaign=widgets&utm_content=1204223

Search URL Search Domain Scan URL

URL: https://www.mgid.com/services/privacy-policy

Search URL Search Domain Scan URL

URL: https://clck.mgid.com/ghits/12509614/i/57537293/0/pp/1/1?h=xHNIpWfZWXmMXyzicLvJWvSzayxrjja5EhiQR5r3yYSsPw5Bx9glJSi-UWfGx-YNaALOO3H1B7MtDkPJyzCgJg**&rid=9487e7a0-74fd-11ed-b149-e43d1a2a53a0&tt=Direct&att=3&cpm=1&gbpp=1&abd=1&iv=11&ct=1&gdprApplies=1&st=60&mp4=1

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kp.ua/ HTTP 301
https://kp.ua/ HTTP 302
https://kp.ua/ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 64

https://gaua.hit.gemius.pl/_1670286797840/rexdot.js?l=100&sendf=8&id=.WqVVKd0paG9gXEdrhpca2ZWj55NuYLCTbrLa7y1PXv.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkp.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=r0CKYKZKGUYKdwsHvWTvqcU5D8IxPD9zpd535YOwVRD.07jsn18A.xdfAcugKLlNTxxZGoFXRXsr_gmyTxGEN6ErZhK3/aZp7hU03s4VoT/&fpdata=vTzahnqd.LiRonjZCZmzEETwN3zLG95EU_tqL5opOdH.R7&ltime=287&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638e8dcd20d91e1b&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1670286797840/rexdot.js?l=100&sendf=8&id=.WqVVKd0paG9gXEdrhpca2ZWj55NuYLCTbrLa7y1PXv.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkp.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=r0CKYKZKGUYKdwsHvWTvqcU5D8IxPD9zpd535YOwVRD.07jsn18A.xdfAcugKLlNTxxZGoFXRXsr_gmyTxGEN6ErZhK3/aZp7hU03s4VoT/&fpdata=vTzahnqd.LiRonjZCZmzEETwN3zLG95EU_tqL5opOdH.R7&ltime=287&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638e8dcd20d91e1b&fpcap=

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDoKX57-2PXSyJfY6cMCnY&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDoKX57-2PXSyJfY6cMCnY&google_cver=1&C=1

Request Chain 121

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y46Nz6u5MFhml.eEI3kbRgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP-wwhUSGk9-wQhaQb6a_aY&google_cver=1&google_hm=2

Request Chain 122

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOqCkqBtaHmOc4fNaXwmeSs&google_cver=1

Request Chain 123

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1NDA5MjMyOTAwNjEyMjMyNA%3D%3D

Request Chain 132

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 143

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

188 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kp.ua/ua/
Redirect Chain

http://kp.ua/
https://kp.ua/
https://kp.ua/ua/

123 KB
18 KB

70ms
70ms

Document
text/html

108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 81d2ef0dd930d567ef180167aa6254f01c116e78f638120d525dac40d466b8c8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 56
content-encoding: gzip
content-length: 17778
content-type: text/html; charset=UTF-8
date: Tue, 06 Dec 2022 00:32:20 GMT
etag: "638e8d7f-4572"
last-modified: Tue, 06 Dec 2022 00:31:59 GMT
server: nginx/1.21.6
vary: Accept-Encoding
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
x-amz-cf-id: d7c6a5C8tBPU5jY9ZBsrdVsJlfUkatHcsndo_WKKRPiUOEAFvKlc-g==
x-amz-cf-pop: FRA56-P7
x-cache: Hit from cloudfront

Redirect headers

age: 56
content-length: 145
content-type: text/html
date: Tue, 06 Dec 2022 00:32:20 GMT
location: https://kp.ua/ua/
server: nginx/1.21.6
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
x-amz-cf-id: hVNRA6Q4pzfibtvI8lYwEifxl5ssvKmWdLdpIOVp2p4LI7FkhVueMA==
x-amz-cf-pop: FRA56-P7
x-cache: Hit from cloudfront

GET
H2 200 reset.css
kp.ua/user/css/ 2 KB
1 KB 61ms
60ms Stylesheet
text/css 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/css/reset.css
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 2fe6ee12ffd515c90b60a34da664f3c45362e95f34c0fe7a2cc03999c296752e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:32:27 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 30 Nov 2020 10:43:58 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
age: 50
etag: W/"5fc4ccee-70b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: dwRWQJvdFxiyyveMFY-O2aNmF_ufUVwgQ5lckL_GUJRopQy8zP2FBg==

GET
H2 200 main.min-v3.css
kp.ua/user/css/ 285 KB
42 KB 61ms
60ms Stylesheet
text/css 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/css/main.min-v3.css
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 7805d71627acf8deb69d74e852dfadb0673bdf002b0b6bc2ab16799c072c719d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:32:27 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Tue, 08 Mar 2022 13:08:59 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
age: 50
etag: W/"6227556b-47472"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: gYPrs7jnr-lkg7JD34VQHNJoE_vQecPwY6Jk70Ww9FebGROd-95_xw==

GET
H2 200 fix-v17.css
kp.ua/user/css/ 22 KB
4 KB 73ms
72ms Stylesheet
text/css 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/css/fix-v17.css
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: b2e708d6f686d37ef5fc0215e104ae69c7cd8d8aa8d6ead2e21fa92d527ce5b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:32:27 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jul 2022 09:12:12 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
age: 50
etag: W/"62c551ec-57f6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 0zwNPmkk-kQKoG6vW7G78JluGRT9crJ0lcaw40tABqiN8WRihLAnNA==

GET
H2 200 kp_async_actions.js Show response
kp.ua/user/js/ 863 B
1 KB 124ms
124ms Script
application/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/js/kp_async_actions.js
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 5a3816f53964b38ecf5ac165e1f3901d2c41cc1b6ce21477f1cee242538ed8e0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:31:37 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 27 Sep 2021 09:58:17 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
age: 100
etag: "615195b9-35f"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 863
x-amz-cf-id: p1azYTnOkON1UMaqZJ4uEizfQBr-SPh6kTxvAYvpwGooRJVhIQoIxg==
expires: Thu, 05 Jan 2023 00:31:37 GMT

GET
H2 200 kp-logo2.svg
kp.ua/user/img/ 6 KB
3 KB 73ms
73ms Image
image/svg+xml 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/kp-logo2.svg
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 5b66be2f6dc623a44a3173fd7ae71292fbc6b9a827b4a44b4099cfec8004eb6d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Tue, 08 Jun 2021 14:27:38 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"60bf7e5a-1864"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: BiPUI75ruTBa2V_aCTJGKiAPjj2eDydLZh0bVCOVX9uZv855cdWatA==

GET
H2 200 icon1.png
kp.ua/user/img/ 651 B
1008 B 74ms
73ms Image
image/png 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/icon1.png
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: e223f51dda9434ac054dea94e9185f3d38160ac4a44ab46a9f958432ee0a38b7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 30 Nov 2020 10:36:42 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "5fc4cb3a-28b"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 651
x-amz-cf-id: d5O4OIXDu66AJiGBxUCnHtt1cA8rmdD0AVKaof1YdoLaGKS3GGCguA==
expires: Thu, 05 Jan 2023 00:33:17 GMT

GET
H2 200 design.png
kp.ua/user/img/ 2 KB
3 KB 76ms
75ms Image
image/png 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/design.png
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 975e002ecc3bd3872f2baf77da6a9c6edaecfd5a0c33a1b6329111fb1141ff43

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Thu, 24 Dec 2020 10:22:51 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "5fe46bfb-8d7"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2263
x-amz-cf-id: LZ19agiqYNhl5kPqkGFGN3Dr3G5C81J2QBKmYl4Lzd1hD_a2nMV9kw==
expires: Thu, 05 Jan 2023 00:33:17 GMT

GET
H2 200 design-mob.png
kp.ua/user/img/ 2 KB
3 KB 75ms
74ms Image
image/png 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/design-mob.png
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: f8ac783bdb31ce594a60add3f47b17fc92231fc31e4ff22c429cba02ac4d380b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Thu, 24 Dec 2020 10:22:50 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "5fe46bfa-937"
x-cache: Miss from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2359
x-amz-cf-id: TLwTc6jpX-SygBZqeVoz1Vkpf6owkOJ9GZqza2RjPK9pIBjAX8HMYA==
expires: Thu, 05 Jan 2023 00:33:17 GMT

GET
H2 200 sunsite-front.js Show response
kp.ua/user/js/ 33 KB
9 KB 63ms
62ms Script
application/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/js/sunsite-front.js
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 9df8e886d451bef4454c5a3af1c5ff64073b6090e63cffe4724f5145635c0fe0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:31:38 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Tue, 08 Jun 2021 14:31:10 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
age: 99
etag: W/"60bf7f2e-84c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-amz-cf-id: _CmNyMapl7uHKVAnGUXZq0ILU1_CJgP6i7JYYP8LUbOZDLEokeWw0g==
expires: Thu, 05 Jan 2023 00:31:38 GMT

GET
H2 200 oauth_social.js Show response
kp.ua/user/js/ 2 KB
1 KB 61ms
61ms Script
application/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/js/oauth_social.js
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 6b3e9c721868dc8a1e4dcac101fdde43c6cac413a714fd55e694ed75d3481728

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:31:39 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 27 Sep 2021 08:39:49 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
age: 98
etag: W/"61518355-9a5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-amz-cf-id: AFTbvCLKGtf55whdlNdZbydUvV5tcqcjSC4H4VXISNmhwDC6jhb2sg==
expires: Thu, 05 Jan 2023 00:31:39 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 64 KB
17 KB 231ms
74ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: d4d4b08095d094be00aaa090c9f065a48336005f6a028c2cb170c878d2932e6e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 11:36:49 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17204
expires: Tue, 06 Dec 2022 12:33:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
46 KB 191ms
68ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PVGFCZ

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7954169bf2a1ab64a3c4fac56ea2d6cea156504e36dd68cc8129520d4523621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46257
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 06 Dec 2022 00:33:17 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 178ms
57ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 23:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4651
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 06 Dec 2022 01:15:46 GMT

GET
H2 200 search.svg
kp.ua/user/img/misc/ 2 KB
998 B 77ms
77ms Image
image/svg+xml 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/misc/search.svg
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: ccdaf3e8dd7f87bb9065c03282a0c14f48421298cf77e5b9fb4cac5a0264611a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/user/css/main.min-v3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 14:52:22 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"60196726-642"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: ANkjs_o26asADf0dDMIb-YpY7O5LiR8vb_-d_7OkKEeFl_7sf26afw==

GET
H2 200 Vollkorn-Regular.woff
kp.ua/user/libs/fonts/ 205 KB
206 KB 75ms
75ms Font
font/woff 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/libs/fonts/Vollkorn-Regular.woff
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 96e296a41a750381387fbeec04ee1bd485d4355a742d3be7dd7836c5613a18ca

Request headers

Referer: https://kp.ua/user/css/main.min-v3.css
Origin: https://kp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 13:56:30 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "5fe0a98e-33538"
x-cache: Miss from cloudfront
content-type: font/woff
accept-ranges: bytes
content-length: 210232
x-amz-cf-id: jVjhx-XHSReiUxrBit8sMyap4RNn_IqnIYOv7x9UF41gRWzoNxt6gQ==

GET
H2 200 facebook.svg
kp.ua/user/img/social/ 1 KB
888 B 76ms
75ms Image
image/svg+xml 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/social/facebook.svg
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: e074089764a34c469809a7949a95c0fc4a95ae3cac0307d7d5a79894c19f18bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/user/css/main.min-v3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 22 Feb 2021 15:09:02 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"6033c90e-511"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: jmOUHdfyVUVsYTRoHRvhQmbj0_U8ycPxeJB0ssi4bEcdmHuUK4ggLg==

GET
H2 200 telegram.svg
kp.ua/user/img/social/ 1 KB
1018 B 75ms
74ms Image
image/svg+xml 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/social/telegram.svg
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 3d79f5af8206726ec692d6629f5f06a4e98d1bbdca9a4f071c24e5b35d8c6fae

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/user/css/main.min-v3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 22 Feb 2021 15:09:08 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"6033c914-566"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: XaF3z70hj_DpludlPzmkMarKZdP4oyruXJB4KeW_2kdcZyU3jZk0zw==

GET
H2 200 twitter.svg
kp.ua/user/img/social/ 2 KB
1 KB 150ms
149ms Image
image/svg+xml 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/social/twitter.svg
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 3a2b4177a16a094db24245ac997425d096abc0f4a522bf64e0c299b7f1dca336

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/user/css/main.min-v3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 22 Feb 2021 15:09:09 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"6033c915-76b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: 887Gr9FGcZIQcOHZ-S-ibaNMa1A8XK1jK9p-JRw5fxm714LbIjMCOQ==

GET
H2 200 youtube.svg
kp.ua/user/img/social/ 2 KB
1 KB 149ms
149ms Image
image/svg+xml 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/social/youtube.svg
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 85dfc346b89bea0c2b11884407f9f2be0754f39c517ce7152b9417dfa563fcda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/user/css/main.min-v3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 22 Feb 2021 15:09:10 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"6033c916-6ef"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: ra7baOJLzeRgfh2Nkky3e3Mb9iZ-pDvznaXpWwlYSuahufdA1Ni7BQ==

GET
H2 200 instagram.svg
kp.ua/user/img/social/ 2 KB
1009 B 151ms
150ms Image
image/svg+xml 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/social/instagram.svg
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 35856737a11afe32203ead877b57d30e061b847c1af33045e937f037e62c0fbc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/user/css/main.min-v3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 22 Feb 2021 15:09:06 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"6033c912-6d0"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: NKgtS89PZz_sIHgFL8aibZJI30pH7T8nN7Rmh0Om36KGcYe7zMHZXQ==

GET
H2 200 IBMPlexSans-Regular.woff
kp.ua/user/libs/fonts/ 62 KB
62 KB 197ms
197ms Font
font/woff 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/libs/fonts/IBMPlexSans-Regular.woff
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 172305a05b27e67353e832b073f3fdcf7260b04eaa326e23eed56e850441056d

Request headers

Referer: https://kp.ua/user/css/main.min-v3.css
Origin: https://kp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 13:56:29 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "5fe0a98d-f7d0"
x-cache: Miss from cloudfront
content-type: font/woff
accept-ranges: bytes
content-length: 63440
x-amz-cf-id: IPhabf8W_CI6kfVubWXlfIbHSnfG-O0lB_W33TqLjvm4Wf_CDKfJSg==

GET
H2 200 photo.svg
kp.ua/user/img/article%20stats/ 1 KB
1 KB 146ms
146ms Image
image/svg+xml 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/article%20stats/photo.svg
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 61cc4e0d52a098c8ce520699a216c5a937225e2c932ce5e8061cbe0d0c985073

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/user/css/main.min-v3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 14:52:30 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"6019672e-5f4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: E3rJTMgx54ZChjmVk6WdyYYy7MWlIpsW6Ik0269HQZQip-s1kF7q_g==

GET
H2 200 IBMPlexSans-SemiBold.woff
kp.ua/user/libs/fonts/ 81 KB
81 KB 165ms
164ms Font
font/woff 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/libs/fonts/IBMPlexSans-SemiBold.woff
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: f49b1e51af90deec9f6586ef7744350346311391de5729ce0be3cea7fb262acb

Request headers

Referer: https://kp.ua/user/css/main.min-v3.css
Origin: https://kp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 13:56:31 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "5fe0a98f-14380"
x-cache: Miss from cloudfront
content-type: font/woff
accept-ranges: bytes
content-length: 82816
x-amz-cf-id: bO_aGJdAz8wl7suUT2ZlqedMPe-IDR7jQGnUU4Zb933St0leVaLxsg==

GET
H2 200 IBMPlexSans-Medium.woff
kp.ua/user/libs/fonts/ 65 KB
65 KB 160ms
159ms Font
font/woff 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/libs/fonts/IBMPlexSans-Medium.woff
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: a55aec3f4b4e813ac0aeaa0c7b2581118de23cffd24c3aabd695099939cdde64

Request headers

Referer: https://kp.ua/user/css/main.min-v3.css
Origin: https://kp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 13:56:28 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "5fe0a98c-1041c"
x-cache: Miss from cloudfront
content-type: font/woff
accept-ranges: bytes
content-length: 66588
x-amz-cf-id: eh7Q7JHh3TxVgmHbxwWcPCNm5BvpllLsCJnOrW2JKmbmQ8_PdhKraA==

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 video.svg
kp.ua/user/img/article%20stats/ 820 B
1 KB 182ms
182ms Image
image/svg+xml 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/article%20stats/video.svg
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 78242f3f872a4038647d233f2234f17c0782553bd2b1e41d8a0877b6f5ac4dde

