hi.dn.ua Open in urlscan Pro
78.109.29.56 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hi.dn.ua/
Effective URL:
https://hi.dn.ua/
Submission: On February 25 via api (February 25th 2022, 7:16:50 pm UTC) from GB — Scanned from GB

Summary HTTP 176 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 33 IPs in 10 countries across 22 domains to perform 176 HTTP transactions. The main IP is 78.109.29.56, located in Ukraine and belongs to HOSTING-AS hosting.ua, UA. The main domain is hi.dn.ua.
TLS certificate: Issued by R3 on December 27th 2021. Valid for: 3 months.

This is the only time hi.dn.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 68	78.109.29.56 78.109.29.56	41665 (HOSTING-A...) (HOSTING-AS hosting.ua)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
11	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	88.212.201.210 88.212.201.210	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
20	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
3 5	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 3	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.250.206.93 34.250.206.93	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
3	2600:9000:224... 2600:9000:224a:3c00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
6	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
2 3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
176	33

68 78.109.29.56 (Ukraine) 1 redirects

ASN41665 (HOSTING-AS hosting.ua, UA)
PTR: 56.29.109.78.hosting.ua

hi.dn.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.210 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host210.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.226 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.102.29.65 (Milan, Italy) 3 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.15 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.250.206.93 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-206-93.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:224a:3c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	hi.dn.ua 1 redirects hi.dn.ua	3 MB
24	criteo.net static.criteo.net — Cisco Umbrella Rank: 638 pix.eu.criteo.net — Cisco Umbrella Rank: 7678 csm.eu.criteo.net — Cisco Umbrella Rank: 7893	372 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	264 KB
17	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	71 KB
11	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 671 static.adsafeprotected.com — Cisco Umbrella Rank: 502 dt.adsafeprotected.com — Cisco Umbrella Rank: 465	96 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	178 KB
6	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7942 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14241 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10187	86 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488	4 KB
5	gstatic.com fonts.gstatic.com	63 KB
3	facebook.com 2 redirects www.facebook.com — Cisco Umbrella Rank: 97 m.facebook.com — Cisco Umbrella Rank: 1265	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	3 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	114 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	10 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 8633	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	86 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 372	43 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 9027	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	643 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	37 KB
176	22

	Domain	Requested by
68	hi.dn.ua	1 redirects hi.dn.ua
20	static.criteo.net	ads.eu.criteo.com
11	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
11	pagead2.googlesyndication.com	hi.dn.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com hi.dn.ua googleads.g.doubleclick.net
6	dt.adsafeprotected.com	googleads.g.doubleclick.net
6	s0.2mdn.net	hi.dn.ua s0.2mdn.net googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	www.facebook.com	2 redirects
2	googleads4.g.doubleclick.net	hi.dn.ua
2	fw.adsafeprotected.com	1 redirects hi.dn.ua
2	csm.eu.criteo.net	ads.eu.criteo.com
2	pix.eu.criteo.net	ads.eu.criteo.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	rtb.fr.eu.criteo.com	hi.dn.ua googleads.g.doubleclick.net
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	counter.yadro.ru	1 redirects hi.dn.ua
2	connect.facebook.net	hi.dn.ua connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s.yimg.com	hi.dn.ua
1	www.google.com	tpc.googlesyndication.com
1	m.facebook.com	connect.facebook.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	fonts.googleapis.com	hi.dn.ua
1	www.googletagmanager.com	hi.dn.ua
176	34

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
hi.dn.ua R3	`2021-12-27` - `2022-03-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-01-31` - `2022-03-23`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-05` - `2022-03-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://hi.dn.ua/
Frame ID: 140214148E0ADE464EC47176F10EAF55
Requests: 90 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html
Frame ID: 0A053649AABD1789E04CC20DF64E2882
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=185910753&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603084&bpp=4&bdt=1081&idt=267&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6098250588053&frm=20&pv=2&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FPEZdhr8jJ&p=https%3A//hi.dn.ua&dtd=283
Frame ID: F08DA803E79227D6124CCACDC601CAA4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&slotname=7070383555&adk=1416559096&adf=2462531430&pi=t.ma~as.7070383555&w=0&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=12&psa=0&format=0xnull&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=0&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603088&bpp=1&bdt=1086&idt=302&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=2323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=iAHSt2cOeT&p=https%3A//hi.dn.ua&dtd=306
Frame ID: 1BE90DEE9962B87EA1F1B9009FA3553B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=9215904351&adk=1500826456&adf=3527882582&pi=t.ma~as.9215904351&w=785&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=785x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603089&bpp=1&bdt=1086&idt=307&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=3411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=uOD20x9SDl&p=https%3A//hi.dn.ua&dtd=311
Frame ID: 3BC66135C11163AA7078A135F5B7EA1D
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315
Frame ID: 86458EE77B3E18378D4F31D43FD07C4A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&adk=1812271804&adf=3025194257&lmt=1645816333&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Fhi.dn.ua%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603102&bpp=1&bdt=1099&idt=321&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280%2C363x280&nras=1&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=328
Frame ID: A6023CF287C046B49FD56D15FFB7E8A6
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkrGwAHUkkIFWNlAA9eKgJIaVqXTPiLVIpEoA&u=%7CHiGM6oXEA5U9A3bvdsDCM%2FHNDyoa2mLJP5MyFJVdtBc%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5zvRnTkAPdWlBQTCKyhY3Pl7u_hgncGUFOLaXAXQVWTrbPSx2uidEeIUdbRtiHmGqSHuNuQLYNLmB36m5eghqYV23csNkPN0bdMkjo1LL7O2rQtCcqU83IXjOTIWuJL1iieQ-TgbPM6_gpcc0jdfNN-PuPOQLNmwcYrwGf0F6mhLcBeMN6z0ea7Ghi7ErweTcG5qZ-HUGi6q9iQpkBHsQ89YUk3DzUeRYQ26Vf9MjbxHUToWwJm8Jpdw7kNwjljt4NITVkQkwZ7mpZ_RR4HQgHgtZ6wxBcxWOFCTGTCeftiI_hzCKPJclhcOxML5UIiCkAB--bhvdPy64HiWThNx-yGzJDTMoun9Z8PQmkK_gbKMeAweHMmrVcKqM1S5hfThI4qMaeGOh7YO79msZm-n8EIzGbnE0H-JbpiqSmzy-A3q-83gjJvzliqw2Tqd55wnOcF2R37jMTgs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQFBGysZYsmkHeXG1fAPqry98ArJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNDY0Mzc2NzcxOTcwNTIzOaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTXAU_QEocrcBmKX2qMgjGoOWYp6ewKH-cPWRGJUiRkMawxSCKld6KVVPY4oNiIG9em0rc572UyBS6KQfVVti7r5xVr_MsmiDCBubrkES0MjYAVnPTzewSj5ZwFdxkp-Ai9AoxCZ4NStHtVtmPNDGdlEQ2-rRICddetG5vi2g6alN62u2y4IU17NNH20FwCPk8oV_XsmvT1PCSMLEpYGCg7x8lIJspeCN54cKYK8Q6LTYwpeDHDE0594UrVmuZjXXkoIXxTuJFE8sEH6H7NfpDEuDPmsKfrXSLWgAbvnYGk15WtmxugBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3iGphW_DkFWIzGhsMAq-GUmuhShA%26client%3Dca-pub-4643767719705239%26adurl%3D
Frame ID: 9112915C50B05B7135249982F2997E39
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js
Frame ID: 1DBCA10221F0D4CD87AE7AC972D96C35
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY15udwwEwAQ&v=APEucNUZ_y6YYv5j6WydVsBvuq-wnJH6JTpVe9UX7XsFurikA_rqcQR3UUHFC8VNPL_eH-ZX-bpcRSyOzxoSPFOvCHQSvFq7YXYT8yABDGi9LSWTecHjlr4vZqjjrslae0UW4BivQru5abR4lFTWCOZhitBZKEIqjQgHmm5IiCsNnAlGYeN0ZXI
Frame ID: 52D90E316C23035122DF9F968CD6607E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsyqgCHLvvOmOpzU9h0hj-9rRZt0x_DPaTnAHJ2rIqkr0dZn5zdlyh1gc3LloTodJTIqTVrHgOW_nPCVv-hfLzDUAxoe-GeNz8sq0i8Yf5Jm4zeNV5rtaeck4Y4mcDo-630wwaLuT9JUzxj0f8wNnijMEhoA&dbm_d=AKAmf-C-vJMR56lW17WKL8YN2nDqsJ4q8PFL4IOCBtEFrd7Zx1RcQSbZ7B_k4YfQd2phO90XvbGCwyHu5FdQZROg8oViZf_QTvJscjBx0GjGd0LHC0t_kwaI7YOMl6D_bX34pYhxLynX_6YnQ99p3wIyoRb8i7nn098wQzlvql6uBtwXQuqACYMwzQ0NV0ED652Rwlt_NLDH4sLNWpiA8UOwHAoIm5V33qKtYFO8xq9g2Icr631R5jrAbQAKZP60jNsQDzdIP3tFOMbqPn79iUr1BOYAnQG942WwB-cwKExC165SGPPp2B1zasPkrzs_DgEeTq0DarcPbA8uL-t70lE3layRqBGihLDrhfHpJt4HMvVRrSr1NsftWLf_aoGv67CjKi6c6yVmQv_HmTw6oKCgqF69g7L9M-qOgzTROnD7nfc3Ds5ckYxC1FrRU-uw-zTyDaTgC112OXHRNnEDlTC-4tJGE69zCzgDy0Z20WdAZ02dFQw8uPHXHK-BZXqr-CVlIk4dQThAkZlfIjrRyGgL0UepKp8HRahvlVaVoHhD8cOho9NUaaboMJ5DwjAVRnokDOJ93QzRWI5gL5tQNuZdnudLE-4x92D6XjCzad1A0bNsj3aGijuXLtD6blGcZHXAugZrTBuABfEon6UEwFgWtOD5XYSEO-Xda_k7qqInsHUfHhvcTTMiCI2_mte6DoovQHohxSGOQC0iEPolwfFxC-A45LzByCE4nlmXDMSjOYaCHa0u_mZe9g33SrdKx817-3CMNyzA7l0apkURTvoApp7-2yo5ztzJi2VToM9Yh1UyzvMY3xgGEAXOiYfHLG7YAl5jkoS9RxhwJJYSfU7WihoBfjksdBl5CQ_PSJa2kjuqWE9UrtO6L2A5-SVwsZGYq_uTchl2KS4Jf2TLOcCqWzJpPzrMvZ_Z36uBAgAhQ0X4VKjUpe2MuPc281AOVq5DHe2iJErM505Tbmflj00OrDKIAfEqVHOcsJc33qy-QNAOlt-X_2cTwnrvexHZ8HQJf9dviTM9C7jVF-enRJKXcqTH6nyxFG-C7b0k62ETRtJfVwIYIvnZjfInzzJNqNI8MyifzFc6_IfqglAo3yMwbw7LHAQOS6sUZPa8rDcNCto_qgjm6RGBA9ZsqKEeP62AisxT1eXMRPbEFCTeHZ3kGZfte1kECl7cLEGg88HubNt7HghcyjBkN-MvRntFAc7Kv1nJqRuw695QSG_N4bx3L5TF2xH4VZmIkdQLa0zVsNuMy8wTNa_ZoNUofdhcR_DsYZofjY31zQ_Apjqb_voSOXRxm0POb476MPhC7s40B2CdleuukSdfdkdFukqYdWHNNBHZd37bo9ZsCxAvijYPXqU6Wk_fbe-Yf_wgxBWKgo4T3h_MTle4S7MhfV81q_j6wk4HnKMv7NhWf-1hmr_IdCWkXlRIgv3fUI-RXUB5hnsqhr9JGdhJuUtUaoyWl87SbyF21R0NcihXVfd6MXeLUDhxCW7kvq-i1VBIUg_tayDJgkL3W7topXpqvHWPJKdGQCM33IVDRIGNtMAAnXpcz7S4qTHnPu35lh6_7o_s6c6EyQXX1KAXkMWfZhVHwORM4JXEpQPVcWdoSsXm_R7KU1fWol_bffj0CohU9KIUSrd1DR-CfTj6McMjqphMMP94q6MzqODePDYMkqXzAOiX4dzUhkJSxYGhwiquIREdGGR1fSj6PtGl-h0YjNLnmJBtdM5jVP0ZL-dSUeRaStqhsKhDSu0lSO7U6EqXX-o400oaVjhldtJnC5NZ3kb5ebE-nK7Cf5TMgSTYySjOTpg03bjQ6av5w0kDtU6_cXQUHOo6Kp-FzhCy_RQ_ve_6ipYnWPyygTzOBRVr7sFeWTHcT3lujrJYInrE52__nxi3LqcktJP-yunk-wJwMquaC8NA0Hy2IpYQJ5EAmvBnXSIR976N8ZqHzmwmI8z_QG6nbpwx7JFTAJ88ZxQaQpN3ot5JvNwNtnh_Ujxw35ScUE18FQcqor23JQdeHPrJ3QH3qdjSxQERjtxJTv32Is9rPXBjjIiVs1N4QEaY_FvMfRx83oacZGypMTqmpn_NNvlm1V_0oCTh20AYG_A3xF6wRzGxI-dXawbOae04qK3iiVg73H0ZIkbUgcaeGZQ2c6xmWcl228A1BYP0nTP65vK5MaT7v6pETJWOduZL9Nk6Xt-adR4V3DZ8mMAxdX5n2gUYGSED_qvMaTPtBw97VIUlyV516RVz3jNlLmfpA4PpyO_NjjiBR9tI2vUX4QiGkWvQhu2lk5bOp0QKwjIUqYoYY_75LtYJ5I22ivIc0H-sX5ZA3qBcR9e3rkIMnHuse-1pv2QV99x-U5gggAY3Fd0RXQ_wo9rvwC9BnilOU7rdjyDfKeWQhGvNisBGDIRbLObocJUUlG0SEkHmQYRx4zas0fYKJkvRU0PfM5Pw-PyK7PCZMdVx0j2LWI6vuVRRj_-WMPCdg8hvp-UWLyAm87fUQNdvm8P1DS88Qq7_TKEtRcOmLfxogsnecoLshuQYcJhUJoG2cCGNmdY3LWuBPQgEJAWW8YyN37c4T79rtVZsPzFA6ZL5fTULsnvMfpJ1A4T3ESh8qeD-IcLQNt7YGEXq8MPFOxhP9IunjvDhEVvnD6cpY0OqXJBZ2luDA7JtycugqFlLcCFIlfkmRDPXcJ5YAezMYGhs8hN0bpJFhOwXhq55VUX_qaMY3QmBuWqVbuzI8FKP55glA3_Nd4U_StKxymRIjnppbqAAX3FMokw27YcItq2zi4MGCrvcByqmjSXZ8o00QtKqjIj2pCuBEC0hEv5xIJMRLMz2bhOG4XvGLebges37mNknKWZCTssw2XvQDvuK6YcXf5nr4M68BdqPf-vXJlXuaYa-wrz2WVyZZZ80tpLUTT9CD-AjQJ_xD75vzef4uDfb4svNbIUAadPXPcp0qmAxYUAPOLplyi_FtcMej9yN6PjqQQxq1Jb8TDB1hq8ILWl_4MKNn_On4DzNUwbZYtaFm3_Ns84EVBg3bJNqiz1w8KKVdLWKeyWLt_7gljRksetXLBGtH3qXYacYSF7yceP2tTfC&cid=CAASBORoNK0&rfl=2%2Chttps%253A%252F%252Fhi.dn.ua%252F%240
Frame ID: 1FC7DC1DB5D9CFA16687EBC80045A348
Requests: 21 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkrGwAHxC4KxmhcAAG6nTZ_h3J9T8K0NW9LLA&u=%7CHiGM6oXEA5XwqLAON2WPOQZ73Tvj%2Bt%2B0ZRTPTKhYs%2Bc%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5zvRnTkAPdWmvLVilgC0DiLTcQ9rLc1tTVgAqhfDjCpZ-ihRuUaJZoCo7N0XMR6dWO4Lmf2Go8U8nidn4uIPHoFL_NhhaqPA1zDlIiEQ9GQ_BxTxh8sHu48127E1Vtb0KfLGRlnphPpElY1cwrLz3hcoQZ7cNwWCnYzCShMdyhi7xrcnRT8XtsJH6Gbmd0NfUWWuHo5Zq8UfUWzdzQYBX-OVoD4AI-ZMlQybN5XwhVGuA3oX2uuiql8Gn8hL2aeHc94jYe4ZsWPGTLFfiwQO58N5M1dERTP9n5ytsjtX88q3hGrTgFDBv-sn_TgNF2ir4JOWcfRLKE3doJmPSf-KM1VPmEkLdnUBbO90koqGw2WytIzAMM1l4AJkfWKpXK94Y4eA4pvr9BShqSsp0YPlSwpzhkPv-j3A4bbJMkv9Qom2iq7Dxrf8oHvgmAV_lTPkmkTtVrKOx9I4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaR8yGysZYq6IH9zQmQad9YbYDMme0rFczYbj1pMBwI23ARABIABglQKCARdjYS1wdWItNDY0Mzc2NzcxOTcwNTIzOaAB1bbS6gPIAQmpAlwtR9v00bI-qAMBqgSzAU_QZtfnIEKhPOrrmps_xnBbopGuH8kVFt_anvmmcc0zqqZ1ENxQV6cUy1yE9H2XKAxudeJLtVzhPkKlGU68dAKSqFFlQjXWuX0haPXUuLswFKz6NX2zv22csrfgr0J-MTv1u50-gzdWcQ5TCjNank5X9tYWwamsJ5_1qnhDj-UbGTlpXdUJnUJm802B-EKax1yxEl7k5kkBomLBjxX4IOxSEXXtPC7KGXaFcdz-Cazi2T3FgAbvnYGk15WtmxugBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1nkKotrZthbOXA0jmctudWoXcBIg%26client%3Dca-pub-4643767719705239%26adurl%3D
Frame ID: 59CB1EDEE86C742E9EF142CE0F792CEA
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 99B00D5A6C6718D34A16759A222E4AFD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/10176755/1645543836780/300x250.html
Frame ID: E8A2E848D54FBF4AB2422ABDDE0BE89C
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 21A10CF327F5E5F4079384C3216717EC
Requests: 1 HTTP requests in this frame

Frame: https://m.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df18d3a8323b7924%2526domain%253Dhi.dn.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhi.dn.ua%25252Ff187ba2e8afe9f8%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNovostiKramatorska%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500&refsrc=deprecated&_rdr
Frame ID: E6D7650000C23C58583D71BCF396899E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5332BC489A2E2707C6D59E94397E2AB7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2D1A0096C08DFB1E8F08A8DC8580AA3A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новости Краматорска, газета Привет - Объявления Краматорска

Page URL History Show full URLs

http://hi.dn.ua/ HTTP 301
https://hi.dn.ua/ Page URL

Detected technologies

Joomla (CMS) Expand

Overall confidence: 50%
Detected patterns

(?:<div[^>]+id="wrapper_r"|<(?:link|script)[^>]+(?:feed|components)/com_|<table[^>]+class="pill)