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/user/css/main.min-v3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 14:52:29 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "6019672d-334"
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 820
x-amz-cf-id: XQU84BmS4y4fmkTOUXlK3wWuTeae08r3A75PXwIAAgdGP6Etmk8JbA==

GET
H2 200 arrow%20up.svg
kp.ua/user/img/misc/ 929 B
1 KB 182ms
181ms Image
image/svg+xml 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/misc/arrow%20up.svg
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 4d602564b4289004e91ed6c2059106a08e58eb2b625299986c3f2cb7a86e9aec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/user/css/main.min-v3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 14:52:22 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "60196726-3a1"
x-cache: Miss from cloudfront
content-type: image/svg+xml
accept-ranges: bytes
content-length: 929
x-amz-cf-id: _9bM_yGNidQXxzNIRMd-V2e_ovQElg1wj76vpah_6w2FefSn_OTp1Q==

GET
H2 200 arrow%20down.svg
kp.ua/user/img/misc/ 1017 B
821 B 131ms
131ms Image
image/svg+xml 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/user/img/misc/arrow%20down.svg
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: f65323bff0891aa596b5b7d9c72cb25128a6d84ec04af13e6f31b8d73625bd97

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/user/css/main.min-v3.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 14:52:22 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"60196726-3f9"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: image/svg+xml
x-amz-cf-id: VCnrMhByg43LLCKN_lbss6itj-tKFAPjD0LM5HCi9qdrLDJwkcHfvA==

GET
H2 200 Vollkorn-Semibold.woff
kp.ua/user/libs/fonts/ 215 KB
216 KB 160ms
159ms Font
font/woff 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/libs/fonts/Vollkorn-Semibold.woff
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 6abf0456cade46c04db5bef56d50e3f4742557083568776a0f28284f732b1b4b

Request headers

Referer: https://kp.ua/user/css/main.min-v3.css
Origin: https://kp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 13:56:28 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "5fe0a98c-35d00"
x-cache: Miss from cloudfront
content-type: font/woff
accept-ranges: bytes
content-length: 220416
x-amz-cf-id: WEh-ViOlRuGgHQLhlqHM-rcGCLEn72jn0M-0qktlxMy_10rv3X_F_g==

GET
H2 200 IBMPlexSans-Light.woff
kp.ua/user/libs/fonts/ 65 KB
65 KB 170ms
169ms Font
font/woff 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/libs/fonts/IBMPlexSans-Light.woff
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: a96e04b9c5134e9bec89fac588d677ad001bbecf2f9812f51b35d3b9a29b3673

Request headers

Referer: https://kp.ua/user/css/main.min-v3.css
Origin: https://kp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 13:56:28 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "5fe0a98c-1032c"
x-cache: Miss from cloudfront
content-type: font/woff
accept-ranges: bytes
content-length: 66348
x-amz-cf-id: x0UhTNnWpQXfQIF2nBiXKOZzNTviCByF6RPB3IIfSqy_JK5gFp1RUg==

GET
H2 200 Vollkorn-SemiboldItalic.woff
kp.ua/user/libs/fonts/ 179 KB
180 KB 168ms
167ms Font
font/woff 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/libs/fonts/Vollkorn-SemiboldItalic.woff
Requested by: Host: kp.ua
URL: https://kp.ua/user/css/main.min-v3.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: b3e66cc2fccb4ec9b67956701522b792783dd228a9109c698c5aa882a07d33ca

Request headers

Referer: https://kp.ua/user/css/main.min-v3.css
Origin: https://kp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 21 Dec 2020 13:56:28 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "5fe0a98c-2ccf4"
x-cache: Miss from cloudfront
content-type: font/woff
accept-ranges: bytes
content-length: 183540
x-amz-cf-id: _iY7wtj5UUc6Ghcdo_XzBx39OJ9FKvQy5UyWnc6uJ1lFG3tp1Ee0FA==

GET
H2 200 kp-app.js Show response
kp.ua/user/js/ 11 KB
3 KB 169ms
169ms Script
application/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/js/kp-app.js
Requested by: Host: kp.ua
URL: https://kp.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: f6cff9dcf1247a29cff9541be3124d8665e6caa885c7e0193dc1d30ddfed66b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jul 2022 09:24:41 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"62c554d9-2a4e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-amz-cf-id: 9Z9_yQ5nEYFv3tqwe15Zp8GYIWXYbQ1rtPQemJuU7Cm8y0J2DDHj2w==
expires: Thu, 05 Jan 2023 00:33:17 GMT

GET
H2 200 swiper-bundle.min.js Show response
kp.ua/user/js/ 138 KB
36 KB 141ms
140ms Script
application/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/js/swiper-bundle.min.js
Requested by: Host: kp.ua
URL: https://kp.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 2ea11a78e7f50ddedccd7635de443dcd54e610b27c7c210a1ee8c684e0e73f48

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 30 Nov 2020 10:44:53 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"5fc4cd25-2270b"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-amz-cf-id: SM6RbyrCZ2AULxnPdJjurVK5fSYID-24E9ZeExFegqxpI3uBugbXSg==
expires: Thu, 05 Jan 2023 00:33:17 GMT

GET
H2 200 kp-app-v6.js Show response
kp.ua/user/js/ 11 KB
3 KB 140ms
139ms Script
application/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/js/kp-app-v6.js
Requested by: Host: kp.ua
URL: https://kp.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: f6cff9dcf1247a29cff9541be3124d8665e6caa885c7e0193dc1d30ddfed66b1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Wed, 06 Jul 2022 09:24:41 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"62c554d9-2a4e"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-amz-cf-id: uaOm0fyE9cv2CFP5Me31ycVWX3ID1Aa1lVQ4UdSDt6N5tgVOGOhakw==
expires: Thu, 05 Jan 2023 00:33:17 GMT

POST
H2 200 profile Show response
kp.ua/actions/banners/articles_views/ 9 KB
2 KB 184ms
184ms XHR
application/json 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/actions/banners/articles_views/profile
Requested by: Host: kp.ua
URL: https://kp.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 / PHP/7.4.28
Resource Hash: ff2418feac03946087bfe7a1bb4a8453877061101b2de9b54971431e46bed4c4

Request headers

Referer: https://kp.ua/ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
x-powered-by: PHP/7.4.28
x-cache: Miss from cloudfront
pragma: no-cache
last-modified: Tue, 06 Dec 2022 00:33:17 GMT
server: nginx/1.21.6
vary: Accept-Encoding
create-date: Tue, 06 Dec 2022 02:33:17 +0200
content-type: application/json
access-control-allow-origin: https://kp.ua
cache-control: no-cache, post-check=0, pre-check=0
access-control-allow-credentials: true
x-amz-cf-id: KKR4tWztTcSu1JNNas1k5OVAufkQBhkiq_fO0F8_e3_ViaFAKGpOMA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 nprogress.min.js Show response
kp.ua/user/js/ 4 KB
2 KB 140ms
140ms Script
application/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/js/nprogress.min.js
Requested by: Host: kp.ua
URL: https://kp.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 56e852a11b709e61ad947b2a575ad63efc7f5088ca7c18c73f1c3dc7518f7bad

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 16 Nov 2020 09:53:53 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"5fb24c31-100d"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-amz-cf-id: KzOxHRuHZH997yjMadTZKJYgUED7Brcka58epohmsIYvd7AoDrkFug==
expires: Thu, 05 Jan 2023 00:33:17 GMT

GET
H2 200 nprogress.min.css Show response
kp.ua/user/css/ 1 KB
880 B 139ms
138ms XHR
text/css 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/css/nprogress.min.css
Requested by: Host: kp.ua
URL: https://kp.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 07acf5dda025a26dd027c17a49253ece9594d2cf09c87c8f18ac72b30b5969f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 16 Nov 2020 09:53:53 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"5fb24c31-5f4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
x-amz-cf-id: zx-NhmWEbZX2B2GQ55AIbs8oLr2IsBd0FFdES34TY-n25oXLjYPDNQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
202 B 68ms
67ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1709559253&t=pageview&_s=1&dl=https%3A%2F%2Fkp.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96.%20%D0%A1%D1%82%D1%80%D1%96%D1%87%D0%BA%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%20%D0%B7%D0%B0%20%D0%B4%D0%B5%D0%BD%D1%8C%20%7C%20KP.UA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BD%D0%B0%20KP.UA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1081199376&gjid=929291046&cid=749560619.1670286797&tid=UA-2065037-1&_gid=596351641.1670286797&_r=1&_slc=1&z=668215698

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kp.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kp.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lozad.min.js Show response
kp.ua/user/js/ 3 KB
2 KB 104ms
103ms Script
application/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/js/lozad.min.js
Requested by: Host: kp.ua
URL: https://kp.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 3edce34d005dc482173865875381bd5224b5fab5260baf12bf54abbaa7a11143

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 16 Nov 2020 09:53:53 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"5fb24c31-dea"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-amz-cf-id: Qvx8hz8lfW9oCAeFpUXPyeQoU7X5mYQor7beBaCFuae_oZjdDPjQpg==
expires: Thu, 05 Jan 2023 00:33:17 GMT

GET
H2 200 e.js Show response
cdn.umh.ua/libs/ 11 KB
5 KB 194ms
56ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.umh.ua/libs/e.js

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

nginx /

Resource Hash

257ae897eb8307e45ebba08e4b65969625e876e20d3b99c9593f3e5bab3f7db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
last-modified: Fri, 14 Oct 2022 11:29:20 GMT
server: nginx
etag: W/"63494810-2c5c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: X-PINGOTHER
expires: Wed, 07 Dec 2022 00:33:17 GMT

GET
H2 200 branding-v2.js Show response
kp.ua/user/js/ 4 KB
2 KB 76ms
75ms Script
application/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/js/branding-v2.js
Requested by: Host: kp.ua
URL: https://kp.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: b0ee3c44a442dfe5729676138d95a474b894eff54ef44d0c96bae24b18e70253

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Thu, 10 Feb 2022 15:51:50 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"62053496-11f8"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-amz-cf-id: JXELgZHSK4rD9_FsG2hkYALfgUdXsqYoiUkxqFwqYP30cfyO_IN7IA==
expires: Thu, 05 Jan 2023 00:33:17 GMT

GET
H2 200 fslightbox.js Show response
kp.ua/user/js/ 30 KB
10 KB 79ms
75ms Script
application/javascript 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kp.ua/user/js/fslightbox.js
Requested by: Host: kp.ua
URL: https://kp.ua/user/js/sunsite-front.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 355bd4d3f25252820d33d39b3bf8d4163c4fccc889429c48887e74e9951796b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Sun, 18 Oct 2020 16:43:06 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: W/"5f8c709a-79b4"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
cache-control: max-age=2592000
x-amz-cf-id: Q_2qus1lyqyc67Ed92ESLgSW3sbrjUbBwL2c-D2O-BlsL0LNWlHTBQ==
expires: Thu, 05 Jan 2023 00:33:17 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
435 B 280ms
56ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2065037-1&cid=749560619.1670286797&jid=1081199376&gjid=929291046&_gid=596351641.1670286797&_u=IEBAAEAAAAAAACAAI~&z=78647783

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kp.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Dec 2022 00:33:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kp.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 263ms
58ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2065037-3&cid=749560619.1670286797&jid=2109036058&gjid=2008289022&_gid=596351641.1670286797&_u=aGDAgEABAAAAAGAAI~&z=1314019976

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kp.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Dec 2022 00:33:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kp.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 57ms
57ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1709559253&t=pageview&_s=1&dl=https%3A%2F%2Fkp.ua%2Fua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96.%20%D0%A1%D1%82%D1%80%D1%96%D1%87%D0%BA%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%20%D0%B7%D0%B0%20%D0%B4%D0%B5%D0%BD%D1%8C%20%7C%20KP.UA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BD%D0%B0%20KP.UA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgEABAAAAACAAI~&jid=2109036058&gjid=2008289022&cid=749560619.1670286797&tid=UA-2065037-3&_gid=596351641.1670286797&gtm=2wgbu0PVGFCZ&z=2110507340

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 05 Dec 2022 04:41:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 71527
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 274 B
389 B 74ms
74ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=kp.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: a1a7ac51e957cb86fab514cd5e03dd3740bc061aa290b66d7267175de05b0aeb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 274
expires: Thu, 05 Jan 2023 00:33:17 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 2561 5 KB
3 KB 251ms
74ms Document
text/html 145.239.237.56
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS: ip56.ip-145-239-237.eu
Software: GHC /
Resource Hash: 2d43752ecaeabe6d33682e995a97e0f29bdc3accc1320d8f0bcee6d11a117a3a

Request headers

Referer: https://kp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2719
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:33:17 GMT
etag: PRIVATE7520710249
expires: Thu, 05 Jan 2023 00:33:17 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 60_main-v1670254261.webp
kp.ua/img/article/6606/ 12 KB
12 KB 73ms
71ms Image
image/webp 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/img/article/6606/60_main-v1670254261.webp
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: e40864318a44122a34f59776f8d00b97b2d3f0f8c99ac273ef1768e9275c18a8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 15:31:01 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "638e0eb5-2fa0"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 12192
x-amz-cf-id: E7wIwDT0LSH9pYFFiMl4Zxu7cMe4mAs1LVUO3CN_GPMLP9juT0244w==

GET
H2 200 57_tn2-v1670252676.webp
kp.ua/img/article/6606/ 23 KB
23 KB 76ms
74ms Image
image/webp 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/img/article/6606/57_tn2-v1670252676.webp
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 2b6789e74dce4278dc0423a2b0367f3c63e073d190c66fc67ef509bbb88af61c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 05 Dec 2022 15:04:36 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "638e0884-5ba8"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 23464
x-amz-cf-id: N__phPBsWY4M43f0A-0Nx7_E6vUBtdpaur0opGXyFTYPpQIiryeT6w==

GET
H2 200 73_tn2-v1669043239.webp
kp.ua/img/article/6598/ 50 KB
51 KB 76ms
75ms Image
image/webp 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/img/article/6598/73_tn2-v1669043239.webp
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 257e8c42a65928fb19a95847c67503e3a36aff746897168c001201ead9f7d7f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Mon, 21 Nov 2022 15:07:19 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "637b9427-c96c"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 51564
x-amz-cf-id: 0G9Q5b7LVJhEZfhMuutRA5TEsc0dG4vXg-z3jVVoDZCmNuATRPfLMQ==

GET
H2 200 64_tn2-v1670094347.webp
kp.ua/img/article/6605/ 35 KB
36 KB 73ms
72ms Image
image/webp 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/img/article/6605/64_tn2-v1670094347.webp
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: c336850db945271e6de49ccdce0c01c7a6e678398af3c418e5c3badc54c99acc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Sat, 03 Dec 2022 19:05:47 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "638b9e0b-8d90"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 36240
x-amz-cf-id: j3GsPfBLRm9W327xIV97w9YSSsw0Ylx2MZfN4F-d4gKP-7JKjYLNOA==

GET
H2 200 16_tn2-v1669991751.webp
kp.ua/img/article/6605/ 21 KB
21 KB 73ms
72ms Image
image/webp 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/img/article/6605/16_tn2-v1669991751.webp
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 6c114a8d0fa3009e1d2338df5612b153ef0290940a7d50164c16ab1ab4934715

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Fri, 02 Dec 2022 14:35:51 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "638a0d47-531a"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 21274
x-amz-cf-id: JCr_B63wAlFQBy78ePn9jwj6B5gDPC0HJF-zPG1sOQTOAHR_ByPfhQ==

GET
H2 200 86_infographics-v1670149037.webp
kp.ua/img/article/6605/ 58 KB
58 KB 74ms
73ms Image
image/webp 108.138.17.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kp.ua/img/article/6605/86_infographics-v1670149037.webp
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-17-31.fra56.r.cloudfront.net
Software: nginx/1.21.6 /
Resource Hash: 0115e822c7d403eec01458aa5c32c112e539e274c1f3b69dabeea7a09a46a6b3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
via: 1.1 26f61e70ac4b967ea82841cbd2dc7cf0.cloudfront.net (CloudFront)
last-modified: Sun, 04 Dec 2022 10:17:17 GMT
server: nginx/1.21.6
x-amz-cf-pop: FRA56-P7
etag: "638c73ad-e6ec"
x-cache: Miss from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 59116
x-amz-cf-id: DK-xAzdsTUo9FNsS3bQmfnrSr3T03czVdEbpsiDwtGnF0zdNNO_0cA==