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

176
Requests

97 %
HTTPS

63 %
IPv6

22
Domains

34
Subdomains

33
IPs

10
Countries

4050 kB
Transfer

6507 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hi.dn.ua/ HTTP 301
https://hi.dn.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 72

https://counter.yadro.ru/hit?t14.6;r;s1600*1200*24;uhttps%3A//hi.dn.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u041A%u0440%u0430%u043C%u0430%u0442%u043E%u0440%u0441%u043A%u0430%2C%20%u0433%u0430%u0437%u0435%u0442%u0430%20%u041F%u0440%u0438%u0432%u0435%u0442%20-%20%u041E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F%20%u041A%u0440%u0430%u043C%u0430%u0442%u043E%u0440%u0441%u043A%u0430;0.32547705628119017 HTTP 302
https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttps%3A//hi.dn.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u041A%u0440%u0430%u043C%u0430%u0442%u043E%u0440%u0441%u043A%u0430%2C%20%u0433%u0430%u0437%u0435%u0442%u0430%20%u041F%u0440%u0438%u0432%u0435%u0442%20-%20%u041E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F%20%u041A%u0440%u0430%u043C%u0430%u0442%u043E%u0440%u0441%u043A%u0430;0.32547705628119017

Request Chain 118

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfxmKFmkV8I8lUiXEpUnF0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfxmKFmkV8I8lUiXEpUnF0&google_cver=1&C=1

Request Chain 119

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhkrHMQxko2Y2FTi5SnBeAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfxmKFmkV8I8lUiXEpUnF0&google_cver=1

Request Chain 120

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEG2W0Em6jk7iLm8Weg9PmLs&google_cver=1

Request Chain 121

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc2NDY4MjQ4OTcyNzg3NTEzMw%3D%3D

Request Chain 158

https://fw.adsafeprotected.com/rfw/st/963770/61152063/skeleton.js?ias_dspID=3&ias_campId=26959354&ias_pubId=pub-4643767719705239&ias_chanId=1&ias_placementId=16384157643&bidurl=https://hi.dn.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hYfwal2b5-PmZOkvq8U0DL&adsafe_url=https%3A%2F%2Fhi.dn.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fhi.dn.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4643767719705239%26output%3Dhtml%26h%3D280%26slotname%3D5196745422%26adk%3D3565012385%26adf%3D4284061337%26pi%3Dt.ma~as.5196745422%26w%3D363%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1645816333%26rafmt%3D1%26psa%3D0%26format%3D363x280%26url%3Dhttps%253A%252F%252Fhi.dn.ua%252F%26flash%3D0%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.%26dt%3D1645816603090%26bpp%3D1%26bdt%3D1087%26idt%3D313%26shv%3Dr20220223%26mjsv%3Dm202202090102%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D363x280%252C0xnull%252C785x280%26correlator%3D6098250588053%26frm%3D20%26pv%3D1%26ga_vid%3D795597458.1645816603%26ga_sid%3D1645816603%26ga_hid%3D1766725460%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1208%26ady%3D1000%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D42531398%252C44750774%252C31064858%252C31061829%26oid%3D2%26pvsid%3D2226080441506750%26pem%3D732%26tmod%3D873592277%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D4%26uci%3Da!4%26fsb%3D1%26xpc%3DOjvTekkyZD%26p%3Dhttps%253A%2F%2Fhi.dn.ua%26dtd%3D315&adsafe_type=bd&adsafe_jsinfo=,id:9bd15a3a-3a74-c670-cde1-862c9763f07c,c:5gi7AJ,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-894b99788-n88k6,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.376.280,am:sp,cc:-2.0.376.280,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:277,fm:sYtUKi9+11%7C1211%7C13%7C141%7C151*.963770-61152063%7C1511%7C1512%7C1513%7C16,idMap:151*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:293,oid:781e2413-966f-11ec-b4f7-5abd14002d9c,v:19.8.289,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 168

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18d3a8323b7924%26domain%3Dhi.dn.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhi.dn.ua%252Ff187ba2e8afe9f8%26relation%3Dparent.parent&container_width=363&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FNovostiKramatorska&locale=ru_RU&sdk=joey&show_facepile=true&small_header=false&width=500 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df18d3a8323b7924%2526domain%253Dhi.dn.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhi.dn.ua%25252Ff187ba2e8afe9f8%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNovostiKramatorska%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500 HTTP 301
https://m.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df18d3a8323b7924%2526domain%253Dhi.dn.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhi.dn.ua%25252Ff187ba2e8afe9f8%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNovostiKramatorska%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500&refsrc=deprecated&_rdr

176 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
hi.dn.ua/
Redirect Chain

http://hi.dn.ua/
https://hi.dn.ua/

93 KB
18 KB

501ms
229ms

Document
text/html

78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL

https://hi.dn.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),

Reverse DNS

56.29.109.78.hosting.ua

Software

nginx / PHP/7.2.16

Resource Hash

b3054cfa08c3d9346e7d33fc39e48f4dae13eee61d3903bd509698592e6448a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Server: nginx
Date: Fri, 25 Feb 2022 19:21:21 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Content-Type-Options: nosniff
X-Powered-By: PHP/7.2.16
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM", CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Last-Modified: Fri, 25 Feb 2022 19:12:13 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache
Pragma: no-cache
ETag: W/"3bd91b98e619563c677967b1d34cf2ba"
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 25 Feb 2022 19:21:20 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://hi.dn.ua/
X-Frame-Options: SAMEORIGIN

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 94 KB
37 KB 187ms
69ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-10437307-1

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b92982ad49856c0b7a6e526d571eb7ad9db7567b5c0694c45173ebce50f3a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37449
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 25 Feb 2022 19:16:42 GMT

GET
H/1.1 200
OK animate.min.css
hi.dn.ua/components/com_sppagebuilder/assets/css/ 52 KB
4 KB 92ms
91ms Stylesheet
text/css 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/components/com_sppagebuilder/assets/css/animate.min.css
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 1ec1c0519da1b0a13b0670687ffb7bf3d3761fb31fe26fe4f2ed816865a0eeda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Content-Encoding: gzip
Last-Modified: Sat, 10 Nov 2018 20:20:04 GMT
Server: nginx
ETag: W/"5be73d74-d0b7"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=1296000, public
Connection: keep-alive
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK sppagebuilder.css
hi.dn.ua/components/com_sppagebuilder/assets/css/ 150 KB
23 KB 185ms
93ms Stylesheet
text/css 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/components/com_sppagebuilder/assets/css/sppagebuilder.css
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: ee54d53603f2f9ffa44da264ea395d2e7f18d8edac21d5f55f3fb27702cdf4ca

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Jan 2019 13:52:40 GMT
Server: nginx
ETag: W/"5c4b14a8-25995"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=1296000, public
Connection: keep-alive
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK page-1.css
hi.dn.ua/media/com_sppagebuilder/css/ 6 KB
1 KB 271ms
91ms Stylesheet
text/css 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/media/com_sppagebuilder/css/page-1.css
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: d5a80e0548845269115c1dcb9a3c2ce55366d66d8b1c1334cb349e913d1278a6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Content-Encoding: gzip
Last-Modified: Fri, 25 Feb 2022 19:19:44 GMT
Server: nginx
ETag: W/"62192bd0-19d8"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=1296000, public
Connection: keep-alive
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK content.css
hi.dn.ua/plugins/system/jce/css/ 2 KB
2 KB 271ms
92ms Stylesheet
text/css 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/plugins/system/jce/css/content.css?f060f2909cbdc48507777b81d7d91d39
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 2291dfa652ff8d9b621007cc0daf0dc254a34a0fe1e5439a7e0feb305e4542d7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Fri, 19 Jun 2020 08:32:49 GMT
Server: nginx
ETag: "5eec7831-7cf"
Content-Type: text/css
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1999
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 41 KB
2 KB 182ms
65ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=cyrillic

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37ae3b7989e661e1b8f9a18ec6afb6cbdcfff9adfc9db1ab0693cf9241becb3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 25 Feb 2022 18:51:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Feb 2022 19:16:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 25 Feb 2022 19:16:42 GMT

GET
H/1.1 200
OK template.css
hi.dn.ua/templates/shaper_newskit/css/ 464 KB
77 KB 363ms
183ms Stylesheet
text/css 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: ab0adbe6a9df0051d75d2e06ffdc5dbf0210dc0d2858ef95e28213e4ab3963c3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jan 2022 14:13:50 GMT
Server: nginx
ETag: W/"61e0339e-73fd6"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=1296000, public
Connection: keep-alive
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK jquery.min.js Show response
hi.dn.ua/media/jui/js/ 94 KB
95 KB 360ms
180ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/media/jui/js/jquery.min.js?f060f2909cbdc48507777b81d7d91d39
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 46438fa269f3c172286b81be52a5de84753d68dcc6580f6a98b7942cf129bdc1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Tue, 09 Apr 2019 08:44:09 GMT
Server: nginx
ETag: "5cac5b59-1795e"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96606
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK jquery-noconflict.js Show response
hi.dn.ua/media/jui/js/ 21 B
374 B 272ms
92ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/media/jui/js/jquery-noconflict.js?f060f2909cbdc48507777b81d7d91d39
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Tue, 31 Jul 2018 03:40:26 GMT
Server: nginx
ETag: "5b5fda2a-15"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
hi.dn.ua/media/jui/js/ 10 KB
10 KB 363ms
91ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/media/jui/js/jquery-migrate.min.js?f060f2909cbdc48507777b81d7d91d39
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Tue, 31 Jul 2018 03:40:26 GMT
Server: nginx
ETag: "5b5fda2a-2748"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10056
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK jquery.parallax.js Show response
hi.dn.ua/components/com_sppagebuilder/assets/js/ 892 B
1 KB 367ms
96ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/components/com_sppagebuilder/assets/js/jquery.parallax.js
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 8eb5d5e8b339da50d7c8290be7fa53db265d0b40d7decfb235dc2bebb8c5dca7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Sat, 10 Nov 2018 20:20:04 GMT
Server: nginx
ETag: "5be73d74-37c"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 892
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK sppagebuilder.js Show response
hi.dn.ua/components/com_sppagebuilder/assets/js/ 39 KB
39 KB 460ms
188ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/components/com_sppagebuilder/assets/js/sppagebuilder.js
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 4e89cf4a8dcd97348dbd2b89ad8f97251b1149671cf2218c7d6a3906f55ce08f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Fri, 25 Jan 2019 13:52:40 GMT
Server: nginx
ETag: "5c4b14a8-9b21"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 39713
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK jquery.mobile.customized.min.js Show response
hi.dn.ua/modules/mod_responsive_slider/assets/js/ 92 KB
93 KB 365ms
94ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/modules/mod_responsive_slider/assets/js/jquery.mobile.customized.min.js
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 452755ab5ffa443c96c4823367b4089531068ad1389beed8418ff4b59dc4f237

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Tue, 22 Jan 2019 22:22:06 GMT
Server: nginx
ETag: "5c47978e-171a0"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94624
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK owl.carousel.min.js Show response
hi.dn.ua/modules/mod_responsive_scroller_for_articles/assets/js/ 42 KB
42 KB 544ms
181ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/modules/mod_responsive_scroller_for_articles/assets/js/owl.carousel.min.js
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: b5757aa153f991c82c949e638c56b4913042196240f3a41cec5a40c3366d1bdd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Mon, 15 Oct 2018 18:26:58 GMT
Server: nginx
ETag: "5bc4dbf2-a714"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42772
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK main2.js Show response
hi.dn.ua/templates/shaper_newskit/js/ 57 KB
57 KB 551ms
184ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/templates/shaper_newskit/js/main2.js
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 0d99caeae193a1f88c9cdde31bc68dccfc68883e416934f2ac8e50a553c57f16

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Sat, 07 Nov 2020 13:02:51 GMT
Server: nginx
ETag: "5fa69afb-e3d4"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 58324
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK core.js Show response
hi.dn.ua/media/system/js/ 9 KB
9 KB 631ms
91ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/media/system/js/core.js?f060f2909cbdc48507777b81d7d91d39
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: ee43222bc3a3d6c1cab5dc4115bd2a3c2b348f4b4e448283e0eaca84de6763d6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Mon, 11 Feb 2019 17:46:59 GMT
Server: nginx
ETag: "5c61b513-2268"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8808
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK keepalive.js Show response
hi.dn.ua/media/system/js/ 462 B
817 B 632ms
90ms Script
application/javascript 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/media/system/js/keepalive.js?f060f2909cbdc48507777b81d7d91d39
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 1df72eb0c6f570ba6c078ebea6e42747f7e11f68bcccdb8c528f85ef39d46df0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Tue, 31 Jul 2018 03:40:26 GMT
Server: nginx
ETag: "5b5fda2a-1ce"
Content-Type: application/javascript
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 462
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK Privet_zamena1301.gif
hi.dn.ua/images/ 9 KB
9 KB 92ms
91ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/Privet_zamena1301.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 48e25136ee6711353e7bc7f34652fdd5f2713eb9c8d76e053443ba6da737fba7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Thu, 13 Jan 2022 10:33:17 GMT
Server: nginx
ETag: "61dfffed-2438"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9272
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK avtreysy3011.gif
hi.dn.ua/images/ 274 KB
275 KB 94ms
94ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/avtreysy3011.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: b84ce000a97b2083b76ef121ba39ded1ba53b095b1cba87bc2f1213477859f01

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Wed, 01 Dec 2021 11:31:17 GMT
Server: nginx
ETag: "61a75d05-4499e"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 280990
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK galis_kislorod.gif
hi.dn.ua/images/ 34 KB
35 KB 93ms
93ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/galis_kislorod.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 724e24d4c1459f4b117e9efe31d26ac083ae0145af484fff11b197668b40d492

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:21 GMT
Last-Modified: Tue, 18 Aug 2020 07:24:28 GMT
Server: nginx
ETag: "5f3b822c-8948"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35144
Expires: Sat, 12 Mar 2022 19:21:21 GMT

GET
H/1.1 200
OK galis1.gif
hi.dn.ua/images/ 41 KB
41 KB 96ms
95ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/galis1.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 209eead52c2ce0e1efaee234751cf874761c7678947f231731a5367a4ee3a3ad

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Fri, 22 Feb 2019 18:18:32 GMT
Server: nginx
ETag: "5c703cf8-a29f"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 41631
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK logo.png
hi.dn.ua/templates/shaper_newskit/images/presets/preset1/ 9 KB
9 KB 93ms
91ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/templates/shaper_newskit/images/presets/preset1/logo.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: dc1162fc9ae488f7e257f137733c866cce9582d546445f902328fa4d536dcbba

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Sun, 03 Jun 2018 15:11:38 GMT
Server: nginx
ETag: "5b14052a-224f"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8783
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK logo@2x.png
hi.dn.ua/templates/shaper_newskit/images/presets/preset1/ 19 KB
19 KB 100ms
98ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/templates/shaper_newskit/images/presets/preset1/logo@2x.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 1a57618c09f2be28ce199c98f1e85308d101c9130025623bc6b09e9997924b06

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Sun, 03 Jun 2018 15:12:26 GMT
Server: nginx
ETag: "5b14055a-4b4c"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19276
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK logo2.png
hi.dn.ua/templates/shaper_newskit/images/presets/preset1/ 17 KB
17 KB 94ms
91ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/templates/shaper_newskit/images/presets/preset1/logo2.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 1061c885f8bc68df6083fb301c97817f1f759356366fdb62cc11a36aeae0968f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Sun, 08 Jul 2018 20:00:56 GMT
Server: nginx
ETag: "5b426d78-430c"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17164
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK logo2@2x.png
hi.dn.ua/templates/shaper_newskit/images/presets/preset1/ 41 KB
41 KB 94ms
94ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/templates/shaper_newskit/images/presets/preset1/logo2@2x.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 127e541e4f7b7361f435bd88df085f479eb27acbc4dbffa188343b887e51627e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Sun, 08 Jul 2018 19:37:00 GMT
Server: nginx
ETag: "5b4267dc-a478"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42104
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK bazisprogramrobota.gif
hi.dn.ua/images/ 21 KB
22 KB 536ms
193ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/bazisprogramrobota.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 1b1206b2bf16bf2893e7f89879dd5fec9a3a9364361f2a8c3aea5aa01e74216b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Thu, 09 Dec 2021 10:47:18 GMT
Server: nginx
ETag: "61b1deb6-55a1"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21921
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK galis_odeghda.gif
hi.dn.ua/images/ 31 KB
32 KB 438ms
93ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/galis_odeghda.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 125888320d828f42ac010da9ef94ec7172c54d468266502bbcb220299c611778

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Tue, 18 Aug 2020 07:24:28 GMT
Server: nginx
ETag: "5f3b822c-7db8"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32184
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK lazer_mihail.gif
hi.dn.ua/images/ 51 KB
51 KB 249ms
92ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/lazer_mihail.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: e101368765276ecfc0384329cd686eab43519313bc05a92d68a6238c9d5723b2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Thu, 21 Oct 2021 07:05:46 GMT
Server: nginx
ETag: "6171114a-cc95"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 52373
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK metalloprokat2.jpg
hi.dn.ua/images/ 44 KB
45 KB 364ms
94ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/metalloprokat2.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 9d0c476aee1acdae66de07cbcc67359740bace697b73cf0c51515db4f81978be

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Sat, 26 Jan 2019 09:57:28 GMT
Server: nginx
ETag: "5c4c2f08-b0f8"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45304
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK ecohouse.gif
hi.dn.ua/images/ 35 KB
35 KB 357ms
91ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/ecohouse.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 0820dead056e977451b308d1486b42125be316a6c1c113dbea580f358c24d8d3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Wed, 14 Aug 2019 09:04:49 GMT
Server: nginx
ETag: "5d53ceb1-8bf0"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35824
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK vrach_kolesnikova2506.gif
hi.dn.ua/images/ 12 KB
12 KB 433ms
93ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/vrach_kolesnikova2506.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 28b306c5012ffd93dbe76be93ba78d1cea580a3d5f2f480b5d9b48aedc496fa3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Thu, 25 Jun 2020 10:55:20 GMT
Server: nginx
ETag: "5ef48298-2f66"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12134
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK KANGOO_2901.gif
hi.dn.ua/images/ 50 KB
50 KB 263ms
92ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/KANGOO_2901.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 4ab141a60815a67770511028d1467e515d78a9fc5c166387fbe258bf60a23ff1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Fri, 29 Jan 2021 09:40:10 GMT
Server: nginx
ETag: "6013d7fa-c772"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 51058
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK kopichko0409.jpg
hi.dn.ua/images/ 67 KB
68 KB 361ms
91ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/kopichko0409.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 1fa3f8d785b1c38d5385eac2c2158affe734a4a5598c0dfe6961c33303f4a591

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Sat, 05 Sep 2020 13:40:55 GMT
Server: nginx
ETag: "5f539567-10dea"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 69098
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK RUB.gif
hi.dn.ua/modules/mod_currencies/icons/ 393 B
735 B 174ms
94ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/modules/mod_currencies/icons/RUB.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 3d0e4610ae5e53daae6513acfcb7bb54e5c3c16a4c24a8efd361bd76504f0654

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Thu, 15 Mar 2018 12:30:24 GMT
Server: nginx
ETag: "5aaa6760-189"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 393
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK kurs_down.png
hi.dn.ua/modules/mod_currencies/icons/ 207 B
548 B 344ms
89ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/modules/mod_currencies/icons/kurs_down.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 92fcab9c5ecda697f59e5877e9b1e226384a7f53e9b04e9a7b6aa5441738df11