GET
H2 200 load Show response
z.cdn.umh.ua/ 1 KB
1 KB 79ms
68ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1748804338&div=zone_1748804338&cw=1600&ch=1200&sr=1600x1200&df=1&bh=3&tl=1049&pl=3&mi=4&me=8&hc=4&n=1670286797715&url=kp.ua%2Fua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96.%20%D0%A1%D1%82%D1%80%D1%96%D1%87%D0%BA%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%20%D0%B7%D0%B0%20%D0%B4%D0%B5%D0%BD%D1%8C%20%7C%20KP.UA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BD%D0%B0&zyx=1257159061
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 6bb8591388bdc97bf66f03d0757685c1404b9ae1ba1ec3f7e343a6f798b73849

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-length: 702
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 2 KB
1 KB 81ms
70ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=2068338569&div=zone_2068338569&cw=1600&ch=1200&sr=1600x1200&df=1&bh=3&tl=1049&pl=3&mi=4&me=8&hc=4&n=1670286797715&url=kp.ua%2Fua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96.%20%D0%A1%D1%82%D1%80%D1%96%D1%87%D0%BA%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%20%D0%B7%D0%B0%20%D0%B4%D0%B5%D0%BD%D1%8C%20%7C%20KP.UA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BD%D0%B0&zyx=1257159061
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: df1bbe1b368b6cfd2802af139bc8c2c4879ca15f5007dd5399c09de313397d05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-length: 918
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 1 KB
1 KB 346ms
335ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1174144716&div=zone_1174144716&cw=1600&ch=1200&sr=1600x1200&df=1&bh=3&tl=1049&pl=3&mi=4&me=8&hc=4&n=1670286797715&url=kp.ua%2Fua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96.%20%D0%A1%D1%82%D1%80%D1%96%D1%87%D0%BA%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%20%D0%B7%D0%B0%20%D0%B4%D0%B5%D0%BD%D1%8C%20%7C%20KP.UA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BD%D0%B0&zyx=1257159061
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 9139c2c50c9e18479ec93c5c77ffc3095868e2a2c8b341388594434417be3c57

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-length: 847
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 2 KB
1 KB 367ms
356ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1831319441&div=zone_1831319441&cw=1600&ch=1200&sr=1600x1200&df=1&bh=3&tl=1049&pl=3&mi=4&me=8&hc=4&n=1670286797715&url=kp.ua%2Fua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96.%20%D0%A1%D1%82%D1%80%D1%96%D1%87%D0%BA%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%20%D0%B7%D0%B0%20%D0%B4%D0%B5%D0%BD%D1%8C%20%7C%20KP.UA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BD%D0%B0&zyx=1257159061
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 7049bc9be47bb159ab6a1f389a35d1500fd5e1c75c00cbc20abfe785e5654f9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: gzip
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-length: 1057
expires: -1

GET
H2 200 mwayss_invocation.min.js Show response
ad.mox.tv/mox/ 29 KB
9 KB 166ms
49ms Script
application/javascript 212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1556&height=300&width=400&tld=kp.ua&ctype=div
Requested by: Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=2068338569&div=zone_2068338569&cw=1600&ch=1200&sr=1600x1200&df=1&bh=3&tl=1049&pl=3&mi=4&me=8&hc=4&n=1670286797715&url=kp.ua%2Fua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96.%20%D0%A1%D1%82%D1%80%D1%96%D1%87%D0%BA%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%20%D0%B7%D0%B0%20%D0%B4%D0%B5%D0%BD%D1%8C%20%7C%20KP.UA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BD%D0%B0&zyx=1257159061
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f58cfda56b062e9b72bf642c7ef744ab84932e1a77d3a32c60db08552cfcb418

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:17 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 11:58:06 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"638896ce-7204"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 06 Dec 2022 01:33:17 GMT

GET
H2 204 smc
z.cdn.adtarget.market/ 0
41 B 155ms
48ms Image
text/plain 212.32.253.229
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.adtarget.market/smc?s=201&u=e8e96ca9528580c1
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 212.32.253.229 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:26:35 GMT
server: nginx

GET
H2 200 kp.ua.1204223.js Show response
jsc.mgid.com/k/p/ 2 KB
1 KB 325ms
218ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/k/p/kp.ua.1204223.js
Requested by: Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1748804338&div=zone_1748804338&cw=1600&ch=1200&sr=1600x1200&df=1&bh=3&tl=1049&pl=3&mi=4&me=8&hc=4&n=1670286797715&url=kp.ua%2Fua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96.%20%D0%A1%D1%82%D1%80%D1%96%D1%87%D0%BA%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%20%D0%B7%D0%B0%20%D0%B4%D0%B5%D0%BD%D1%8C%20%7C%20KP.UA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BD%D0%B0&zyx=1257159061
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2030e591aa5e5bc8795f510835d1406148205077578ad0de9fdb65911ba5269c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
x-amz-version-id: l49yNg9ioEQHB3hZ5I5QYA5KGiEdaXzy
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: R0GX6RM909AYCY4Q
cf-polished: origSize=2328
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: fdGn08jvLJzlVPWPLDL36fTWnW3Kz4w2Uf230hEfa42E9UYj3+sKZkzx+6ExjYu7txIvYnxHIO4=
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 11:50:13 GMT
server: cloudflare
etag: W/"7de1ce15793b579d5732b01f90813adf"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7750ede70a182406-LHR
expires: Tue, 06 Dec 2022 03:33:18 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 186ms
69ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2065037-3&cid=749560619.1670286797&jid=2109036058&_u=aGDAgEABAAAAAGAAI~&z=553993522

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 184ms
68ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2065037-3&cid=749560619.1670286797&jid=2109036058&_u=aGDAgEABAAAAAGAAI~&z=553993522

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 195ms
79ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2065037-1&cid=749560619.1670286797&jid=1081199376&_u=IEBAAEAAAAAAACAAI~&z=1129541344

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 184ms
68ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2065037-1&cid=749560619.1670286797&jid=1081199376&_u=IEBAAEAAAAAAACAAI~&z=1129541344

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1670286797840/
Redirect Chain

https://gaua.hit.gemius.pl/_1670286797840/rexdot.js?l=100&sendf=8&id=.WqVVKd0paG9gXEdrhpca2ZWj55NuYLCTbrLa7y1PXv.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkp....
https://gaua.hit.gemius.pl/__/_1670286797840/rexdot.js?l=100&sendf=8&id=.WqVVKd0paG9gXEdrhpca2ZWj55NuYLCTbrLa7y1PXv.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2F...

169 B
425 B

187ms
187ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1670286797840/rexdot.js?l=100&sendf=8&id=.WqVVKd0paG9gXEdrhpca2ZWj55NuYLCTbrLa7y1PXv.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkp.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=r0CKYKZKGUYKdwsHvWTvqcU5D8IxPD9zpd535YOwVRD.07jsn18A.xdfAcugKLlNTxxZGoFXRXsr_gmyTxGEN6ErZhK3/aZp7hU03s4VoT/&fpdata=vTzahnqd.LiRonjZCZmzEETwN3zLG95EU_tqL5opOdH.R7&ltime=287&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638e8dcd20d91e1b&fpcap=
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 82fd26711dba3986a95b0cf1e570dac2beb954b7b1f885042b0b894b49143340

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:17 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Mon, 05 Dec 2022 00:33:17 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:17 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1670286797840/rexdot.js?l=100&sendf=8&id=.WqVVKd0paG9gXEdrhpca2ZWj55NuYLCTbrLa7y1PXv.O7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkp.ua%2Fua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=r0CKYKZKGUYKdwsHvWTvqcU5D8IxPD9zpd535YOwVRD.07jsn18A.xdfAcugKLlNTxxZGoFXRXsr_gmyTxGEN6ErZhK3/aZp7hU03s4VoT/&fpdata=vTzahnqd.LiRonjZCZmzEETwN3zLG95EU_tqL5opOdH.R7&ltime=287&inner=_ver%3D331%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=638e8dcd20d91e1b&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Mon, 05 Dec 2022 00:33:17 GMT

GET
H2 200 impress Show response
ad.mox.tv/delivery/ 18 KB
10 KB 93ms
93ms XHR
application/json 212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1556&height=300&width=400&tld=kp.ua&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=kp.ua&top_url=https%3A%2F%2Fkp.ua%2Fua%2F&domain=kp.ua&url=https%3A%2F%2Fkp.ua%2Fua%2F&referrer=&async=1&uid=3025217964
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1556&height=300&width=400&tld=kp.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a722879e20307cdabac24c1f1ef72c0d96fd84eaae9ef155ab67774f6e86ab24

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://kp.ua
date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
49 KB 209ms
93ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269

Requested by

Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1174144716&div=zone_1174144716&cw=1600&ch=1200&sr=1600x1200&df=1&bh=3&tl=1049&pl=3&mi=4&me=8&hc=4&n=1670286797715&url=kp.ua%2Fua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8.%20%D0%9E%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%B2%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%96%20%D1%81%D1%8C%D0%BE%D0%B3%D0%BE%D0%B4%D0%BD%D1%96.%20%D0%A1%D1%82%D1%80%D1%96%D1%87%D0%BA%D0%B0%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B0%20%D0%B7%D0%B0%20%D0%B4%D0%B5%D0%BD%D1%8C%20%7C%20KP.UA%20-%20%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%BD%D0%B0&zyx=1257159061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b3054f18bc277fdc3c12ad4108d51cde0e0867d285dc91bfe5292d07be8c10f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kp.ua/
Origin: https://kp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49172
x-xss-protection: 0
server: cafe
etag: 11973317529248707929
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 00:33:18 GMT

GET
H2 200 swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 15 KB
4 KB 190ms
91ms Stylesheet
text/css 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1556&height=300&width=400&tld=kp.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1522025
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01FMS6ZV1X9W2C591EFZRSFWG9
server: cloudflare
etag: W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7750ede8a946775c-LHR

GET
H2 200 achernar.min.js Show response
ad.mox.tv/js/achernar/ 11 KB
4 KB 50ms
49ms Script
application/javascript 212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/achernar.min.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1556&height=300&width=400&tld=kp.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 14:47:09 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6213a5ed-2b1e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 06 Dec 2022 01:33:18 GMT

GET
H2 200 prebid.js Show response
ad.mox.tv/js/achernar/ 316 KB
101 KB 56ms
55ms Script
application/javascript 212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/prebid.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1556&height=300&width=400&tld=kp.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0a8f7efbd95f4afdbade77c4e5d33f9b340e23e262c59791121c00547cc96cee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: gzip
last-modified: Mon, 28 Nov 2022 15:58:34 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6384daaa-4f0f0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 06 Dec 2022 01:33:18 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 190ms
68ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1556&height=300&width=400&tld=kp.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

368efa57daae391de6f253828bf520217a86aa9f2e50d79a28e259fa746b769b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27555
x-xss-protection: 0
server: sffe
etag: "1413 / 521 of 1000 / last-modified: 1670286137"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 06 Dec 2022 00:33:18 GMT

GET
H2 200 swiper-bundle.min.js Show response
unpkg.com/swiper@7.3.0/ 132 KB
38 KB 160ms
62ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1556&height=300&width=400&tld=kp.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 20957720
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01G01TS0GJZHZ5Y8Q46NK69036-lhr
server: cloudflare
etag: W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7750ede8a947775c-LHR

GET
H2 200 mwayss_invocation.min.css
ad.mox.tv/mox/ 3 KB
850 B 167ms
167ms Stylesheet
text/css 212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1556&height=300&width=400&tld=kp.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 magic.png
bgstats.mox.tv/ 0
66 B 168ms
62ms Image
image/png 167.71.9.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgstats.mox.tv/magic.png
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 0
content-type: image/png

GET
H3 200 kp.ua.1204223.es6.js Show response
jsc.mgid.com/k/p/ 261 KB
75 KB 116ms
59ms Script
text/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/k/p/kp.ua.1204223.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/p/kp.ua.1204223.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ddd5749b936362540a30130bd4ddd89c4d0f9d2c6528fa1ec8fc9ac554b441d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
x-amz-version-id: Vx0QLLzmmINY4WjyxcTnhO4U4fU_SyQr
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 44SK2FXSWSXM160P
age: 1695
cf-polished: origSize=267118
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: WUGNC4AlthVMXo1fCN/fuu1zgne85eddmdvaCng7Xlvx+KKcroJfn6VZ1FMxB7jlwLQCIigb0+4=
cf-bgj: minify
last-modified: Wed, 23 Nov 2022 11:50:13 GMT
server: cloudflare
etag: W/"9a4f49a7d0c8c3c0b23d35431afef9e8"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 7750ede91c4776d1-LHR
expires: Tue, 06 Dec 2022 03:33:18 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://kp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 pubads_impl_2022120101.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
131 KB 178ms
56ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 20:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133241
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 09:36:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 05 Dec 2023 20:42:13 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 460 B
807 B 187ms
66ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kp.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b8ab072246953a7c76adb4040a13143e6a32353153d188e8d5306afd06a7144

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 172
x-xss-protection: 0
expires: Tue, 06 Dec 2022 00:33:18 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/ 355 KB
117 KB 217ms
102ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3755662197386269&plah=kp.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa3186a93faa47c2c30ba85a680582f48e5481ac2c17ae1ffab47035aa5b1993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119785
x-xss-protection: 0
server: cafe
etag: 745921610843746155
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 00:33:18 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/ Frame CEA7 10 KB
5 KB 169ms
53ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 67132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 05:54:26 GMT
etag: 10353107486223812946
expires: Mon, 19 Dec 2022 05:54:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
BLOB 200
OK 009848fa-9cfe-4155-acc1-140ba4044336
https://kp.ua/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kp.ua/009848fa-9cfe-4155-acc1-140ba4044336
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 09cb463e-5eb6-42d0-8c67-86fd4e7f6b1a
https://kp.ua/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kp.ua/09cb463e-5eb6-42d0-8c67-86fd4e7f6b1a
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 / Show response
c.mgid.com/pv/ 0
43 B 138ms
129ms Script
text/plain 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1670286798476993430725&uniqId=184ce&lct=1669161600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fkp.ua%2Fua%2F&lu=https%3A%2F%2Fkp.ua%2Fua%2F&sessionId=638e8dce-08dc6&pageView=1&pvid=184e4d9ee8cb268b0b3&site=423240&implVersion=11&dpr=1&tfre=1434
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/p/kp.ua.1204223.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7750edeaae102406-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content a07c39f5-361e-4333-9927-84faa5829c9c
https://kp.ua/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://kp.ua/a07c39f5-361e-4333-9927-84faa5829c9c
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 60ms
51ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1SAKNE8T99VM7FFV
age: 5804
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7750edeabe1e2406-LHR
expires: Wed, 07 Dec 2022 00:33:18 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
810 B 65ms
57ms Image
image/svg+xml 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YX26RVNEGW9X6AWK
age: 5804
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 7750edeabe1d2406-LHR
expires: Wed, 07 Dec 2022 00:33:18 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1204223/ 1 KB
986 B 82ms
73ms Script
application/x-javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1204223/1?pv=5&cbuster=167028679854039527956&uniqId=184ce&lct=1669161600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=300&h=250&maxw_1=300&maxh_1=250&ident_p=true&cols=1&ref=&cxurl=https%3A%2F%2Fkp.ua%2Fua%2F&lu=https%3A%2F%2Fkp.ua%2Fua%2F&sessionId=638e8dce-08dc6&pageView=1&pvid=184e4d9ee8cb268b0b3&implVersion=11&dpr=1&tfre=1498
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/p/kp.ua.1204223.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a18a999a91b0693ad617378854df4df6ebec25b955d98a233d20e119694dc5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 7750edeb0e7f2406-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy8xMjUzMDgvMWQxZTAxY2RlZjhjYjBhM...
s-img.mgid.com/g/12509614/492x277/-/ 18 KB
18 KB 151ms
52ms Image
image/webp 2606:4700:1::6813:854e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/12509614/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wMy8xMjUzMDgvMWQxZTAxY2RlZjhjYjBhMmE0ZDVhYzY1ZDgzYzgzMDgucG5n.webp?v=1670286798-rE4L0ctatceA_F4VTEeZ4DFn1dprplXjt6j8L3iydos
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:854e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c7a56be98c849fca49ea4533ff11f4dc2ba179e41ca3513f8701b12a16ab7ec

Request headers

Referer: https://kp.ua/
Origin: https://kp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
cf-cache-status: HIT
last-modified: Mon, 28 Mar 2022 08:46:53 GMT
x-mg-request-uuid: ee9de42a-4939-450d-8ac2-7373d23b1e46
server: cloudflare
age: 2325855
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 7750edec2f1f887f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18366

GET
H2 200 i.js Show response
cm.mgid.com/ 0
101 B 137ms
128ms Script
application/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1670286798632408135937
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/p/kp.ua.1204223.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7750edebaf262406-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 3284 0
37 B 130ms
129ms Script
application/javascript 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1670286798648761538998
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/p/kp.ua.1204223.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:18 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 7750edebaf362406-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 57 KB
17 KB 144ms
54ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/k/p/kp.ua.1204223.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 24 Nov 2022 12:48:29 GMT
server: cloudflare
x-amz-request-id: 9SHTZ39MVX4VT3XH
age: 1059
etag: W/"9ee82d693d1e83b3a37ee20226716f78"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 7750edec4ac0dd86-LHR
x-amz-id-2: NbEDnPUi2gQRZ5kO/ICzpdo6MeE0Dl5cwVyo3/tYkGJB4XeAlSpFN5l9jdlSk0idXwTgW4bbHdg=

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 208ms
66ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=kp.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 188ms
66ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kp.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
10 KB 368ms
259ms XHR
text/plain 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3761264670364495&correlator=2442887622845596&eid=31070909%2C21065725%2C31065825&output=ldjh&gdfp_req=1&vrg=2022120101&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_kp.ua_banner_S&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=464993232&sfv=1-0-40&prev_scp=mt_fln%3D0.8&sc=1&cookie_enabled=1&abxe=1&dt=1670286798722&lmt=1670286719&dlt=1670286797044&idt=1633&adxs=-150&adys=1208&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fkp.ua%2Fua%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=516&ohw=1600&ga_vid=749560619.1670286797&ga_sid=1670286799&ga_hid=1709559253&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48fb24186993aec6701db4b5404b6f5d393ffb6fad1539d1ac7d32611c798f0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10246
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kp.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 909F 6 KB
3 KB 201ms
65ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:33:18 GMT
expires: Wed, 06 Dec 2023 00:33:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 377 B
691 B 180ms
65ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kp.ua&callback=_gfp_s_&client=ca-pub-3755662197386269&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3755662197386269&plah=kp.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b55ecafc0fa08b41be5cc60fdf8a47ee9ac8b73caee6bf60570d3a704dbecb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 90ms
90ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fkp.ua%2Fua%2F&tn=HEADER&cls=header&ign=false&pw=1600&ph=1200&x=0&y=139.2

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8E0D 0
19 B 207ms
98ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1670286719&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fkp.ua%2Fua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670286798368&bpp=4&bdt=1324&idt=383&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5487520907343&frm=20&pv=2&ga_vid=749560619.1670286797&ga_sid=1670286799&ga_hid=1709559253&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531705%2C44770880%2C21065725%2C31065825&oid=2&pvsid=3761264670364495&tmod=1138291117&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=402

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:33:18 GMT
expires: Tue, 06 Dec 2022 00:33:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C90E 114 KB
41 KB 474ms
372ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=8892904890&adk=2177230830&adf=1512214346&pi=t.ma~as.8892904890&w=728&lmt=1670286719&format=728x90&url=https%3A%2F%2Fkp.ua%2Fua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670286798372&bpp=1&bdt=1329&idt=402&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5487520907343&frm=20&pv=1&ga_vid=749560619.1670286797&ga_sid=1670286799&ga_hid=1709559253&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531705%2C44770880%2C21065725%2C31065825&oid=2&pvsid=3761264670364495&tmod=1138291117&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mBxLOytJob&p=https%3A//kp.ua&dtd=406

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da880aa090035237f6cc102265a289b27975e054ff4b9082ac308dd78f0f095d

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPW9yprf4_sCFSPjEQgdJC4JkA&gqi=zo2OY-jPN4yM9u8PrO672A0&layout=/sadbundle/%24csp%253Der3%24/12406491265686199930/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 42330
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPW9yprf4_sCFSPjEQgdJC4JkA&gqi=zo2OY-jPN4yM9u8PrO672A0&layout=/sadbundle/%24csp%253Der3%24/12406491265686199930/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:33:19 GMT
expires: Tue, 06 Dec 2022 00:33:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8A36 79 KB
26 KB 861ms
764ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=2247890902&adk=2732461197&adf=4266451336&pi=t.ma~as.2247890902&w=300&lmt=1670286719&format=300x600&url=https%3A%2F%2Fkp.ua%2Fua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670286798374&bpp=1&bdt=1330&idt=407&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5487520907343&frm=20&pv=1&ga_vid=749560619.1670286797&ga_sid=1670286799&ga_hid=1709559253&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531705%2C44770880%2C21065725%2C31065825&oid=2&pvsid=3761264670364495&tmod=1138291117&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kusYUoQh2J&p=https%3A//kp.ua&dtd=409

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ccda109437b9ee0f59c44797bd6793facfe13d0ca8bfd9384ce3e2a825869a4

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COe1yprf4_sCFcfVEQgd6DsPog&gqi=zo2OY4PTN43G7_UP3pqDsAw&layout=/sadbundle/%24csp%253Der3%24/4687128324995022848/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 26947
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COe1yprf4_sCFcfVEQgd6DsPog&gqi=zo2OY4PTN43G7_UP3pqDsAw&layout=/sadbundle/%24csp%253Der3%24/4687128324995022848/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:33:19 GMT
expires: Tue, 06 Dec 2022 00:33:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
392 B 192ms
60ms XHR
application/json 141.95.33.111
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.33.111 , Germany, ASN16276 (OVH, FR),

Reverse DNS

ns3203177.ip-141-95-33.eu

Software

Resource Hash

dbb1afe98bb3e59cd9a3cd569b0d21658fc21fa539d74aa051e3e78ec75f8cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://kp.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kp.ua
date: Tue, 06 Dec 2022 00:33:18 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 34 B
199 B 185ms
59ms XHR
application/json 2001:41d0:701:1000::96f
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::96f , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 6d25b3bba5ac544f6164f8b8d0d57b02da45347818baf1be0feca3a78bd6c7a7

Request headers

Referer: https://kp.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kp.ua
date: Tue, 6 Dec 2022 00:33:19 GMT
content-length: 34
vary: Origin
content-type: application/json

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
615 B 189ms
61ms XHR
application/json 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

17edd397d1df4bb4d22f548664030a9a5ca6bb5c8114776746bfb706e8b50a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://kp.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kp.ua
date: Tue, 06 Dec 2022 00:33:19 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 container.html Show response
036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C18A 6 KB
3 KB 172ms
57ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:33:18 GMT
expires: Wed, 06 Dec 2023 00:33:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 56ms
55ms Image
text/html 212.8.250.83
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=c01KcDQxeEUwbElxbTNJUFlWZkthSzNXcmVzMWRrd1hZSzFBZm96c1RjNUtiSnlkQ1RQMXl1TlF3Nis3c0lKKzczODhZZ1lTMGpDcExUUDRlQkhmbVlvbGRvdXZuRFpJOFpEd2pSTmsrdFNpV1ZFWENhVTByMHUweVFKTEJ4a3BPVDc3NnlmcGVNT0dMWVpwaHcvWG8vRHhKWG5KWUtxZFBwelpnNzYyUUoyMWVabjN5UUhnUkhEZ1FtM1NkdklYQlNlZHBZbCthSXBLRGw3ajVmVVppTG03SzF3K2lZS1VpcWFMTmtTODBzZW1IdmIvN2dNQm5Ua0htTWhQZE1JRA%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: kp.ua
URL: https://kp.ua/ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 06 Dec 2022 00:33:19 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 45E9 20 KB
6 KB 252ms
130ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=8892904890&adk=2177230830&adf=1512214346&pi=t.ma~as.8892904890&w=728&lmt=1670286719&format=728x90&url=https%3A%2F%2Fkp.ua%2Fua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670286798372&bpp=1&bdt=1329&idt=402&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5487520907343&frm=20&pv=1&ga_vid=749560619.1670286797&ga_sid=1670286799&ga_hid=1709559253&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531705%2C44770880%2C21065725%2C31065825&oid=2&pvsid=3761264670364495&tmod=1138291117&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mBxLOytJob&p=https%3A//kp.ua&dtd=406

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 300258
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 4775
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 13:09:01 GMT
expires: Sat, 02 Dec 2023 13:09:01 GMT
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C90E 0
0 103ms
102ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COY2szo2OY_WeOKPGx_APpNykgAnk9JHfbcnPk-y-ELKS5IbqNxABIMbgi3lglQKgAbKKwaoByAEJqQIaHB-mdbioPqgDAcgDSKoEwgFP0DvPCyGsny9lvUf2_HKDptIZ940o0lSqHbUTaK3d2O6X6bTse-UkG3lsJ687IX00KZ-RmZ74NkvZRQJ6y4tGuMhMzLi9V-lq42UTiwozE4w5MG4o0oJBnpbZHomXozr36tydoa28i4aKuflbpQ99uCiXStLDhTgNmKmdbIP5J_2Lx3OH_86pR1zaBYm5GgfEY5_NpFw4c9avZ1BpiEVXfxsqQGcbhbiibc9QSI98a035_CDnTam904MZNp3WWzh8HcAEn4fMoKIEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7b1vtUCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQgbEb0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwHYEwzQFQGYFgGAFwGyFxwKGggAEhRwdWItMzc1NTY2MjE5NzM4NjI2ORgA&sigh=dKW8jZ5pDXU&uach_m=[UACH]&cid=CAQSGwDq26N9J6c3ZtANvUPQdDeBmCgLgQtdwM_fUxgBIBM&template_id=419

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=8892904890&adk=2177230830&adf=1512214346&pi=t.ma~as.8892904890&w=728&lmt=1670286719&format=728x90&url=https%3A%2F%2Fkp.ua%2Fua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670286798372&bpp=1&bdt=1329&idt=402&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5487520907343&frm=20&pv=1&ga_vid=749560619.1670286797&ga_sid=1670286799&ga_hid=1709559253&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531705%2C44770880%2C21065725%2C31065825&oid=2&pvsid=3761264670364495&tmod=1138291117&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mBxLOytJob&p=https%3A//kp.ua&dtd=406
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Dec 2022 00:33:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Dec 2022 00:33:19 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F8C0 624 B
246 B 68ms
66ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIY2Ybo2gEwAQ&v=APEucNXtiuPOW8oRNU6wB1dtfZSodrJLRlVRXqQNEh3LwrBM0QXea8JW8ZwZTQga9n8RcEw3zWDcmLohsI6jvClXw-wWSQhAYfBMkz9LSJHQ3i4SjC1Jhs0AAdm4qYLAqmJQVZq06mlYKBQGbQOjvDndxcbE7H4_qbaZlckrd3c5OtPEt-V0fNo

Requested by

Host: 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com
URL: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:33:19 GMT
expires: Tue, 06 Dec 2022 00:33:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C18A 76 KB
27 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com
URL: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27387
x-xss-protection: 0
server: cafe
etag: 15442950961169408521
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 06 Dec 2022 00:33:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C18A 42 B
63 B 93ms
91ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BC2-oro9EaK0OhrKgOpil2ZoV9ImilxAfThG7aULl50DNJoAUU5xnmnNV93Pu7wdtY_cMIptvkgEIsheoKfCx6loiOzR106HIT9yLAKrptC2RdrA0

Requested by

Host: 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com
URL: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C18A 0
20 B 93ms
91ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16542350916838913424&x=1&ct=76

Requested by

Host: 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com
URL: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame C18A 3 KB
1 KB 231ms
124ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Requested by

Host: 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com
URL: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 01:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 01:13:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame C18A 18 KB
7 KB 171ms
65ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com
URL: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 01:31:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 01:31:24 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C18A 153 KB
47 KB 214ms
98ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com
URL: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 00:33:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame C18A 23 KB
9 KB 179ms
73ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js

Requested by

Host: 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com
URL: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 01:13:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83987
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9421
x-xss-protection: 0
server: cafe
etag: 8437175705735068947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 01:13:32 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame C90E 23 KB
10 KB 161ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 11:25:31 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C90E 3 KB
1 KB 231ms
127ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 20:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 20:57:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C90E 18 KB
7 KB 219ms
116ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 11:25:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C90E 153 KB
47 KB 184ms
72ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 00:33:19 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F8C0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDoKX57-2PXSyJfY6cMCnY&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDoKX57-2PXSyJfY6cMCnY&google_cver=1&C=1

43 B
766 B

55ms
54ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKDoKX57-2PXSyJfY6cMCnY&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIY2Ybo2gEwAQ&v=APEucNXtiuPOW8oRNU6wB1dtfZSodrJLRlVRXqQNEh3LwrBM0QXea8JW8ZwZTQga9n8RcEw3zWDcmLohsI6jvClXw-wWSQhAYfBMkz9LSJHQ3i4SjC1Jhs0AAdm4qYLAqmJQVZq06mlYKBQGbQOjvDndxcbE7H4_qbaZlckrd3c5OtPEt-V0fNo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Dec 2022 00:33:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 06 Dec 2022 00:33:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEKDoKX57-2PXSyJfY6cMCnY&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F8C0
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y46Nz6u5MFhml.eEI3kbRgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP-wwhUSGk9-wQhaQb6a_aY&google_cver=1&google_hm=2

43 B
766 B

58ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP-wwhUSGk9-wQhaQb6a_aY&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIY2Ybo2gEwAQ&v=APEucNXtiuPOW8oRNU6wB1dtfZSodrJLRlVRXqQNEh3LwrBM0QXea8JW8ZwZTQga9n8RcEw3zWDcmLohsI6jvClXw-wWSQhAYfBMkz9LSJHQ3i4SjC1Jhs0AAdm4qYLAqmJQVZq06mlYKBQGbQOjvDndxcbE7H4_qbaZlckrd3c5OtPEt-V0fNo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Dec 2022 00:33:19 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP-wwhUSGk9-wQhaQb6a_aY&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F8C0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOqCkqBtaHmOc4fNaXwmeSs&google_cver=1

43 B
1016 B

124ms
55ms

Image
image/gif

185.89.210.82
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOqCkqBtaHmOc4fNaXwmeSs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMD3swEQjZbF1wIY2Ybo2gEwAQ&v=APEucNXtiuPOW8oRNU6wB1dtfZSodrJLRlVRXqQNEh3LwrBM0QXea8JW8ZwZTQga9n8RcEw3zWDcmLohsI6jvClXw-wWSQhAYfBMkz9LSJHQ3i4SjC1Jhs0AAdm4qYLAqmJQVZq06mlYKBQGbQOjvDndxcbE7H4_qbaZlckrd3c5OtPEt-V0fNo

Protocol

HTTP/1.1

Server

185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 06 Dec 2022 00:33:19 GMT
AN-X-Request-Uuid: 90e2ed66-fc06-4165-806e-0701b89762da
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOqCkqBtaHmOc4fNaXwmeSs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F8C0
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1NDA5MjMyOTAwNjEyMjMyNA%3D%3D