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Tue, 05 Apr 2016 07:40:42 GMT
Server: nginx
ETag: "57036bfa-cf"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 207
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK USD.gif
hi.dn.ua/modules/mod_currencies/icons/ 657 B
999 B 267ms
92ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/modules/mod_currencies/icons/USD.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 7e82ab1d661f86ff42e06248442db7ebdd153a8f517ff22d6431b69a71a37598

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Thu, 15 Mar 2018 12:30:24 GMT
Server: nginx
ETag: "5aaa6760-291"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 657
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK EUR.gif
hi.dn.ua/modules/mod_currencies/icons/ 730 B
1 KB 266ms
92ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/modules/mod_currencies/icons/EUR.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 8fda7cf721d35626d32a0e4cc138e02b35edba75451d3077c739a861c4685178

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Thu, 15 Mar 2018 12:30:24 GMT
Server: nginx
ETag: "5aaa6760-2da"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 730
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H2 200 27n-100567.png
s.yimg.com/os/mit/media/m/weather/images/icons/l/ 22 KB
22 KB 180ms
59ms Image
image/png 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/os/mit/media/m/weather/images/icons/l/27n-100567.png

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9beebe40ef8b5070d6fd78d439fcc842f0fcc573a9b7865c9d43f6026e6a5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 27 Jan 2022 19:32:20 GMT
x-amz-meta-created-date: Mon, 11 Jun 2012 23:36:40 GMT
age: 2504663
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1339457800064548
strict-transport-security: max-age=15552000
x-amz-request-id: 40R3E4HTRE3J5QCP
x-amz-id-2: 4EUuKhyX+RqJHa6gDXCCalGOQTmwGyUoEJ2yEYPb4yjVdttgOoQn52jbaEOQHUvQqvV8vhpBxn8=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 21 May 2018 11:17:40 GMT
server: ATS
etag: "94730e222e41a4da56769926ba744efe"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=567648000,public
content-length: 22325
content-type: image/png
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:5f9a3700-c152-4ea6-925d-669ba1b0feee0004c23ad25d4e24"
x-content-type-options: nosniff
expires: Fri, 16 May 2036 11:17:39 GMT

GET
H2 200 13n-100567.png
s.yimg.com/os/mit/media/m/weather/images/icons/l/ 21 KB
21 KB 237ms
117ms Image
image/png 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.yimg.com/os/mit/media/m/weather/images/icons/l/13n-100567.png

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b72d0d2a02476446719b44d1b120f6f817e271cee1d712298398102c6a37c4e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 07 Feb 2022 20:42:47 GMT
x-amz-meta-created-date: Mon, 11 Jun 2012 23:36:37 GMT
age: 1550036
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1339457797106746
strict-transport-security: max-age=15552000
x-amz-request-id: 57WTD77QJ875C5C7
x-amz-id-2: 2O2uRS4rC8a9ua+jeKd8WuhpCHIgBfKglt68/6K8YiSXG0pG1lx9rMODIX3EuR/tCwdmPq/KQiQ=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 20 May 2018 18:52:09 GMT
server: ATS
etag: "394a4503c5c88854048f35f6bf8185fc"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=567648000,public
content-length: 21007
content-type: image/png
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:b3c35c11-2783-4abf-b8f2-960923ddccb50004c23ad2302c3a"
x-content-type-options: nosniff
expires: Thu, 15 May 2036 18:52:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
53 KB 216ms
96ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

304bd044fa8ed083e0ffe68514216a6768550f40400730620626af11478e02a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54037
x-xss-protection: 0
server: cafe
etag: 15237843370649819590
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 19:16:42 GMT

GET
H/1.1 200
OK avtosklad_755x75_glav0412.gif
hi.dn.ua/images/ 91 KB
91 KB 363ms
91ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/avtosklad_755x75_glav0412.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 5e85639702795a30d9718cae66608802d78dedfee734aca5bb23e61c4ea5aca8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Fri, 04 Dec 2020 11:57:00 GMT
Server: nginx
ETag: "5fca240c-16a85"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92805
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK kashtan2_2209.gif
hi.dn.ua/images/ 56 KB
56 KB 265ms
93ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/kashtan2_2209.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 256c9c5d92b6992d0467bfc4381c99988a5e4446ad2c0bddc9d93a9bfb045ab9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Tue, 22 Sep 2020 10:44:31 GMT
Server: nginx
ETag: "5f69d58f-e04a"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 57418
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK doc_comp.gif
hi.dn.ua/images/ 69 KB
69 KB 91ms
91ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/doc_comp.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 63ba94079bafeb1a751b6f922a9369e51b241c8e550b3e15a62e4118bd7f3299

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Thu, 20 Jun 2019 13:49:16 GMT
Server: nginx
ETag: "5d0b8edc-1132f"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70447
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK 756458066997319.jpg
hi.dn.ua/cache/rsca/243x160/images/news130/ 7 KB
7 KB 96ms
96ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/756458066997319.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: d41a978fd4b0d9d75ff6246ca9140253ae5082a0b73e3ce5c9a95f6dc25f275d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Fri, 25 Feb 2022 18:07:20 GMT
Server: nginx
ETag: "62191ad8-1ac6"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6854
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK 934ruthgjfkdleirjth.PNG
hi.dn.ua/cache/rsca/243x160/images/news130/ 78 KB
78 KB 96ms
96ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/934ruthgjfkdleirjth.PNG
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 40b51c7624c21c078abd3aab455d00d6891a656b8feb891f355d8c15152efb08

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Fri, 25 Feb 2022 16:20:22 GMT
Server: nginx
ETag: "621901c6-136f5"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 79605
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK 1645695046_e490.jpg
hi.dn.ua/cache/rsca/243x160/images/news130/ 9 KB
9 KB 102ms
102ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/1645695046_e490.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 6918121145b46832c9eb3f312eed403144b4fe58e1d2e43cb5ee9f82f6bdb521

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Fri, 25 Feb 2022 12:53:50 GMT
Server: nginx
ETag: "6218d15e-24a2"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9378
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK blini220222.jpg
hi.dn.ua/cache/rsca/243x160/images/news130/ 9 KB
9 KB 92ms
91ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/blini220222.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: e7b39356f04bd228f1d48d68c00d2adb96c7e471cb7f4445da8b8b9202c99f1e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Fri, 25 Feb 2022 02:33:51 GMT
Server: nginx
ETag: "6218400f-240c"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9228
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK jarenaya_10.jpg
hi.dn.ua/cache/rsca/243x160/images/news130/ 9 KB
9 KB 90ms
90ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/jarenaya_10.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: d429acaa034a6e9c352b6de2cca4a187e16f0e8fba917989ed97d5c6d7ad043e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Wed, 23 Feb 2022 02:52:07 GMT
Server: nginx
ETag: "6215a157-2405"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9221
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK panyka-cddb1c81f4be14efa3bb57d1869a20f8.jpg
hi.dn.ua/cache/rsca/243x160/images/news130/ 6 KB
7 KB 90ms
90ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/panyka-cddb1c81f4be14efa3bb57d1869a20f8.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 6f526cfee5923c3d63805b64100b57e5ecd2f121922fa641dff70c2e16c20398

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Wed, 23 Feb 2022 02:46:06 GMT
Server: nginx
ETag: "62159fee-190b"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6411
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK 1459648784621484f6204a5.jpg
hi.dn.ua/cache/rsca/243x160/images/news130/ 8 KB
8 KB 268ms
268ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/1459648784621484f6204a5.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: c6b0383ac9f71fdc60cbfe698ea17089de325989dded2a914a8a6e71c2656049

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Tue, 22 Feb 2022 07:36:09 GMT
Server: nginx
ETag: "62149269-1fc6"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8134
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK 72685169862124d78398fd.jpg
hi.dn.ua/cache/rsca/243x160/images/news130/ 6 KB
6 KB 91ms
91ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/72685169862124d78398fd.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: dfe713b10c87f9d69c8308bb407233a924d725c7d72ed0b7473ad39c6e8cbbbc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Mon, 21 Feb 2022 07:26:12 GMT
Server: nginx
ETag: "62133e94-17d1"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6097
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK 2062990370620f93064e5e8.jpg
hi.dn.ua/cache/rsca/243x160/images/news130/ 7 KB
7 KB 92ms
91ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/2062990370620f93064e5e8.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: d9508ff260338cef56658378d62ebf781194286a6369c58f5be54e7607453498

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Fri, 18 Feb 2022 13:34:12 GMT
Server: nginx
ETag: "620fa054-1be2"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7138
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK 946cb53a2f189bf613b9f5bec98c0a7c.jpg
hi.dn.ua/cache/rsca/243x160/images/news130/ 11 KB
11 KB 99ms
96ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/946cb53a2f189bf613b9f5bec98c0a7c.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 22f05baf5f57ac9c150bd2a5ca6754785d1b4fc4bb675d69fa04c3932e335b2d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:23 GMT
Last-Modified: Tue, 15 Feb 2022 11:12:28 GMT
Server: nginx
ETag: "620b8a9c-2a0a"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10762
Expires: Sat, 12 Mar 2022 19:21:23 GMT

GET
H/1.1 200
OK kruou.jpg
hi.dn.ua/cache/rsca/243x160/images/news130/ 15 KB
15 KB 91ms
90ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/kruou.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 7d9a90eef3570e5b6211e1036d294a6d53b0cc4700b4d63fe59533ee7e6cf3cf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:23 GMT
Last-Modified: Mon, 14 Feb 2022 02:47:08 GMT
Server: nginx
ETag: "6209c2ac-3ac1"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15041
Expires: Sat, 12 Mar 2022 19:21:23 GMT

GET
H/1.1 200
OK don-lugee.jpg
hi.dn.ua/cache/rsca/243x160/images/news130/ 14 KB
14 KB 91ms
90ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/don-lugee.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 6b12f2e298f035cdfbd200d602318887082556b3542b08282936720e4e25bb61