170 B
188 B

188ms
73ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1NDA5MjMyOTAwNjEyMjMyNA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 06 Dec 2022 00:33:19 GMT
AN-X-Request-Uuid: e524837f-7c17-4ff1-8241-a4ca19257119
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1NDA5MjMyOTAwNjEyMjMyNA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C18A 0
20 B 91ms
91ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4901378051570&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C18A 0
20 B 90ms
90ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4901378051570&version=m202209210101&ct=76&x=1&cor=16542350916838914000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C18A 80 KB
34 KB 92ms
91ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2vwLUrOL9gygCf3wB_zt6druihIoKh3Fv_eoVHlfvJBf4waXmtodya1oJNptVxkyg8BIe6_h6s5KeJj3RITm4cyVY2g&cry=1&dbm_d=AKAmf-Bdgg3iDwQwqnWirFBdXNpg807LMjCxtzag50qMZrvaJ9AYN7Z68PZ8GdjKQmQ7TkitF2v-fzU9clzHjzKr41LOiFRGzxWnX__0_LRGXYQjcwj3Cwz6NWFu5ZWDPVOz01HaSgjW7ltTb4XHzLkxaLBsTthYu7CdE9tytP5_nKO7g2ouj8Ov_F15H_Mx27Cm4O0fQGFQEQKSoLVaF-R7oaDVV3mGT9MEJ6GsjtF3bXxsk1XwfhByE-npcR2cLBEbfCsII7nQ30sNPbW3eQFNUGFi4hBpWf_QVO21mkwywYnGnkZodTSOuFTaYZBZtxYQqUttsROk0w5_OnR8V8PFOhouPd1McjA04UFRSYATRkxRfdK3uCh3f2JAPim7dI9r4FP4xpsX9UK5ULRSwsbJOxgFuhtXQv7qQuF2nYKCpGFs-jd1BwdfE5ZMQl6Wp-cNo9UGz6foeD4OREXepEAM1S0MKZane8O3rtUs5xEsIyEz9esU0sEU2FoQbjRQiO6teCY7IMwgEnhYe6OmJoH_dqM_kSjqHmuJGJPwgS9MPBDKW_4LRI_IEbpNxxp2TbUfde2GUghgRk_viNx0eAcAhL1RY972Jhd2hvzl9fSrMM6lGmVAAf43jtIxlX1byaqm3ZRkcUX8C0PkObqRTRnHWnslP3y9RGLnpFb17d1tOGWukGASN0DFMtxtMUNWrhbcUXSXY6B1OxOpxwFi8lyqf3JhmqA7fg0qcf98tEk7DAWawTFIQsp13I6q9isDOhunkEkLu3JkGjycuAnmoXfjs6eGsRGmmXrmi6t5eGjHOwN8MDoJKkA5l1N9cOE-5oGW1QXLsd21Ia73fH3hx1qlHqaetorHusSqbON49-xUY17SCDedskG0ICh03enEHIUdgFGRFmsFyi2ZLfO-k0TKKZCj5dgyNSNH9bI3su1sWydDfxwY9JSmDWMV3ZAoNu-Y2socpdx5K2xGtwutA7n30aLMwCdXUDb2EP2STmbLrLF9BOsDCH0dL46YMrhdYohTDQgYaq45LaJwvefkH09w-TWAzYdoUW0rY6mQEICeBB2wDwZFQjJ8BUSGm0ZRWKA8BcoykTSxPSnXii9xxqWKo3NQgHKtBipqmv2I27M1YqXcoacHpQv4e-g9ii9dXloGcrV04yI7qRjN3MpbR-SwrwE7_oNH1xYzLO96YKyW6X7-dKoaV7BtrXUvndR-_t82t_gncLygxQcFFmMXH6OQYyuGqja5ZRi7zLVP6rECfhe3x4cZoQLpMpzr5iaMp-OYiz92i0pmuoewdq0CV2LnCxdPWyqzOKQA9_QnqgCjdK7BOsw0GEvNGs--XF1sWflL2N6zHAhTzLDsSRWgFIjCxdAM5eq1a6f1tM-QM1kHxEk32Nfz4air4L_1Lw4ISk7-eCgx8M3GZs7Cn9Y4ql_UPcwVNzFR0Pzl4AR4uvBmKawTO9eZ1kTqdBalz5dGEx435FBuk50nAdbtjvBEZ7Y5ZQmJ-O4MoiU_vmRJJ0beqCfZwVCxea75uHErxjZ40Lrdr56tNK8prcyYOZkO2qT7t-oIW8woye5E9evnpTZzqqQJONpO-xn-wqgzYXA08HLm3txQgEWZZkJ2ACxlFQatonSFAYVT3tuYtj8l6gnWC9RGXJxjnON30SnaUUQGDSmUyUtVPhDHkgTjhY7dtOU4y-o9eXjPH_nQzreDouCPUcMjD5TWqTA5Ndg3vi9o007_b_Mxr7nZpno3NcgdoSmvLWVrxgkb6bQ-LdAhsBtBTM26OcqO9GtOzb6A9hQFY_ZsdYQSAQJmYDLYB0KnOYKjtHWIJl1-VJZdJdfM5n1ZaCBUTMP6A-Ce6qoqqFXo8n7AE-DJjPOfbQRuhzDaOfiOwo3PCDEVUuFbrOP5wly_PkeDOo98YD7Ijoc4PYl9Uv53b1HjLgzHmkeBMjVP2wE7ArmJHS3bcd1fXTguKIClw5P6Sxx-gpZtwSRsAuk9iyQAzGDK1ugxPLx0KWx1Oon54kKpLMSA-cTjzjlMWL6zbRyoxAu4Vh-BXSY8PmjKJIulElyXEjaGugzRzwWCNyYMAODWJjIHFPgA32b79CYwzfdYY7DM2Ed4VwNViK0fBvQjDbr2htAmJ9H0LuifuUP6Bmqu-x8S2cUYSGZZKPjnXzgod9MB1_4148YDJcK3qoZD_YbHmhfNcdx8gDiPS6uktyx4rhncjMV8qutw_E3G8sbxZc9nRDAKAq3aqFLLH-ZKXGAPj1_CJe5cS9wZvZvoaFGH7U7IH4NobuJs88UhKnv1F4dzMDGgOw24az6Fb5eJWMxLo4FGjVtT78EQd-zB1c83buskeRBt2YbOTS6R0x9mS5T7tkolo7no3qz2BASw0w1o7ZGRFWCNUa28dew2rwZcpf0krP3s_HvK39P5MUTCbIYiUVlDiDRuO9rPvgScP9CVpV_mwD0_L1gucNGSCBHwERztiG6TWl8b4SOVsGtDC-Cd8oLsRMG_fW1T0WI44nRKXrfOK7z_mG5_rZ_Hnqk5q7ER4ragoJusbFZ9nXIWCiN4H0K7rb0pHPGBGHmYMkcrv8lgL4shjd4oUrt1W1DzjM6i-dZS0jMNb2nlhwMdVG5-Ij2KSSWHyy32jFfR3zqsi48c7J851mHMYqYv3uwAuo3LYq6o_BlsifmrayeR-kO8W1vsVidn-1WuJnRiSnDF9EVgi-pStKMi9r5lyQzdqw9V3fBFluIE8FGshAt_o9s_nzUgNCI7BLTD91UyN4PIxsgOO2BQkLEaWQNp_ZzOums-lWO4WZnQ24gNvKackt8u4co67wdmp_o0ZYDKTkwEvC_rv387VRlGuoaKMc55Xt0qlLfAXfYV62OAB82AGgPf_V121VENLqi2p5nH5siF865IOFOoSbZdMNH8Ns1C46wuxIN5wK66I5IP1bukZJ-21-wR5SAvGnj9BZo7g6VoKX_yHag9yGz8EtKGyaW1IW5krS-bg_lE_X0yZtArYOFtIWcZ5fbPw7BSRZ5OYTyfTC0fmEdCol-LGWugRPJZN8IIJSPhlmrWgpmOuFzEYoqnjMOfeChKqbD6IRLnI73AmYEnC444vF8r7D48o64tqTl5yfWVKxyZXmauLwAeH_R_ZHaKqjhO-x1Eb6pT4SUp0lQhZOvHyOnwV98gfML1TjW0kTrCt7x_hzpiFWpv7nSkJklnvKXHT65JgQNSorlO_KzAnwma3ILtzF76Reh7kGDgGMC9VlG3LT6v4uAIEU0o0lqnGw1hzfUrwWHdmih1Q1ajDDDA949bEw6PbfNfaYtsqdkPTFCHCIa5jf3pzwfbIQsiEZqkH8Uqhj_kouaMph7lpfLaI1ShtWr1-BWldltWYYLOZ-j-aQq7OjBI0X4LsO8&cid=CAQSTADq26N98W6xzPC79WchAnSO__3BhBtaDwIXZpzrOL0LMzXirYLlTF-DCpV4XKN1o-TsxRJ-niuRDSI5QN-OcsHIgmV1REIfnOHX8vkYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fkp.ua%2F&ds=l&xdt=1&iif=1&cor=16542350916838914000&adk=2857193498&idt=77&cac=0&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2076f268be73d397151c1e4b8dcca91bfdb20f5945105677c25ff5251bdbcd4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34804
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2940 143 B
166 B 54ms
53ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=8892904890&adk=2177230830&adf=1512214346&pi=t.ma~as.8892904890&w=728&lmt=1670286719&format=728x90&url=https%3A%2F%2Fkp.ua%2Fua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670286798372&bpp=1&bdt=1329&idt=402&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5487520907343&frm=20&pv=1&ga_vid=749560619.1670286797&ga_sid=1670286799&ga_hid=1709559253&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531705%2C44770880%2C21065725%2C31065825&oid=2&pvsid=3761264670364495&tmod=1138291117&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=mBxLOytJob&p=https%3A//kp.ua&dtd=406
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:28:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C18A 170 KB
59 KB 183ms
53ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
Origin: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 10:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Dec 2022 10:10:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/ Frame C18A 8 KB
3 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2vwLUrOL9gygCf3wB_zt6druihIoKh3Fv_eoVHlfvJBf4waXmtodya1oJNptVxkyg8BIe6_h6s5KeJj3RITm4cyVY2g&cry=1&dbm_d=AKAmf-Bdgg3iDwQwqnWirFBdXNpg807LMjCxtzag50qMZrvaJ9AYN7Z68PZ8GdjKQmQ7TkitF2v-fzU9clzHjzKr41LOiFRGzxWnX__0_LRGXYQjcwj3Cwz6NWFu5ZWDPVOz01HaSgjW7ltTb4XHzLkxaLBsTthYu7CdE9tytP5_nKO7g2ouj8Ov_F15H_Mx27Cm4O0fQGFQEQKSoLVaF-R7oaDVV3mGT9MEJ6GsjtF3bXxsk1XwfhByE-npcR2cLBEbfCsII7nQ30sNPbW3eQFNUGFi4hBpWf_QVO21mkwywYnGnkZodTSOuFTaYZBZtxYQqUttsROk0w5_OnR8V8PFOhouPd1McjA04UFRSYATRkxRfdK3uCh3f2JAPim7dI9r4FP4xpsX9UK5ULRSwsbJOxgFuhtXQv7qQuF2nYKCpGFs-jd1BwdfE5ZMQl6Wp-cNo9UGz6foeD4OREXepEAM1S0MKZane8O3rtUs5xEsIyEz9esU0sEU2FoQbjRQiO6teCY7IMwgEnhYe6OmJoH_dqM_kSjqHmuJGJPwgS9MPBDKW_4LRI_IEbpNxxp2TbUfde2GUghgRk_viNx0eAcAhL1RY972Jhd2hvzl9fSrMM6lGmVAAf43jtIxlX1byaqm3ZRkcUX8C0PkObqRTRnHWnslP3y9RGLnpFb17d1tOGWukGASN0DFMtxtMUNWrhbcUXSXY6B1OxOpxwFi8lyqf3JhmqA7fg0qcf98tEk7DAWawTFIQsp13I6q9isDOhunkEkLu3JkGjycuAnmoXfjs6eGsRGmmXrmi6t5eGjHOwN8MDoJKkA5l1N9cOE-5oGW1QXLsd21Ia73fH3hx1qlHqaetorHusSqbON49-xUY17SCDedskG0ICh03enEHIUdgFGRFmsFyi2ZLfO-k0TKKZCj5dgyNSNH9bI3su1sWydDfxwY9JSmDWMV3ZAoNu-Y2socpdx5K2xGtwutA7n30aLMwCdXUDb2EP2STmbLrLF9BOsDCH0dL46YMrhdYohTDQgYaq45LaJwvefkH09w-TWAzYdoUW0rY6mQEICeBB2wDwZFQjJ8BUSGm0ZRWKA8BcoykTSxPSnXii9xxqWKo3NQgHKtBipqmv2I27M1YqXcoacHpQv4e-g9ii9dXloGcrV04yI7qRjN3MpbR-SwrwE7_oNH1xYzLO96YKyW6X7-dKoaV7BtrXUvndR-_t82t_gncLygxQcFFmMXH6OQYyuGqja5ZRi7zLVP6rECfhe3x4cZoQLpMpzr5iaMp-OYiz92i0pmuoewdq0CV2LnCxdPWyqzOKQA9_QnqgCjdK7BOsw0GEvNGs--XF1sWflL2N6zHAhTzLDsSRWgFIjCxdAM5eq1a6f1tM-QM1kHxEk32Nfz4air4L_1Lw4ISk7-eCgx8M3GZs7Cn9Y4ql_UPcwVNzFR0Pzl4AR4uvBmKawTO9eZ1kTqdBalz5dGEx435FBuk50nAdbtjvBEZ7Y5ZQmJ-O4MoiU_vmRJJ0beqCfZwVCxea75uHErxjZ40Lrdr56tNK8prcyYOZkO2qT7t-oIW8woye5E9evnpTZzqqQJONpO-xn-wqgzYXA08HLm3txQgEWZZkJ2ACxlFQatonSFAYVT3tuYtj8l6gnWC9RGXJxjnON30SnaUUQGDSmUyUtVPhDHkgTjhY7dtOU4y-o9eXjPH_nQzreDouCPUcMjD5TWqTA5Ndg3vi9o007_b_Mxr7nZpno3NcgdoSmvLWVrxgkb6bQ-LdAhsBtBTM26OcqO9GtOzb6A9hQFY_ZsdYQSAQJmYDLYB0KnOYKjtHWIJl1-VJZdJdfM5n1ZaCBUTMP6A-Ce6qoqqFXo8n7AE-DJjPOfbQRuhzDaOfiOwo3PCDEVUuFbrOP5wly_PkeDOo98YD7Ijoc4PYl9Uv53b1HjLgzHmkeBMjVP2wE7ArmJHS3bcd1fXTguKIClw5P6Sxx-gpZtwSRsAuk9iyQAzGDK1ugxPLx0KWx1Oon54kKpLMSA-cTjzjlMWL6zbRyoxAu4Vh-BXSY8PmjKJIulElyXEjaGugzRzwWCNyYMAODWJjIHFPgA32b79CYwzfdYY7DM2Ed4VwNViK0fBvQjDbr2htAmJ9H0LuifuUP6Bmqu-x8S2cUYSGZZKPjnXzgod9MB1_4148YDJcK3qoZD_YbHmhfNcdx8gDiPS6uktyx4rhncjMV8qutw_E3G8sbxZc9nRDAKAq3aqFLLH-ZKXGAPj1_CJe5cS9wZvZvoaFGH7U7IH4NobuJs88UhKnv1F4dzMDGgOw24az6Fb5eJWMxLo4FGjVtT78EQd-zB1c83buskeRBt2YbOTS6R0x9mS5T7tkolo7no3qz2BASw0w1o7ZGRFWCNUa28dew2rwZcpf0krP3s_HvK39P5MUTCbIYiUVlDiDRuO9rPvgScP9CVpV_mwD0_L1gucNGSCBHwERztiG6TWl8b4SOVsGtDC-Cd8oLsRMG_fW1T0WI44nRKXrfOK7z_mG5_rZ_Hnqk5q7ER4ragoJusbFZ9nXIWCiN4H0K7rb0pHPGBGHmYMkcrv8lgL4shjd4oUrt1W1DzjM6i-dZS0jMNb2nlhwMdVG5-Ij2KSSWHyy32jFfR3zqsi48c7J851mHMYqYv3uwAuo3LYq6o_BlsifmrayeR-kO8W1vsVidn-1WuJnRiSnDF9EVgi-pStKMi9r5lyQzdqw9V3fBFluIE8FGshAt_o9s_nzUgNCI7BLTD91UyN4PIxsgOO2BQkLEaWQNp_ZzOums-lWO4WZnQ24gNvKackt8u4co67wdmp_o0ZYDKTkwEvC_rv387VRlGuoaKMc55Xt0qlLfAXfYV62OAB82AGgPf_V121VENLqi2p5nH5siF865IOFOoSbZdMNH8Ns1C46wuxIN5wK66I5IP1bukZJ-21-wR5SAvGnj9BZo7g6VoKX_yHag9yGz8EtKGyaW1IW5krS-bg_lE_X0yZtArYOFtIWcZ5fbPw7BSRZ5OYTyfTC0fmEdCol-LGWugRPJZN8IIJSPhlmrWgpmOuFzEYoqnjMOfeChKqbD6IRLnI73AmYEnC444vF8r7D48o64tqTl5yfWVKxyZXmauLwAeH_R_ZHaKqjhO-x1Eb6pT4SUp0lQhZOvHyOnwV98gfML1TjW0kTrCt7x_hzpiFWpv7nSkJklnvKXHT65JgQNSorlO_KzAnwma3ILtzF76Reh7kGDgGMC9VlG3LT6v4uAIEU0o0lqnGw1hzfUrwWHdmih1Q1ajDDDA949bEw6PbfNfaYtsqdkPTFCHCIa5jf3pzwfbIQsiEZqkH8Uqhj_kouaMph7lpfLaI1ShtWr1-BWldltWYYLOZ-j-aQq7OjBI0X4LsO8&cid=CAQSTADq26N98W6xzPC79WchAnSO__3BhBtaDwIXZpzrOL0LMzXirYLlTF-DCpV4XKN1o-TsxRJ-niuRDSI5QN-OcsHIgmV1REIfnOHX8vkYASAT&dv3_ver=m202209210101&rfl=https%3A%2F%2Fkp.ua%2F&ds=l&xdt=1&iif=1&cor=16542350916838914000&adk=2857193498&idt=77&cac=0&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 00:39:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 00:39:50 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame C18A 29 KB
11 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2eaf6ba223aa3e584c45e61f98c53c8369dfb8f74430f92206d728557a29bf16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 01:09:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84235
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11190
x-xss-protection: 0
server: cafe
etag: 15869917811587367608
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 01:09:24 GMT