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:23 GMT
Last-Modified: Fri, 11 Feb 2022 09:49:48 GMT
Server: nginx
ETag: "6206313c-3897"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14487
Expires: Sat, 12 Mar 2022 19:21:23 GMT

GET
H/1.1 200
OK 5542b27a-0127-4993-b847-6a398c4ee54a.jpg
hi.dn.ua/cache/rsca/243x160/images/news130/ 8 KB
8 KB 90ms
90ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/5542b27a-0127-4993-b847-6a398c4ee54a.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 301b8ff4a29308164c9934b23b1e67c3fd787c012a52e053decfd102bccd4de0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:23 GMT
Last-Modified: Sat, 19 Feb 2022 05:03:53 GMT
Server: nginx
ETag: "62107a39-1ec5"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7877
Expires: Sat, 12 Mar 2022 19:21:23 GMT

GET
H/1.1 200
OK 187984_ukroboronprom_rbc.ua_960x380_0.png
hi.dn.ua/cache/rsca/243x160/images/news130/ 60 KB
60 KB 91ms
91ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/187984_ukroboronprom_rbc.ua_960x380_0.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: d417948ca0372b9fd425b4609f78298d49d4608838ce3ba4a1e7dea57b50db66

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:23 GMT
Last-Modified: Tue, 15 Feb 2022 02:49:31 GMT
Server: nginx
ETag: "620b14bb-ef94"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61332
Expires: Sat, 12 Mar 2022 19:21:23 GMT

GET
H/1.1 200
OK kripta-valuytya.PNG
hi.dn.ua/cache/rsca/243x160/images/news130/ 49 KB
49 KB 91ms
91ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/cache/rsca/243x160/images/news130/kripta-valuytya.PNG
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 1ff9a8ec38a3a06884a19fb92a420aba09a8216194fbf59adea8a75dd3d502b8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:23 GMT
Last-Modified: Sat, 12 Feb 2022 12:47:07 GMT
Server: nginx
ETag: "6207ac4b-c369"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50025
Expires: Sat, 12 Mar 2022 19:21:23 GMT

GET
H/1.1 200
OK filtry_nasosy.gif
hi.dn.ua/images/ 24 KB
24 KB 623ms
92ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/filtry_nasosy.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 13a7568d852d39b8205ac0d57be091c3cfddfcfa678b374f44d74bdf1a452352

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Sat, 26 Jan 2019 09:57:28 GMT
Server: nginx
ETag: "5c4c2f08-5f31"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24369
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK translogist_vagoni.jpg
hi.dn.ua/images/ 16 KB
16 KB 452ms
91ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/translogist_vagoni.jpg
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 8f33c10e6260fedc9e7980468291b936000570589c1cbe6f1ae086d193fc2971

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Wed, 16 Jun 2021 14:26:07 GMT
Server: nginx
ETag: "60ca09ff-3e31"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15921
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK gorod_masterov18_05.gif
hi.dn.ua/images/ 281 KB
281 KB 337ms
91ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/gorod_masterov18_05.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 80273fc1aee79a2241ad5a484aa3f6eaa4931bdd242b545f2f40c5d7de8842fc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Mon, 18 May 2020 06:18:29 GMT
Server: nginx
ETag: "5ec228b5-462aa"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 287402
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK galis_obluchatel.gif
hi.dn.ua/images/ 33 KB
33 KB 359ms
90ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/galis_obluchatel.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 9f89762aa62701f039a78f280ada12614dde6dd17a381c0ce98b9ba357a72a2a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Tue, 18 Aug 2020 07:24:28 GMT
Server: nginx
ETag: "5f3b822c-8442"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33858
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK ritual_1.gif
hi.dn.ua/images/ 211 KB
212 KB 443ms
90ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/ritual_1.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 299cae908ac4a7bbca58f229f2e971009f48202cbec3de519fdc2d7b37b0d75e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Fri, 02 Apr 2021 12:50:44 GMT
Server: nginx
ETag: "60671324-34d02"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 216322
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK emss_2201.gif
hi.dn.ua/images/ 19 KB
20 KB 529ms
90ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/emss_2201.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 5fdf9ee680adb2f1fe8ebbcaba1b6124fe6dbb1a7261e568894e6ea96341d379

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Mon, 25 Jan 2021 13:59:46 GMT
Server: nginx
ETag: "600eced2-4d64"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19812
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 173ms
54ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-10437307-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4310
date: Fri, 25 Feb 2022 18:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 25 Feb 2022 20:04:52 GMT

GET
H2 200 wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfLtrelWfx5ijA.woff2
fonts.gstatic.com/s/firasanscondensed/v9/ 6 KB
7 KB 173ms
55ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v9/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfLtrelWfx5ijA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans+Condensed:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7aaa984a54ee6946f53730ae24cfa99f9d226c4df44b94ab2b8315dccc458f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hi.dn.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 23 Feb 2022 19:36:14 GMT
x-content-type-options: nosniff
age: 171628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6552
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 19:36:14 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
hi.dn.ua/templates/shaper_newskit/fonts/ 75 KB
76 KB 179ms
93ms Font
text/plain 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL

https://hi.dn.ua/templates/shaper_newskit/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/templates/shaper_newskit/css/template.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),

Reverse DNS

56.29.109.78.hosting.ua

Software

nginx /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Origin: https://hi.dn.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Fri, 25 Feb 2022 19:21:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Mon, 04 Dec 2017 05:08:40 GMT
Server: nginx
ETag: W/"7d40382-12d68-55f7cb624c600"
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK newskit.ttf
hi.dn.ua/templates/shaper_newskit/fonts/ 26 KB
26 KB 182ms
94ms Font
application/octet-stream 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/templates/shaper_newskit/fonts/newskit.ttf?9ymzo3
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 81b7b2f584dcfe1c72be286287e21f6258f621fed241d139793108e1cdbefc7c

Request headers

Referer: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Origin: https://hi.dn.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Mon, 04 Dec 2017 05:08:40 GMT
Server: nginx
ETag: "5a24d858-66dc"
Content-Type: application/octet-stream
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26332
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMR0cjRYhY8.woff2
fonts.gstatic.com/s/firasanscondensed/v9/ 16 KB
16 KB 247ms
130ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v9/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMR0cjRYhY8.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b37fe651a9bd15cb746d762c7bb682d87b495aacac039f6ceb615e121b3fdd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hi.dn.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 23 Feb 2022 19:36:11 GMT
x-content-type-options: nosniff
age: 171631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16644
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 19:36:11 GMT

GET
H2 200 wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrelWfx4.woff2
fonts.gstatic.com/s/firasanscondensed/v9/ 16 KB
16 KB 184ms
67ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v9/wEOhEADFm8hSaQTFG18FErVhsC9x-tarUfbtrelWfx4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8470a323b64dee607fda5b6c20470a005e354677c612e7a1b4a6d37f501bb720

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hi.dn.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 23 Feb 2022 19:36:11 GMT
x-content-type-options: nosniff
age: 171631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16552
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 19:36:11 GMT

GET
H2 200 wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMB0cjRYhY8XEA.woff2
fonts.gstatic.com/s/firasanscondensed/v9/ 6 KB
7 KB 254ms
147ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v9/wEOsEADFm8hSaQTFG18FErVhsC9x-tarWQXOuMB0cjRYhY8XEA.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4796c928f461fe41cdf60bad297d4620b56d13eaa008f3ae127ec4d60e569ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hi.dn.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 23 Feb 2022 19:36:27 GMT
x-content-type-options: nosniff
age: 171615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6644
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:19:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 19:36:27 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 178ms
58ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd49d9fd5c76f7597060a4bfa05c737fddcc7b4768f60fd6446b991288f73ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: x9ECXB7+WKxKqBDPmWoVDw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Fri, 25 Feb 2022 19:20:47 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: 76c2EKxMYNRnnyuej6YBCrZvpjf4kG/oLkGQJ0/UJzh4j9seNUW4HY/LVP9k0fGIEGDzfOz45w8MKaLP4206ug==
x-fb-trip-id: 686109401
x-fb-content-md5: 76be6567f134ec0ddda5fe60d77cc57d
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 25 Feb 2022 19:16:42 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "7b1d23b8f07b7281e282ae35bc8951aa"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t14.6;r;s1600*1200*24;uhttps%3A//hi.dn.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u041A%u0440%u0430%u043C%u0430%u0442%u043E%u0440%u0441%u043A%u0430%2C%20%u0433%...
https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttps%3A//hi.dn.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u041A%u0440%u0430%u043C%u0430%u0442%u043E%u0440%u0441%u043A%u0430%2C%20%u043...