GET
DATA 200
OK truncated
/ Frame C90E 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 002ab9d6d8389b30aeb33780d12148199866a37698fff1fa9a27312ff2447dfd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 2940
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
65ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:33:19 GMT
expires: Tue, 06 Dec 2022 00:33:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:33:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 45E9 6 KB
3 KB 171ms
60ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 13:44:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38939
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2551
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 06 Dec 2022 13:44:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 45E9 34 KB
13 KB 167ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 06 Dec 2022 09:40:58 GMT

GET
H3 200 120fb889c9d3d02c8d3dd0555cf62ab3.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 45E9 104 KB
30 KB 186ms
76ms Script
application/x-javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 03 Dec 2022 01:21:22 GMT
age: 256317
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30375
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Dec 2023 01:21:22 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C18A 41 KB
15 KB 258ms
175ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com
URL: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32448
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 15:32:31 GMT

GET
DATA 200
OK truncated
/ Frame C18A 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e755a4f663f9a7305bcdc5064e77b15616c66b07a952532d5605107dbf28cdf8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 1636 728 KB
62 KB 60ms
59ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=2247890902&adk=2732461197&adf=4266451336&pi=t.ma~as.2247890902&w=300&lmt=1670286719&format=300x600&url=https%3A%2F%2Fkp.ua%2Fua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670286798374&bpp=1&bdt=1330&idt=407&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5487520907343&frm=20&pv=1&ga_vid=749560619.1670286797&ga_sid=1670286799&ga_hid=1709559253&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531705%2C44770880%2C21065725%2C31065825&oid=2&pvsid=3761264670364495&tmod=1138291117&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kusYUoQh2J&p=https%3A//kp.ua&dtd=409

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22dc7c8c81b9f9f71547187665865406a2b782c54b0bc43d26f3a823987abd32

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 479737
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 63764
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 11:17:42 GMT
expires: Thu, 30 Nov 2023 11:17:42 GMT
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8A36 0
0 99ms
99ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMxtszo2OY-eWOMerx_AP6Pe8kArzoJDlbcD-lsijEMXUvaTYGhABIMbgi3lglQKgAbrV4-UByAEJqQJHYoK2E5qxPqgDAcgDAqoEvQFP0IUD4wfh738stj0y6Q9qPKjDLcx_bUMVP_TqCa6K2aCaCVsQWcJFI0ueXeyNzhE1rBosghxO_r-FYcupNKaQSnTK7SAL0b_9DSmbXIm0nHlSxrOvDSfeXa0q0cLti3HUWiil7eOzJIS4aFmn1H2NQ7aq65SckDGyybZj-7Tvrx95TmpeZ1BdcEpInAiegvpYkcycbLGn-YyN5Aoq-zpTOMj2vabzVg5jfjS4kkL3nolBemjSQvJM7P89mZjABKqsvJ-YBJIFBAgEGAGSBQQIBRgEoAZdgAeuqpyaAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJPhHtIIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTM3NTU2NjIxOTczODYyNjkYAA&sigh=Sg-M5Nt879Q&uach_m=[UACH]&cid=CAQSGwDq26N9CNDfvRrMRmf4ob37I73efLirQi3znBgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=2247890902&adk=2732461197&adf=4266451336&pi=t.ma~as.2247890902&w=300&lmt=1670286719&format=300x600&url=https%3A%2F%2Fkp.ua%2Fua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670286798374&bpp=1&bdt=1330&idt=407&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5487520907343&frm=20&pv=1&ga_vid=749560619.1670286797&ga_sid=1670286799&ga_hid=1709559253&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531705%2C44770880%2C21065725%2C31065825&oid=2&pvsid=3761264670364495&tmod=1138291117&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kusYUoQh2J&p=https%3A//kp.ua&dtd=409
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Dec 2022 00:33:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B14F 143 B
166 B 54ms
53ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=2247890902&adk=2732461197&adf=4266451336&pi=t.ma~as.2247890902&w=300&lmt=1670286719&format=300x600&url=https%3A%2F%2Fkp.ua%2Fua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670286798374&bpp=1&bdt=1330&idt=407&shv=r20221129&mjsv=m202211290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=5487520907343&frm=20&pv=1&ga_vid=749560619.1670286797&ga_sid=1670286799&ga_hid=1709559253&ga_fc=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1120&ady=261&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531705%2C44770880%2C21065725%2C31065825&oid=2&pvsid=3761264670364495&tmod=1138291117&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=kusYUoQh2J&p=https%3A//kp.ua&dtd=409
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 276
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:28:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8A36 3 KB
1 KB 158ms
157ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 20:57:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 20:57:37 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8A36 18 KB
7 KB 129ms
129ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 11:25:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Dec 2022 11:25:31 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B14F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

68ms
67ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:33:19 GMT
expires: Tue, 06 Dec 2022 00:33:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:33:19 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 1636 6 KB
674 B 181ms
65ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:800,300,600,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a4961c1ae6e8496067150f54acfa06b0026a5525978c24075d5636d33531fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Dec 2022 00:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 23:48:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Dec 2022 00:33:19 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1636 16 KB
6 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 10:31:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50484
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 06 Dec 2022 10:31:55 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1636 34 KB
13 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 09:40:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 06 Dec 2022 09:40:58 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/198363499651877342/ Frame E58A 4 KB
2 KB 184ms
65ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/198363499651877342/300x250.html?e=69&leftOffset=0&topOffset=0&c=Kxp8ZMX4hw&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edfea0617b45f47a5413e58b99da78571d537652817471e1b04c448f347f8861

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1658
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:33:19 GMT
expires: Wed, 06 Dec 2023 00:33:19 GMT
last-modified: Tue, 15 Nov 2022 13:29:51 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C18A 0
0 230ms
99ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXAU6_QEnZKFbnhigKv-nU_6KZA_3gFQAlQCjKL4spfuXX1aTZNHm4jWr35XAYZnDsUTB8z5mDyh1tdbLg6xdFlf1YU4vHdscNbzsfSh9PYUgShGXNZu2BFRbjoLqU0RqDvBtJq1GM6jSeTi67XVR2g1lMh4Z1DupcdrkNfFAKt_y1tNwr5kARi4389k5bE3J5yg4DVXljuUu7VE87stXkSHi890QUM7dyUchcU44DJqSu6DrJmcjRma8j90nErwEaXRtgN6mICcJHoZaZKWltohDS6bcITtOgM6ZlaY3RF-YZBX-5WcD8Mpdi6PAd9F0eeBV9tvfZ-KsXgMMjA0smyYshhzj9jPXpswGqC3vDsIIoAEj-769dgVyEiXzuXsOCl7nOsUu6c9YgdnV15KwRYESj-SfQAgUu53cNjXlIqm6IKIdUsadcOvImLt1VYzRE0VzgCdvUwGOha7K1aeEn-NiRxXItvq3CPXfs1EZ7WExa_CveYhwoUMxVjOEjnp4Ng7kAv_ZtKdeAV5B2Mke8kQsePRzEWymw2rPLrzTLK1Rlbh2Udc5eYEQd3TJzIexTy-2gM0ZyI7x_b7R7yeecnMmcLrLxDkxGK58By2H7t73AZBDyI6meK8hAmYWeRXPhOwvIdwZT31PxtDgdKkP8BrqQv1T8e5VrNCPfKVtXb7J7bXFVZRzpAJaRs8mKFV2H0ib7_Hb0fito3N9K5WLLpfLu1MggbxQAQlFBZgqAPvKC7YIcp-vsTU6dJlivMoYeQDik7izKG-UNeiuBl7fo35YsU7JD7xwyi5AWyEYXp39W2Yy17fI3HgpeR3B_OIpEJ6nynsa6GEoC-1qGxYwxOQx045F4mpDAVjMuaD1UsCO77bLaQhDHhIAwbhIUNV3ImH5NkRiPhV1FesHQls8GwdkQqwriVgscqdczNLUn9iCEYIHrNZnEa0MX0bDuiPtGYyEzOzXm5Z08JHB5CPbhyZIAi6Jn037g3oYIw4PYpx32tENHZlLVDTTwV2kiSuwShy69Bj0wzWHPQ2bGfn68VIUYjOkQ2N-Y9gb34JBHUDcoWPMs7sRZp18BJiWB_gus4gdM9eXMwG1D72kA5RoEFvGoojRPkTQLkF4buqs8ww_4y8AhQeq1fAC62NNs7IOewH5FTe_ns64KeEFP23hQQQiTCMiGkUCO-VrlF3Yql7J0Mo9NXC77ea46PID7etxb-eZXhQOidTmnjVj7CoDxrtg&sai=AMfl-YR6JbbgbuT8Qrnnd_R5KSMwDKBfZd9D1arm3PypiI45m79Uo3BxlcBiF-HPQutxVd2TPEGoBZo2kc_zFCU0_PIbdpCoBmvam1503fsh-h0fuPWP3zIQumaIZryFOEi_QB_3PLafSW_NvNZVOl97dNQUK6Y4y5o_5LrqimwsZl6sOHPH19qsWIBcrQQiXGQND69O0tgkSDXJ6rQBxW27MigRvooYpqYBQLRgrS74eQ5dJlCNfvDjghOeX1OSdqx-34zRXNBiDeZBN9Nd16o12UD4pn469Z5LdLSCC-dcPg&sig=Cg0ArKJSzLVi4RSqN1cXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=290&cbvp=1&cstd=284&cisv=r20221129.90564&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 06 Dec 2022 00:33:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Dec 2022 00:33:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A36 153 KB
47 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 00:33:19 GMT

GET
DATA 200
OK truncated
/ Frame 8A36 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8146463b1fbf37dbbdfdd341a90f8be233eb87d99e5eb9e4b9d23e69689e946d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 45E9 6 KB
1 KB 111ms
64ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/120fb889c9d3d02c8d3dd0555cf62ab3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 06 Dec 2022 00:33:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 06 Dec 2022 00:33:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 06 Dec 2022 00:33:19 GMT

GET
H3 200 7296e22ca20ac6472628647a52a912af.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame 45E9 9 KB
9 KB 62ms
57ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/7296e22ca20ac6472628647a52a912af.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 05 Dec 2022 20:40:02 GMT
x-content-type-options: nosniff
age: 13997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8880
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Dec 2023 20:40:02 GMT

GET
H3 200 0eeebe2aab7fa2fb99c2a447383fb9a6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/ Frame 45E9 9 KB
9 KB 63ms
59ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/media/0eeebe2aab7fa2fb99c2a447383fb9a6.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 03 Dec 2022 02:07:13 GMT
x-content-type-options: nosniff
age: 253566
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9647
x-xss-protection: 0
last-modified: Fri, 25 Nov 2022 19:23:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Dec 2023 02:07:13 GMT

GET
H3 404 undefinedz9njpo
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/ Frame 45E9 43 B
66 B 216ms
212ms Image
image/gif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:20 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Tue, 06 Dec 2022 00:33:20 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F53E 22 KB
8 KB 59ms
59ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 32435
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 15:32:44 GMT
expires: Tue, 05 Dec 2023 15:32:44 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js Show response
pagead2.googlesyndication.com/bg/ Frame F53E 36 KB
15 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 07:04:19 GMT

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 1636 45 KB
46 KB 181ms
57ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:800,300,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 08:23:46 GMT
x-content-type-options: nosniff
age: 317374
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 08:23:46 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E58A 236 KB
63 KB 97ms
97ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/198363499651877342/300x250.html?e=69&leftOffset=0&topOffset=0&c=Kxp8ZMX4hw&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/198363499651877342/300x250.html?e=69&leftOffset=0&topOffset=0&c=Kxp8ZMX4hw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Dec 2022 00:33:20 GMT

GET
H3 200 300x250.js Show response
s0.2mdn.net/sadbundle/198363499651877342/ Frame E58A 53 KB
10 KB 92ms
91ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/198363499651877342/300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/198363499651877342/300x250.html?e=69&leftOffset=0&topOffset=0&c=Kxp8ZMX4hw&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

51a37a01e97923e9220f33dfa476df45a7655d8869763e04712ee148d5a26618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/198363499651877342/300x250.html?e=69&leftOffset=0&topOffset=0&c=Kxp8ZMX4hw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:16:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 321415
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9962
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 13:29:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 07:16:25 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame E58A 118 KB
40 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/198363499651877342/300x250.html?e=69&leftOffset=0&topOffset=0&c=Kxp8ZMX4hw&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/198363499651877342/300x250.html?e=69&leftOffset=0&topOffset=0&c=Kxp8ZMX4hw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 10:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51750
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 06 Dec 2022 10:10:50 GMT

GET
H3 200 clicktag.js Show response
s0.2mdn.net/sadbundle/198363499651877342/ Frame E58A 3 KB
1 KB 82ms
82ms Script
application/x-javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/198363499651877342/clicktag.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/198363499651877342/300x250.html?e=69&leftOffset=0&topOffset=0&c=Kxp8ZMX4hw&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/198363499651877342/300x250.html?e=69&leftOffset=0&topOffset=0&c=Kxp8ZMX4hw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 06:45:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323266
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 995
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 13:29:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 06:45:34 GMT

GET
H2 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 45E9 18 KB
18 KB 101ms
100ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY527LvspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 20:01:53 GMT
x-content-type-options: nosniff
age: 16287
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18688
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 20:01:53 GMT

GET
H2 200 Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 45E9 18 KB
18 KB 130ms
129ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8gN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHY5a67vspYY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 13:54:18 GMT
x-content-type-options: nosniff
age: 211142
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18740
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 13:54:18 GMT

GET
H2 200 Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2
fonts.gstatic.com/s/ibmplexsanscondensed/v13/ Frame 45E9 20 KB
20 KB 144ms
144ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ibmplexsanscondensed/v13/Gg8iN4UfRSqiPg7Jn2ZI12V4DCEwkj1E4LVeHYas8F_olYQtEw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:700|IBM+Plex+Sans+Condensed:500i|IBM+Plex+Sans+Condensed:500|IBM+Plex+Sans+Condensed:600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 10:08:15 GMT
x-content-type-options: nosniff
age: 311105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20496
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:21:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 10:08:15 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C18A 0
0 201ms
91ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXAU6_QEnZKFbnhigKv-nU_6KZA_3gFQAlQCjKL4spfuXX1aTZNHm4jWr35XAYZnDsUTB8z5mDyh1tdbLg6xdFlf1YU4vHdscNbzsfSh9PYUgShGXNZu2BFRbjoLqU0RqDvBtJq1GM6jSeTi67XVR2g1lMh4Z1DupcdrkNfFAKt_y1tNwr5kARi4389k5bE3J5yg4DVXljuUu7VE87stXkSHi890QUM7dyUchcU44DJqSu6DrJmcjRma8j90nErwEaXRtgN6mICcJHoZaZKWltohDS6bcITtOgM6ZlaY3RF-YZBX-5WcD8Mpdi6PAd9F0eeBV9tvfZ-KsXgMMjA0smyYshhzj9jPXpswGqC3vDsIIoAEj-769dgVyEiXzuXsOCl7nOsUu6c9YgdnV15KwRYESj-SfQAgUu53cNjXlIqm6IKIdUsadcOvImLt1VYzRE0VzgCdvUwGOha7K1aeEn-NiRxXItvq3CPXfs1EZ7WExa_CveYhwoUMxVjOEjnp4Ng7kAv_ZtKdeAV5B2Mke8kQsePRzEWymw2rPLrzTLK1Rlbh2Udc5eYEQd3TJzIexTy-2gM0ZyI7x_b7R7yeecnMmcLrLxDkxGK58By2H7t73AZBDyI6meK8hAmYWeRXPhOwvIdwZT31PxtDgdKkP8BrqQv1T8e5VrNCPfKVtXb7J7bXFVZRzpAJaRs8mKFV2H0ib7_Hb0fito3N9K5WLLpfLu1MggbxQAQlFBZgqAPvKC7YIcp-vsTU6dJlivMoYeQDik7izKG-UNeiuBl7fo35YsU7JD7xwyi5AWyEYXp39W2Yy17fI3HgpeR3B_OIpEJ6nynsa6GEoC-1qGxYwxOQx045F4mpDAVjMuaD1UsCO77bLaQhDHhIAwbhIUNV3ImH5NkRiPhV1FesHQls8GwdkQqwriVgscqdczNLUn9iCEYIHrNZnEa0MX0bDuiPtGYyEzOzXm5Z08JHB5CPbhyZIAi6Jn037g3oYIw4PYpx32tENHZlLVDTTwV2kiSuwShy69Bj0wzWHPQ2bGfn68VIUYjOkQ2N-Y9gb34JBHUDcoWPMs7sRZp18BJiWB_gus4gdM9eXMwG1D72kA5RoEFvGoojRPkTQLkF4buqs8ww_4y8AhQeq1fAC62NNs7IOewH5FTe_ns64KeEFP23hQQQiTCMiGkUCO-VrlF3Yql7J0Mo9NXC77ea46PID7etxb-eZXhQOidTmnjVj7CoDxrtg&sai=AMfl-YR6JbbgbuT8Qrnnd_R5KSMwDKBfZd9D1arm3PypiI45m79Uo3BxlcBiF-HPQutxVd2TPEGoBZo2kc_zFCU0_PIbdpCoBmvam1503fsh-h0fuPWP3zIQumaIZryFOEi_QB_3PLafSW_NvNZVOl97dNQUK6Y4y5o_5LrqimwsZl6sOHPH19qsWIBcrQQiXGQND69O0tgkSDXJ6rQBxW27MigRvooYpqYBQLRgrS74eQ5dJlCNfvDjghOeX1OSdqx-34zRXNBiDeZBN9Nd16o12UD4pn469Z5LdLSCC-dcPg&sig=Cg0ArKJSzLVi4RSqN1cXEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=737&vt=11&dtpt=447&dett=3&cstd=284&cisv=r20221129.90564&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 06 Dec 2022 00:33:20 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E58A 7 KB
6 KB 191ms
71ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