253 B
739 B

105ms
105ms

Image
image/gif

88.212.201.210
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttps%3A//hi.dn.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u041A%u0440%u0430%u043C%u0430%u0442%u043E%u0440%u0441%u043A%u0430%2C%20%u0433%u0430%u0437%u0435%u0442%u0430%20%u041F%u0440%u0438%u0432%u0435%u0442%20-%20%u041E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F%20%u041A%u0440%u0430%u043C%u0430%u0442%u043E%u0440%u0441%u043A%u0430;0.32547705628119017

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

HTTP/1.1

Server

88.212.201.210 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host210.rax.ru

Software

nginx/1.17.9 /

Resource Hash

fdb64ba2f52ae7db430667672de01407d1ffdc54ae7484ac75db997a5458eb00

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 19:16:43 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 253
Expires: Wed, 24 Feb 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 19:16:43 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t14.6;r;s1600*1200*24;uhttps%3A//hi.dn.ua/;h%u041D%u043E%u0432%u043E%u0441%u0442%u0438%20%u041A%u0440%u0430%u043C%u0430%u0442%u043E%u0440%u0441%u043A%u0430%2C%20%u0433%u0430%u0437%u0435%u0442%u0430%20%u041F%u0440%u0438%u0432%u0435%u0442%20-%20%u041E%u0431%u044A%u044F%u0432%u043B%u0435%u043D%u0438%u044F%20%u041A%u0440%u0430%u043C%u0430%u0442%u043E%u0440%u0441%u043A%u0430;0.32547705628119017
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Wed, 24 Feb 2021 21:00:00 GMT

GET
H/1.1 200
OK camera_skins.png
hi.dn.ua/modules/mod_responsive_slider/assets/images/ 24 KB
24 KB 530ms
179ms Image
image/png 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/modules/mod_responsive_slider/assets/images/camera_skins.png
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 42931bd149d230ca9ab1e72b1a914543dc108e3098673d339c1c3d32ccf2d776

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/templates/shaper_newskit/css/template.css
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Mon, 15 Oct 2018 18:26:48 GMT
Server: nginx
ETag: "5bc4dbe8-5e8a"
Content-Type: image/png
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24202
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H/1.1 200
OK IcoMoon.woff
hi.dn.ua/templates/shaper_newskit/fonts/ 25 KB
25 KB 121ms
95ms Font
application/font-woff 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to

Full URL: https://hi.dn.ua/templates/shaper_newskit/fonts/IcoMoon.woff
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d

Request headers

Referer: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Origin: https://hi.dn.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Mon, 04 Dec 2017 05:08:40 GMT
Server: nginx
ETag: "5a24d858-6350"
Content-Type: application/font-woff
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25424
Expires: Sat, 12 Mar 2022 19:21:22 GMT

GET
H2 200 wEOjEADFm8hSaQTFG18FErVhsC9x-tarUfPdr-NRXRxSjQ.woff2
fonts.gstatic.com/s/firasanscondensed/v9/ 17 KB
17 KB 156ms
107ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasanscondensed/v9/wEOjEADFm8hSaQTFG18FErVhsC9x-tarUfPdr-NRXRxSjQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fea49b19938fcbb572a3add8755073ebdce61a7faf6e5122234b1d757eb5f5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hi.dn.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 23 Feb 2022 19:36:14 GMT
x-content-type-options: nosniff
age: 171628
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17208
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:15:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 23 Feb 2023 19:36:14 GMT

GET
H/1.1 200
OK 30b77162bd5619ec7849c547c8787bfd-wide-big.jpg
hi.dn.ua/images/reslidercon/755x384/images/news130/ 52 KB
53 KB 544ms
91ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/reslidercon/755x384/images/news130/30b77162bd5619ec7849c547c8787bfd-wide-big.jpg?1645816602826
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: e78eb36baed0a941949db45b50ad20ed9aef76234a08dcf96126c36037e1b818

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:22 GMT
Last-Modified: Fri, 25 Feb 2022 18:07:19 GMT
Server: nginx
ETag: "62191ad7-d151"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 53585
Expires: Sat, 12 Mar 2022 19:21:22 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
202 B 63ms
62ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1766725460&t=pageview&_s=1&dl=https%3A%2F%2Fhi.dn.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D1%82%D0%B8%20%D0%9A%D1%80%D0%B0%D0%BC%D0%B0%D1%82%D0%BE%D1%80%D1%81%D0%BA%D0%B0%2C%20%D0%B3%D0%B0%D0%B7%D0%B5%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%B2%D0%B5%D1%82%20-%20%D0%9E%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%9A%D1%80%D0%B0%D0%BC%D0%B0%D1%82%D0%BE%D1%80%D1%81%D0%BA%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=199078164&gjid=1676016386&cid=795597458.1645816603&tid=UA-10437307-1&_gid=1820234123.1645816603&_r=1&gtm=2ou2n0&z=537499943

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hi.dn.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 19:16:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hi.dn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 296 KB
83 KB 121ms
59ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=2ccb7f8913371363a7ef1d37fcb1fd59

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6d608a94541739fa2e3b056d0c1470d8cb23e020b76ba35912ae3c2c25d512d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://hi.dn.ua/
Origin: https://hi.dn.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: z3g0Q77vFjdv6LXyV6lRyA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Sat, 25 Feb 2023 17:25:29 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 85358
x-fb-rlafr: 0
x-fb-debug: pporBwslyi3uoQ1Pqt3Z/QNFbFkoiXTYxsVmmlulktDFm/8LohvbwNg3R56FBLHDKvMjpSx7B9As8L46ZJLLJg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 7ab27334bdd6313be9c60e8ef666a837
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 25 Feb 2022 19:16:43 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "29597c7eb832e7cbbb44f3c513adc185"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
434 B 174ms
58ms XHR
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-10437307-1&cid=795597458.1645816603&jid=199078164&gjid=1676016386&_gid=1820234123.1645816603&_u=YEBAAUAAAAAAAC~&z=447605989

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hi.dn.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 25 Feb 2022 19:16:43 GMT
content-type: text/plain
access-control-allow-origin: https://hi.dn.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/ 290 KB
104 KB 153ms
91ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4643767719705239&plah=hi.dn.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b7ea24747712484c1c05b0337f5538e246fb01a18b8d14ddd2de428f444ea92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106770
x-xss-protection: 0
server: cafe
etag: 8686337993692154243
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 19:16:43 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/ Frame 0A05 10 KB
5 KB 173ms
53ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220223/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Fri, 25 Feb 2022 04:58:03 GMT
expires: Fri, 11 Mar 2022 04:58:03 GMT
cache-control: public, max-age=1209600
age: 51520
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
643 B 182ms
62ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hi.dn.ua&callback=_gfp_s_&client=ca-pub-4643767719705239

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202090102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4643767719705239&plah=hi.dn.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e11741ff720cafd40622027c67ffa91f016ce3cbae795201017d9f2411c8adee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 182ms
63ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hi.dn.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Feb 2022 19:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 181ms
62ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hi.dn.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Feb 2022 19:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F08D 31 KB
11 KB 251ms
188ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=185910753&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603084&bpp=4&bdt=1081&idt=267&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6098250588053&frm=20&pv=2&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FPEZdhr8jJ&p=https%3A//hi.dn.ua&dtd=283

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69aeae46fdcc1c9259f63a8b652ead63217a46d04104d68e804554de3d97bd1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 25 Feb 2022 19:16:43 GMT
server: cafe
content-length: 11030
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Feb 2022 19:16:43 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1BE9 436 B
235 B 283ms
248ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&slotname=7070383555&adk=1416559096&adf=2462531430&pi=t.ma~as.7070383555&w=0&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=12&psa=0&format=0xnull&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&fwrattr=true&rh=0&rw=0&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603088&bpp=1&bdt=1086&idt=302&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=2323&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&fu=128&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=iAHSt2cOeT&p=https%3A//hi.dn.ua&dtd=306

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7567b45bff1cc6fabb28ee50ea21c1a047d1e89293f120809eae922e5d9edb16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 25 Feb 2022 19:16:43 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Feb 2022 19:16:43 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BC6 24 KB
10 KB 583ms
551ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=9215904351&adk=1500826456&adf=3527882582&pi=t.ma~as.9215904351&w=785&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=785x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603089&bpp=1&bdt=1086&idt=307&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=3411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=uOD20x9SDl&p=https%3A//hi.dn.ua&dtd=311

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b25a4c9a579d21aa8bd8fdb642b9e4ea4fd2e44d2edbacff18bd0c171d9e0171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 25 Feb 2022 19:16:43 GMT
server: cafe
content-length: 10193
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Feb 2022 19:16:43 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8645 20 KB
9 KB 450ms
424ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62d2e304c4a631e8cafa9af39a02191879c2c1b72f8312796a62cd7b89eff324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 25 Feb 2022 19:16:43 GMT
server: cafe
content-length: 8987
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Feb 2022 19:16:43 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A602 0
19 B 113ms
112ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&adk=1812271804&adf=3025194257&lmt=1645816333&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Fhi.dn.ua%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603102&bpp=1&bdt=1099&idt=321&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280%2C363x280&nras=1&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=5&uci=a!5&fsb=1&dtd=328

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 25 Feb 2022 19:16:43 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Feb 2022 19:16:43 GMT
cache-control: private

GET
H/1.1 200
OK kramatorsk_candle_Holodomor-3.jpg
hi.dn.ua/images/reslidercon/755x384/images/news130/ 55 KB
55 KB 91ms
91ms Image
image/jpeg 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/images/reslidercon/755x384/images/news130/kramatorsk_candle_Holodomor-3.jpg?1645816603617
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: 0d8bda111253195f738529a84680ceca2eeb24551f25cae7c01f43839b70b398