358e38cc0dc4a2f5ee31496265bffa318ffb3f6ee408c11c87157aeb1b643572

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5618
x-xss-protection: 0

GET
H3 200 pic1_970x250.jpg
s0.2mdn.net/sadbundle/198363499651877342/ Frame E58A 24 KB
24 KB 57ms
57ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/198363499651877342/pic1_970x250.jpg?1668010836212

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7247880b347e25db7892b899988045163ce93ff7fb086a33f66d9f0b68f70447

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/198363499651877342/300x250.html?e=69&leftOffset=0&topOffset=0&c=Kxp8ZMX4hw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 02:41:18 GMT
x-content-type-options: nosniff
age: 251522
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24784
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 13:29:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 02:41:18 GMT

GET
H3 200 Algovir_Packagings.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 1636 26 KB
26 KB 58ms
57ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Algovir_Packagings.png

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba645c358687e7cd2018456d3691e703613aa27fa2fa2e54d9396cdf4c55b3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 30 Nov 2022 11:17:50 GMT
x-content-type-options: nosniff
age: 479730
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27097
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Nov 2023 11:17:50 GMT

GET
H3 200 Check.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 1636 585 B
395 B 66ms
65ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Check.svg

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f60b30f2c5ddad9a137a0bebdbcdd2df24cf8e1c3f229764e987d72d56aed439

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 01 Dec 2022 23:02:07 GMT
age: 351073
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 23:02:07 GMT

GET
H3 200 CTA_mehr_erfahren_einzeilig.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 1636 5 KB
2 KB 65ms
63ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/CTA_mehr_erfahren_einzeilig.svg

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba07c8aaf4516406fe82ace06334844f851e93b3efb12ef6ee69f190a5c4f67

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 11:18:36 GMT
age: 479684
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1689
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Nov 2023 11:18:36 GMT

GET
H3 200 CTA_mehr_erfahren_zweizeilig.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 1636 4 KB
1 KB 75ms
74ms Image
image/svg+xml 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/CTA_mehr_erfahren_zweizeilig.svg

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66e9c7e2345cb50b8e2eed66f19e4ca73427ec6b96b78ecf9387ad152003474b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 11:18:36 GMT
age: 479684
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1265
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Nov 2023 11:18:36 GMT

GET
H3 200 Bubbles.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 1636 15 KB
15 KB 76ms
75ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Bubbles.png

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42e15b92dfd5ed76464a31a7e57706652db1f05e4287b112170f0f57c3aeb8f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Mon, 05 Dec 2022 17:44:06 GMT
x-content-type-options: nosniff
age: 24554
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15028
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 05 Dec 2023 17:44:06 GMT

GET
H3 200 algovir_Visual_Spruehstoss.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 1636 14 KB
14 KB 66ms
65ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/algovir_Visual_Spruehstoss.png

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21b2c55e517d80205308da0a13befc68d57b05b7f077646058b1b584ee872a5c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 30 Nov 2022 11:17:50 GMT
x-content-type-options: nosniff
age: 479730
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14241
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Nov 2023 11:17:50 GMT

GET
H3 200 algovir_flasche.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 1636 20 KB
20 KB 67ms
66ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/algovir_flasche.png

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45eea5e6944436e8762d9c18bde4591ac33efd2bfbda1ff9d064712cadaa1ce

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 30 Nov 2022 11:17:50 GMT
x-content-type-options: nosniff
age: 479730
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20835
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 30 Nov 2023 11:17:50 GMT

GET
H3 200 Viren.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 1636 8 KB
8 KB 70ms
69ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Viren.png

Requested by

Host: kp.ua
URL: https://kp.ua/ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c08ac4601146baf8c5c89c7ce57be133c9fa8cf02d02904f0a20d57b0d1e99

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Thu, 01 Dec 2022 23:01:50 GMT
x-content-type-options: nosniff
age: 351090
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7856
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 01 Dec 2023 23:01:50 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 155ms
77ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6047b6c83170ddab7b3058ecb2fdf6a529a1f1f5b3b119dd2165c85ee2e7e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11090
x-xss-protection: 0

GET
H3 200 0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js Show response
pagead2.googlesyndication.com/bg/ Frame 45E9 36 KB
15 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 07:04:19 GMT

GET
H3 200 pic2_970x250.jpg
s0.2mdn.net/sadbundle/198363499651877342/ Frame E58A 20 KB
20 KB 63ms
63ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/198363499651877342/pic2_970x250.jpg?1668010836212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbeaaafe79fe94b3df65a0622cd62bb7eb027c7674d0463c42f22ee09e42a905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/198363499651877342/300x250.html?e=69&leftOffset=0&topOffset=0&c=Kxp8ZMX4hw&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 11:37:43 GMT
x-content-type-options: nosniff
age: 219337
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20051
x-xss-protection: 0
last-modified: Tue, 15 Nov 2022 13:29:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 11:37:43 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F53E 0
20 B 94ms
93ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjvQOz42OY_CiGuS6x_APmIKZuAoAAAAAOAHgBAI&bg=!8fKl8rbNAAa7eOFIm3g7ACkAdvg8WkwaEE6JxvAOBGKKWIIiuFdPsl8n8pVccZujIn9OwCt0fNbDmgIAAAC0UgAAAAJoAQeZAt2ytfNcCyumv2zTShYswCbyXr7fT17G1aHX7AyBSx9Gn8sbFQDME4Ogc9MwcOUTrfgGmkd5U-_BgQF68t5BVlwrvEkxFCn7i3_3HKQyQnpLFPRQfQxXAc29qeais98At20Jf8frkAucxW0YyJaV73xO17uLhkp9iCTYTr4PLR4FWZnBl0hLeoeuSusx2mQsAhDIjJxOQr-baSJ_gUtlF6sr1B24qILCUC1ojWTaa7tBzsFPqLEhlVAXSQAXu49LjL1H6BKOMEt_gpzFud2W-nKA6fwecPH4WTX9bpmd7EoWo7MchBXWbtHRFUcwIIJvMrVabGMLJ8-5EK4LP-5XCZr_Bxfu52-Td8q9XiUWu5l3Zi56nJeRyM5RlF99kfojakW8LwTRdzZdHMN3i_AxP-n9R7ZtgXAiok1wWVXtMU6Fa3WN5WKTW_VzLUsu3v-trF3cLYw8_U74L0LMTouCg5NA-F-dx800RkUwYUOSmHM7SV0dUW6kOsDtSfc5RYHx6zfadRii8MYg0OTpZmCWieFrZGkZtQgwPLic6NghTOp0DgRLQFvCx6UdqZTvu7JgLz5QY_UwS20d80Ep--obXjHfDwpJ1FqDk7OPnmQi4YJ2WZo3UwDyiMqv7erj1mlR3VJrJVATN_nPW6qKhDPyEb_eqgCkfJpy1un1V25eqWt_GKr6rkeZQ2pfcZBsMr0i-cZX3zR1xl3Td0cIODrTkgc-CNWBIL4SA6Ay7xsjuZYn-CgmniG1yyTcdqVQZZm63wggmKvyukQivY9_glwPy2XxBnCZPhu8aIIv9OL0-XEAppE626zyYyBUdLe7wAXSRa81kk6ZXtqijxYXO27Ucvx-0ImA1I8_VsbjkBWBkOjHP03fAd8rg2eIILKZ5li5dgkR-LHvEWL0ZYq_mB5OU_n5fYPOSNDEkNDLTk6EifRC1FSxfzTFUpC3IP33pRsM-uvufY0dxC89Q1ISR-Zg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E58A 17 KB
6 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 00:33:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 06 Dec 2022 00:33:20 GMT

GET
H3 200 0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A75 36 KB
15 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 07:04:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F157 13 KB
5 KB 58ms
57ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 12882
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 05 Dec 2022 20:58:38 GMT
expires: Tue, 05 Dec 2023 20:58:38 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 86F6 783 B
534 B 67ms
67ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b5edc2d771afeb820787251abc67a146b27aef70cf961d6b76c71c2351ccfb20

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3meCrFAuJ8qAXxxwCapjYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-3meCrFAuJ8qAXxxwCapjYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 00:33:20 GMT
expires: Tue, 06 Dec 2022 00:33:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C18A 42 B
64 B 97ms
97ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiPuakc_c3KUUNToARfqUhpRk1dovt6xAWegT_Rqg0qkBYzsbrmwFJGh_Ok1AGLVdX72XYHC-54mRaGEogPqvNPn9NluN4yczWcURlZw4fKR1n5fdlOp1XSHYU&sai=AMfl-YSrjeoklj3iqr8IEoa44OAkGvdB3ETpLUp2m3oUyRXuBwjo10pJCD1M---5LLdKjOyIjwNmNdBIvZGisaiMjC1-b2LJfI4j6yuROZu8tpNOk8Jm87RI85ayxZNgOXys0pjC_3UfRIXay9E9M4Im&sig=Cg0ArKJSzPQazlmGHc0ZEAE&cid=CAQSTADq26N98W6xzPC79WchAnSO__3BhBtaDwIXZpzrOL0LMzXirYLlTF-DCpV4XKN1o-TsxRJ-niuRDSI5QN-OcsHIgmV1REIfnOHX8vkYASAT&id=lidar2&mcvt=1010&p=950,0,1200,300&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=464993232&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670286799109&rpt=529&isd=0&lsd=0&met=ce&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C90E 42 B
64 B 94ms
93ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKn0T72zVYYztia_XeL73onQskXm6jJueBJmaindPMAxNkwSVuTt-_FS8xxxmKzDxhDHFzjmm7jVnA9Jikc5XV3M0N8l59mxhxS8DTWl47-RkSACTW0TO9dClDWHiZ2RyP9Fhtsw&sai=AMfl-YTAXqn6IAWyEvxTkx-wsW05ol7N-j08zV3imUjXyAmCNarhlIe5ovXOMbPhMiyTlhV_iWwJeQZ9sb1K92k&sig=Cg0ArKJSzKqBGRcYz9IqEAE&cid=CAQSGwDq26N9J6c3ZtANvUPQdDeBmCgLgQtdwM_fUxgBIBM&id=lidar2&mcvt=1013&p=0,0,90,728&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2177230830&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670286798779&rpt=840&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js Show response
pagead2.googlesyndication.com/bg/ Frame F157 36 KB
15 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0QqkXV7QytCM2yBsJSpYzuW1gkirrTGdWmkSPx9VuYE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:04:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 322141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15764
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 07:04:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 86F6 0
0 91ms
91ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120101&jk=3761264670364495&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F157 0
11 B 57ms
56ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vMPLxg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 00:33:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A36 42 B
64 B 96ms
95ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstZnUJzERRzetxCTvf2sQs6q4LQmm0hz9BRJkEnjqRLvTKCG4g2Gj46OM1FJ9Ab14oT3abiHdOSyrm57WtKVX7C9YVbuf9htcjZFJUSUfrU4yTFZ1i7hZi4pSWaNJz1oNtlQCNJAA&sai=AMfl-YT8H4Y-N8kN2P9ltB-iFptvxdkTQYc-hLnNu5OiMXCbaqGbS2yoQpo1IIHdmePktEkf4Hndd3lNxBXzAIc&sig=Cg0ArKJSzJe8SvtIIp5sEAE&cid=CAQSGwDq26N9CNDfvRrMRmf4ob37I73efLirQi3znBgBIBM&id=lidar2&mcvt=1004&p=0,0,600,300&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2732461197&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670286798784&rpt=1136&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C18A 0
20 B 91ms
91ms Ping
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4901378051570&version=m202209210101&ct=76&x=1&cor=16542350916838914000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 06 Dec 2022 00:33:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
94ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120101&jk=3761264670364495&bg=!z8ylzIjNAAa7eOFIm3g7ACkAdvg8WvJb1ZsPUUSTgJZr_fTbbMVPFjfLETnFm0s1koySN78aN00JkQIAAABTUgAAAAJoAQcKAO3vT596kdPjS-lFJ5n3DpJPU7Zr0gccpnr-S2hWtq_DE6W06tPsEumXXZ4ogxcjEFPKqWprR5HHFq9aHbff4nyH8ZOqM260ULGquvY0Tdjx5ty1dVh5frnYmQrkQKZjCHCqqvsDs9_SY7VK8q71-8gavraQTO36TzgWJOGOjuOOQu56rAPK_NmFy3oBKtXByi-TauVYTL0QGvzaBOelG_kR3a3EhLr6eZEtbbEYc77Ch3uGCBFPI_ziYW_Er5UHPZeqIBmJ-_C33KyIwUDHDvcvyo4bn0b3zvodULlhDFDx41nMqcLb88CrM3RvRlWZAqL0LQFfHxI5AHdAs2gJDecKYiVKvZlclL2jWLTuyuk2xAZ94NA8w4uGFMm5d4yl4_qG3UiZXebOSQFPCkoofyLs0mneDM5mZHN3wF1R-TYQ-PHdeaTOeS7_re9PMSrVgxsEcjLpChFExN0MscGThwkJet955HTV8yc7YAnvJBd7Yak2-_aKTp3aXToMBCtphae9FQpugOGrOdIqRiJoXH_aOE2mLGxfpg5wWywja8EpEuV9iKHl3EOEdB0ZCMvwkxcUk3Ma5auevBfeI7X5B2ag9DTr2j1FyxTx80yQ9diF2HlmEVeP3vlKF-h3U4hVYd2m7WzmXOJZFTWV4dq031CS9XCprUYAAvYsuPpMK_F793AxqcWV2uYsyXJuZux-3KCMd1FdPu5RPfi_h2AmSTQkJxNF_UDbwa9_sr2FvSgWnNMIXKTw0CB5Do_ob3Gdrsj3ap9Lm20sWeS1Qskq-dHXgIkwRsDhrNEvpLssqeBlAEoyFkGdw05_unMZn6x7EiCeNf2QHVrbTSmK2Zm5_qEbwxe3Zb7EgIo2hMAc1T5IiDXQk2lW3S3zPZpowl1eehGcTDIOGL3GZn4qNo-7vWxKNoQ55NZXedM58M5UGhdk6qMApmbfE3VigMR1NzYg6nCkrNNtheMvB92C4BxMxLawiiPaxOtEvSLHaIeuMy_sm4zF5MGEfdtyDCnAi40tQNBuv7nmIbnoZ8slHjdqhApG3cjXxpAN02YoIufHY96YaUxL6dNDxJCBM17AoH63a69V8ILljhUQVz1bgXE4Y0TTA4X4pvhiRGFYheY0mTiWs8FFTd-b_jjoAsGxHZvhNb3McGxTTBAuB5_0IZKFwWP-6ynDYbSX8_PNSgB1w8hg4qipC8ZGu-raxZkFIhNNPMn8bg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kp.ua/	1970-01-20 17:34:06	Name: _ga Value: GA1.2.749560619.1670286797
.kp.ua/	1970-01-20 07:59:33	Name: _gid Value: GA1.2.596351641.1670286797
.kp.ua/	1970-01-20 07:58:06	Name: _gat Value: 1
.kp.ua/	1970-01-20 09:58:06	Name: vs Value: ecd2c286e442ea2a87a9f72afd58dffb
.kp.ua/	1970-01-20 07:58:06	Name: _dc_gtm_UA-2065037-3 Value: 1
.kp.ua/	1970-01-20 17:26:54	Name: __gfp_64b Value: vTzahnqd.LiRonjZCZmzEETwN3zLG95EU_tqL5opOdH.R7\|1670286797
.cdn.umh.ua/	1970-01-20 17:34:06	Name: AU Value: e8e96ca9528580c1
.hit.gemius.pl/	1970-01-20 08:08:11	Name: Gtest Value: KlxrVRXGQMGGHqMFs1h5yKMissGMXP8c25nSGLyEu0StXBG.
ad.mox.tv/	1970-01-20 17:34:06	Name: moxuuid Value: 9099fb27-6e3b-4ab9-87fa-aa92f9607426
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_zone_imp[1556][count] Value: 0
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_zone_imp[1556][frequencyPeriodEnd] Value: 1670373198
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_imp[15938][count] Value: 0
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_imp[15938][frequencyPeriodEnd] Value: 1670373198
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_camp_imp[5063][count] Value: 0
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_camp_imp[5063][frequencyPeriodEnd] Value: 1670373198
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_imp[15939][count] Value: 0
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_imp[15939][frequencyPeriodEnd] Value: 1670373198
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_camp_imp[2293][count] Value: 0
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_camp_imp[2293][frequencyPeriodEnd] Value: 1670373198
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_imp[12354][count] Value: 0
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_imp[12354][frequencyPeriodEnd] Value: 1670373198
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_camp_imp[2135][count] Value: 0
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_camp_imp[2135][frequencyPeriodEnd] Value: 1670373198
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_imp[8817][count] Value: 0
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_imp[8817][frequencyPeriodEnd] Value: 1670373198
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_camp_imp[1955][count] Value: 0
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_camp_imp[1955][frequencyPeriodEnd] Value: 1670373198
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_imp[15941][count] Value: 0
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_imp[15941][frequencyPeriodEnd] Value: 1670373198
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_camp_imp[5064][count] Value: 0
ad.mox.tv/	1970-01-20 07:59:33	Name: _mwayss_camp_imp[5064][frequencyPeriodEnd] Value: 1670373198
.hit.gemius.pl/	1970-01-20 17:26:54	Name: Gdyn Value: KlQhQRMGQMGGHqMFs1h5yKMissGMXP8c25nSGLyEu0StFRxSG7RrGS6GY4GBFlMQYH8W8jBGqSRxSG8.
.mgid.com/	1970-01-20 07:58:08	Name: __cf_bm Value: DfJD_8M4sYbLXoRqIxi9AZcpVqMpO7nNUV48qkgH.cw-1670286798-0-Aa4bs9Cwb/lMHWd8GRr2eDkLzNWXBxG35WrAbCZd2AVWBfzQ8Drb9C1wuzNdipLyc+Hm3otU55CSc+NMVQqi7DE=
kp.ua/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1204223%22%3A%7B%22page%22%3A1%2C%22time%22%3A1670286798626%7D%7D
.kp.ua/	1970-01-20 17:19:42	Name: __gads Value: ID=bbde537c0024c757:T=1670286798:S=ALNI_MYKK36XDyUM1y3udOTUYFcLAlRo-Q
.kp.ua/	1970-01-20 17:19:42	Name: __gpi Value: UID=00000b8e6f139eeb:T=1670286798:RT=1670286798:S=ALNI_MY0O3Kh4c6-dqUAIUi3BBK53aBtcQ
.doubleclick.net/	1970-01-20 17:19:42	Name: IDE Value: AHWqTUnCe8wpmxPLBIvYkMphwSYG5BueJS1xugJlEMrWZWA9YcH4_v6Dq2HRrGUcxIY
.adnxs.com/	1970-01-20 10:07:42	Name: uuid2 Value: 5054092329006122324
.doubleclick.net/	1970-01-20 07:58:07	Name: test_cookie Value: CheckForPermission
.adnxs.com/	1970-01-20 10:07:42	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Uvo2@h!]tbPl1M>e)ZlrFUfJ+tGXxomXq^GR?g@bV^-eOVY=QqL$DE=_/%4lbF9Am3If)y3KL9D3I?+V!zG<
.doubleclick.net/	1970-01-20 07:58:10	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 16:43:42	Name: CMID Value: Y46Nz0MnalLXbcQa7tUBSwAA
.casalemedia.com/	1970-01-20 10:07:42	Name: CMPS Value: 3386
.casalemedia.com/	1970-01-20 10:07:42	Name: CMPRO Value: 3386

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1556&height=300&width=400&tld=kp.ua&ctype=div Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12406491265686199930/undefinedz9njpo Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

036557c917e97c93ef557fb82cb91ac5.safeframe.googlesyndication.com
ad.mox.tv
adservice.google.com
adservice.google.de
bgstats.mox.tv
c.mgid.com
cdn.id5-sync.com
cdn.mgid.com
cdn.umh.ua
cm.g.doubleclick.net
cm.mgid.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
jsc.mgid.com
kp.ua
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
ls.hit.gemius.pl
pagead2.googlesyndication.com
partner.googleadservices.com
s-img.mgid.com
s0.2mdn.net
securepubads.g.doubleclick.net
servicer.mgid.com
stats.g.doubleclick.net
tpc.googlesyndication.com
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
z.cdn.adtarget.market
z.cdn.umh.ua
108.138.17.31
108.138.17.65
141.95.33.111
142.250.186.162
145.239.237.56
162.19.138.120
167.71.9.19
172.217.16.194
185.80.39.216
185.89.210.82
2001:41d0:701:1000::96f
212.32.253.229
212.8.250.83
2606:4700:10::6816:3556
2606:4700:1::6813:854e
2606:4700:1::6813:864e
2606:4700::6810:7aaf
2a00:1450:4001:802::2002
2a00:1450:4001:803::2001
2a00:1450:4001:803::200e
2a00:1450:4001:808::2008
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c00::9d
54.37.238.28
78.159.118.240
002ab9d6d8389b30aeb33780d12148199866a37698fff1fa9a27312ff2447dfd
0115e822c7d403eec01458aa5c32c112e539e274c1f3b69dabeea7a09a46a6b3
07acf5dda025a26dd027c17a49253ece9594d2cf09c87c8f18ac72b30b5969f2
09591867279cfa308e6366b2d6be5033904ef3de3c86b6f89cbe47e3022b7d99
0a8f7efbd95f4afdbade77c4e5d33f9b340e23e262c59791121c00547cc96cee
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
172305a05b27e67353e832b073f3fdcf7260b04eaa326e23eed56e850441056d
17edd397d1df4bb4d22f548664030a9a5ca6bb5c8114776746bfb706e8b50a0e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b8ab072246953a7c76adb4040a13143e6a32353153d188e8d5306afd06a7144
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
2030e591aa5e5bc8795f510835d1406148205077578ad0de9fdb65911ba5269c
2076f268be73d397151c1e4b8dcca91bfdb20f5945105677c25ff5251bdbcd4b
21b2c55e517d80205308da0a13befc68d57b05b7f077646058b1b584ee872a5c
22dc7c8c81b9f9f71547187665865406a2b782c54b0bc43d26f3a823987abd32
257ae897eb8307e45ebba08e4b65969625e876e20d3b99c9593f3e5bab3f7db0
257e8c42a65928fb19a95847c67503e3a36aff746897168c001201ead9f7d7f2
2b6789e74dce4278dc0423a2b0367f3c63e073d190c66fc67ef509bbb88af61c
2d43752ecaeabe6d33682e995a97e0f29bdc3accc1320d8f0bcee6d11a117a3a
2ea11a78e7f50ddedccd7635de443dcd54e610b27c7c210a1ee8c684e0e73f48
2eaf6ba223aa3e584c45e61f98c53c8369dfb8f74430f92206d728557a29bf16
2fe6ee12ffd515c90b60a34da664f3c45362e95f34c0fe7a2cc03999c296752e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
355bd4d3f25252820d33d39b3bf8d4163c4fccc889429c48887e74e9951796b8
35856737a11afe32203ead877b57d30e061b847c1af33045e937f037e62c0fbc
358e38cc0dc4a2f5ee31496265bffa318ffb3f6ee408c11c87157aeb1b643572
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
368efa57daae391de6f253828bf520217a86aa9f2e50d79a28e259fa746b769b
39fae3dc476aaaa594e2c963401633dd5d02eccb3c175eda03912cfe0f91c92e
3a2b4177a16a094db24245ac997425d096abc0f4a522bf64e0c299b7f1dca336
3a4961c1ae6e8496067150f54acfa06b0026a5525978c24075d5636d33531fb0
3b55ecafc0fa08b41be5cc60fdf8a47ee9ac8b73caee6bf60570d3a704dbecb8
3d79f5af8206726ec692d6629f5f06a4e98d1bbdca9a4f071c24e5b35d8c6fae
3edce34d005dc482173865875381bd5224b5fab5260baf12bf54abbaa7a11143
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
41a18a999a91b0693ad617378854df4df6ebec25b955d98a233d20e119694dc5
42e15b92dfd5ed76464a31a7e57706652db1f05e4287b112170f0f57c3aeb8f7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48fb24186993aec6701db4b5404b6f5d393ffb6fad1539d1ac7d32611c798f0a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d602564b4289004e91ed6c2059106a08e58eb2b625299986c3f2cb7a86e9aec
4ddd5749b936362540a30130bd4ddd89c4d0f9d2c6528fa1ec8fc9ac554b441d
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51a37a01e97923e9220f33dfa476df45a7655d8869763e04712ee148d5a26618
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e852a11b709e61ad947b2a575ad63efc7f5088ca7c18c73f1c3dc7518f7bad
5a3816f53964b38ecf5ac165e1f3901d2c41cc1b6ce21477f1cee242538ed8e0
5b66be2f6dc623a44a3173fd7ae71292fbc6b9a827b4a44b4099cfec8004eb6d
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cc4e0d52a098c8ce520699a216c5a937225e2c932ce5e8061cbe0d0c985073
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66e9c7e2345cb50b8e2eed66f19e4ca73427ec6b96b78ecf9387ad152003474b
6847a453292f6db177d022b32b68ec91da611dd1bc18c6e33d26ed726339bc60
6abf0456cade46c04db5bef56d50e3f4742557083568776a0f28284f732b1b4b
6b3e9c721868dc8a1e4dcac101fdde43c6cac413a714fd55e694ed75d3481728
6b4f873f3371bd426336178dfe982cf8366df7592c21738d0e1261e67a0cb2e2
6bb8591388bdc97bf66f03d0757685c1404b9ae1ba1ec3f7e343a6f798b73849
6c114a8d0fa3009e1d2338df5612b153ef0290940a7d50164c16ab1ab4934715
6c7a56be98c849fca49ea4533ff11f4dc2ba179e41ca3513f8701b12a16ab7ec
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6ccda109437b9ee0f59c44797bd6793facfe13d0ca8bfd9384ce3e2a825869a4
6d25b3bba5ac544f6164f8b8d0d57b02da45347818baf1be0feca3a78bd6c7a7
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
7049bc9be47bb159ab6a1f389a35d1500fd5e1c75c00cbc20abfe785e5654f9c
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
71fe56560b9eba788c8ff58e084f24ca95ff3b89aff510345fab96de36ec8101
7247880b347e25db7892b899988045163ce93ff7fb086a33f66d9f0b68f70447
7805d71627acf8deb69d74e852dfadb0673bdf002b0b6bc2ab16799c072c719d
78242f3f872a4038647d233f2234f17c0782553bd2b1e41d8a0877b6f5ac4dde
78631aa2658006d43b70adcf42bfef831d29315d91bfe9e67bb4acd5f9b349e3
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
8146463b1fbf37dbbdfdd341a90f8be233eb87d99e5eb9e4b9d23e69689e946d
81d2ef0dd930d567ef180167aa6254f01c116e78f638120d525dac40d466b8c8
82fd26711dba3986a95b0cf1e570dac2beb954b7b1f885042b0b894b49143340
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85dfc346b89bea0c2b11884407f9f2be0754f39c517ce7152b9417dfa563fcda
8b3054f18bc277fdc3c12ad4108d51cde0e0867d285dc91bfe5292d07be8c10f
9139c2c50c9e18479ec93c5c77ffc3095868e2a2c8b341388594434417be3c57
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
96e296a41a750381387fbeec04ee1bd485d4355a742d3be7dd7836c5613a18ca
975e002ecc3bd3872f2baf77da6a9c6edaecfd5a0c33a1b6329111fb1141ff43
98ba645c358687e7cd2018456d3691e703613aa27fa2fa2e54d9396cdf4c55b3
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9df8e886d451bef4454c5a3af1c5ff64073b6090e63cffe4724f5145635c0fe0
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1a7ac51e957cb86fab514cd5e03dd3740bc061aa290b66d7267175de05b0aeb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a55aec3f4b4e813ac0aeaa0c7b2581118de23cffd24c3aabd695099939cdde64
a722879e20307cdabac24c1f1ef72c0d96fd84eaae9ef155ab67774f6e86ab24
a842670e0c9a10d0c42dc6de87889c6b9de065232e6bf125d5ca43a163f6d9fd
a96e04b9c5134e9bec89fac588d677ad001bbecf2f9812f51b35d3b9a29b3673
abf06691088fd3e48eeca737b56e448a96b06b1d7abb1495b634efcc2795aa89
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0ee3c44a442dfe5729676138d95a474b894eff54ef44d0c96bae24b18e70253
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c08ac4601146baf8c5c89c7ce57be133c9fa8cf02d02904f0a20d57b0d1e99
b2e708d6f686d37ef5fc0215e104ae69c7cd8d8aa8d6ead2e21fa92d527ce5b9
b3e66cc2fccb4ec9b67956701522b792783dd228a9109c698c5aa882a07d33ca
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5edc2d771afeb820787251abc67a146b27aef70cf961d6b76c71c2351ccfb20
b7954169bf2a1ab64a3c4fac56ea2d6cea156504e36dd68cc8129520d4523621
bbeaaafe79fe94b3df65a0622cd62bb7eb027c7674d0463c42f22ee09e42a905
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c0b59c362ae740c391e742fa4517d90b9461b416b9bec855d14c04603dbaf71c
c0dade5e40511841f841814ed717788248c50490400ef63f4620391825f7444e
c336850db945271e6de49ccdce0c01c7a6e678398af3c418e5c3badc54c99acc
c45eea5e6944436e8762d9c18bde4591ac33efd2bfbda1ff9d064712cadaa1ce
ccdaf3e8dd7f87bb9065c03282a0c14f48421298cf77e5b9fb4cac5a0264611a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10aa45d5ed0cad08cdb206c252a58cee5b58248abad319d5a69123f1f55b981
d4d4b08095d094be00aaa090c9f065a48336005f6a028c2cb170c878d2932e6e
da880aa090035237f6cc102265a289b27975e054ff4b9082ac308dd78f0f095d
dbb1afe98bb3e59cd9a3cd569b0d21658fc21fa539d74aa051e3e78ec75f8cff
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
df1bbe1b368b6cfd2802af139bc8c2c4879ca15f5007dd5399c09de313397d05
e074089764a34c469809a7949a95c0fc4a95ae3cac0307d7d5a79894c19f18bb
e223f51dda9434ac054dea94e9185f3d38160ac4a44ab46a9f958432ee0a38b7
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40864318a44122a34f59776f8d00b97b2d3f0f8c99ac273ef1768e9275c18a8
e6047b6c83170ddab7b3058ecb2fdf6a529a1f1f5b3b119dd2165c85ee2e7e75
e755a4f663f9a7305bcdc5064e77b15616c66b07a952532d5605107dbf28cdf8
ea51f498a2e11e522503ca4033674ae7233a3d2a5e5fe9c07491f5fbe5883ac7
eba07c8aaf4516406fe82ace06334844f851e93b3efb12ef6ee69f190a5c4f67
edfea0617b45f47a5413e58b99da78571d537652817471e1b04c448f347f8861
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
f49b1e51af90deec9f6586ef7744350346311391de5729ce0be3cea7fb262acb
f58cfda56b062e9b72bf642c7ef744ab84932e1a77d3a32c60db08552cfcb418
f60b30f2c5ddad9a137a0bebdbcdd2df24cf8e1c3f229764e987d72d56aed439
f65323bff0891aa596b5b7d9c72cb25128a6d84ec04af13e6f31b8d73625bd97
f6cff9dcf1247a29cff9541be3124d8665e6caa885c7e0193dc1d30ddfed66b1
f8ac783bdb31ce594a60add3f47b17fc92231fc31e4ff22c429cba02ac4d380b
fa3186a93faa47c2c30ba85a680582f48e5481ac2c17ae1ffab47035aa5b1993
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff2418feac03946087bfe7a1bb4a8453877061101b2de9b54971431e46bed4c4

kp.ua Open in urlscan Pro 108.138.17.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

188 Requests

96 %HTTPS

60 %IPv6

22 Domains

40 Subdomains

35 IPs

7 Countries

2973 kBTransfer

6934 kBSize

44 Cookies

9 Outgoing links

Page URL History

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kp.ua Open in urlscan Pro
108.138.17.31 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

96 %
HTTPS

60 %
IPv6

22
Domains

40
Subdomains

35
IPs

7
Countries

2973 kB
Transfer

6934 kB
Size

44
Cookies

188 HTTP transactions
6 data transactions