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:23 GMT
Last-Modified: Fri, 25 Feb 2022 16:24:28 GMT
Server: nginx
ETag: "621902bc-dad6"
Content-Type: image/jpeg
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 56022
Expires: Sat, 12 Mar 2022 19:21:23 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9112 118 KB
43 KB 247ms
125ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkrGwAHUkkIFWNlAA9eKgJIaVqXTPiLVIpEoA&u=%7CHiGM6oXEA5U9A3bvdsDCM%2FHNDyoa2mLJP5MyFJVdtBc%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5zvRnTkAPdWlBQTCKyhY3Pl7u_hgncGUFOLaXAXQVWTrbPSx2uidEeIUdbRtiHmGqSHuNuQLYNLmB36m5eghqYV23csNkPN0bdMkjo1LL7O2rQtCcqU83IXjOTIWuJL1iieQ-TgbPM6_gpcc0jdfNN-PuPOQLNmwcYrwGf0F6mhLcBeMN6z0ea7Ghi7ErweTcG5qZ-HUGi6q9iQpkBHsQ89YUk3DzUeRYQ26Vf9MjbxHUToWwJm8Jpdw7kNwjljt4NITVkQkwZ7mpZ_RR4HQgHgtZ6wxBcxWOFCTGTCeftiI_hzCKPJclhcOxML5UIiCkAB--bhvdPy64HiWThNx-yGzJDTMoun9Z8PQmkK_gbKMeAweHMmrVcKqM1S5hfThI4qMaeGOh7YO79msZm-n8EIzGbnE0H-JbpiqSmzy-A3q-83gjJvzliqw2Tqd55wnOcF2R37jMTgs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQFBGysZYsmkHeXG1fAPqry98ArJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNDY0Mzc2NzcxOTcwNTIzOaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTXAU_QEocrcBmKX2qMgjGoOWYp6ewKH-cPWRGJUiRkMawxSCKld6KVVPY4oNiIG9em0rc572UyBS6KQfVVti7r5xVr_MsmiDCBubrkES0MjYAVnPTzewSj5ZwFdxkp-Ai9AoxCZ4NStHtVtmPNDGdlEQ2-rRICddetG5vi2g6alN62u2y4IU17NNH20FwCPk8oV_XsmvT1PCSMLEpYGCg7x8lIJspeCN54cKYK8Q6LTYwpeDHDE0594UrVmuZjXXkoIXxTuJFE8sEH6H7NfpDEuDPmsKfrXSLWgAbvnYGk15WtmxugBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3iGphW_DkFWIzGhsMAq-GUmuhShA%26client%3Dca-pub-4643767719705239%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=185910753&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603084&bpp=4&bdt=1081&idt=267&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6098250588053&frm=20&pv=2&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FPEZdhr8jJ&p=https%3A//hi.dn.ua&dtd=283

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

754fd0da3f8468500a18487b153882f36072b6de75724edf2e21e21ab9433739

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Fri, 25 Feb 2022 19:16:42 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=XZkg4fB8hpGmIOJJzRb6pAqC6XKVLoXzNGygll2Roc8MVcDbJDjll8cnYPJ0EpJ1YsjC3WayxUkw_o93SjKNgk-4kZAmVpXT3wuVCqtH_jT39qRqsubgA-sJEvHpY3IpdmmBpsahpQhQA2H1wafGbw5IqZ8xeCDa6mrcFgDufqJcse7y_6m1Om9zMskcnkovtI4USnj7O9bt1ue9vjLh2fSQ76F3ArLH4mcgIZPjR4eKaOZIDERHbMd0M50"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 67982797
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 1DBC 2 KB
1 KB 181ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:08:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 508
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 19:08:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1DBC 124 KB
39 KB 191ms
70ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38829
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645619776399499"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 19:16:43 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 1DBC 15 KB
7 KB 174ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0
server: cafe
etag: 16791967082338318403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 19:12:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1DBC 0
0 129ms
128ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWLn1GysZYsmkHeXG1fAPqry98ArJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNDY0Mzc2NzcxOTcwNTIzOaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTUAU_QEocrcBmKX2qMgjGoOWYp6ewKH-cPWRGJUiRkMawxSCKld6KVVPY4oNiIG9em0rc572UyBS6KQfVVti7r5xVr_MsmiDCBubrkES0MjYAVnPTzewSj5ZwFdxkp-Ai9AoxCZ4NStHtVtmPNDGdlEQ2-rRICddetG5vi2g6alN62u2y4IU17NNH20FwCPk8oV_XsmvT1PCSMLEpYGCg7x8lIJspeCN54cKYK8Q6LTc4rWaNEnNJuXtbBOTZe-4EhNXblsr9ccHXP1dg_wY7ooLZMNLRUgAbvnYGk15WtmxugBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NjQzNzY3NzE5NzA1MjM5GAA&sigh=FfV_-17est8&uach_m=[UACH]&cid=CAQSGwCNIrLMMe5SHYpuUOhlIazYF-3p1ld7u44s3hgB

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3978955824&adf=185910753&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603084&bpp=4&bdt=1081&idt=267&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&correlator=6098250588053&frm=20&pv=2&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=30&ady=2096&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=FPEZdhr8jJ&p=https%3A//hi.dn.ua&dtd=283
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 25 Feb 2022 19:16:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 25 Feb 2022 19:16:43 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 1DBC 0
0 195ms
58ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U_i0EeKBMMAC4AOdg2ICAgAAAEK0_xiRMXplzzvhDqlQ6LAQGysZYn9wsH6w-mHjos0YABI&wp=YhkrGwAHUkkIFWNlAA9eKgJIaVqXTPiLVIpEoA

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:43 GMT
server: Kestrel
server-processing-duration-in-ticks: 238665
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 52D9 624 B
299 B 80ms
79ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY15udwwEwAQ&v=APEucNUZ_y6YYv5j6WydVsBvuq-wnJH6JTpVe9UX7XsFurikA_rqcQR3UUHFC8VNPL_eH-ZX-bpcRSyOzxoSPFOvCHQSvFq7YXYT8yABDGi9LSWTecHjlr4vZqjjrslae0UW4BivQru5abR4lFTWCOZhitBZKEIqjQgHmm5IiCsNnAlGYeN0ZXI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 25 Feb 2022 19:16:43 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 25 Feb 2022 19:16:43 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1FC7 87 KB
34 KB 117ms
117ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsyqgCHLvvOmOpzU9h0hj-9rRZt0x_DPaTnAHJ2rIqkr0dZn5zdlyh1gc3LloTodJTIqTVrHgOW_nPCVv-hfLzDUAxoe-GeNz8sq0i8Yf5Jm4zeNV5rtaeck4Y4mcDo-630wwaLuT9JUzxj0f8wNnijMEhoA&dbm_d=AKAmf-C-vJMR56lW17WKL8YN2nDqsJ4q8PFL4IOCBtEFrd7Zx1RcQSbZ7B_k4YfQd2phO90XvbGCwyHu5FdQZROg8oViZf_QTvJscjBx0GjGd0LHC0t_kwaI7YOMl6D_bX34pYhxLynX_6YnQ99p3wIyoRb8i7nn098wQzlvql6uBtwXQuqACYMwzQ0NV0ED652Rwlt_NLDH4sLNWpiA8UOwHAoIm5V33qKtYFO8xq9g2Icr631R5jrAbQAKZP60jNsQDzdIP3tFOMbqPn79iUr1BOYAnQG942WwB-cwKExC165SGPPp2B1zasPkrzs_DgEeTq0DarcPbA8uL-t70lE3layRqBGihLDrhfHpJt4HMvVRrSr1NsftWLf_aoGv67CjKi6c6yVmQv_HmTw6oKCgqF69g7L9M-qOgzTROnD7nfc3Ds5ckYxC1FrRU-uw-zTyDaTgC112OXHRNnEDlTC-4tJGE69zCzgDy0Z20WdAZ02dFQw8uPHXHK-BZXqr-CVlIk4dQThAkZlfIjrRyGgL0UepKp8HRahvlVaVoHhD8cOho9NUaaboMJ5DwjAVRnokDOJ93QzRWI5gL5tQNuZdnudLE-4x92D6XjCzad1A0bNsj3aGijuXLtD6blGcZHXAugZrTBuABfEon6UEwFgWtOD5XYSEO-Xda_k7qqInsHUfHhvcTTMiCI2_mte6DoovQHohxSGOQC0iEPolwfFxC-A45LzByCE4nlmXDMSjOYaCHa0u_mZe9g33SrdKx817-3CMNyzA7l0apkURTvoApp7-2yo5ztzJi2VToM9Yh1UyzvMY3xgGEAXOiYfHLG7YAl5jkoS9RxhwJJYSfU7WihoBfjksdBl5CQ_PSJa2kjuqWE9UrtO6L2A5-SVwsZGYq_uTchl2KS4Jf2TLOcCqWzJpPzrMvZ_Z36uBAgAhQ0X4VKjUpe2MuPc281AOVq5DHe2iJErM505Tbmflj00OrDKIAfEqVHOcsJc33qy-QNAOlt-X_2cTwnrvexHZ8HQJf9dviTM9C7jVF-enRJKXcqTH6nyxFG-C7b0k62ETRtJfVwIYIvnZjfInzzJNqNI8MyifzFc6_IfqglAo3yMwbw7LHAQOS6sUZPa8rDcNCto_qgjm6RGBA9ZsqKEeP62AisxT1eXMRPbEFCTeHZ3kGZfte1kECl7cLEGg88HubNt7HghcyjBkN-MvRntFAc7Kv1nJqRuw695QSG_N4bx3L5TF2xH4VZmIkdQLa0zVsNuMy8wTNa_ZoNUofdhcR_DsYZofjY31zQ_Apjqb_voSOXRxm0POb476MPhC7s40B2CdleuukSdfdkdFukqYdWHNNBHZd37bo9ZsCxAvijYPXqU6Wk_fbe-Yf_wgxBWKgo4T3h_MTle4S7MhfV81q_j6wk4HnKMv7NhWf-1hmr_IdCWkXlRIgv3fUI-RXUB5hnsqhr9JGdhJuUtUaoyWl87SbyF21R0NcihXVfd6MXeLUDhxCW7kvq-i1VBIUg_tayDJgkL3W7topXpqvHWPJKdGQCM33IVDRIGNtMAAnXpcz7S4qTHnPu35lh6_7o_s6c6EyQXX1KAXkMWfZhVHwORM4JXEpQPVcWdoSsXm_R7KU1fWol_bffj0CohU9KIUSrd1DR-CfTj6McMjqphMMP94q6MzqODePDYMkqXzAOiX4dzUhkJSxYGhwiquIREdGGR1fSj6PtGl-h0YjNLnmJBtdM5jVP0ZL-dSUeRaStqhsKhDSu0lSO7U6EqXX-o400oaVjhldtJnC5NZ3kb5ebE-nK7Cf5TMgSTYySjOTpg03bjQ6av5w0kDtU6_cXQUHOo6Kp-FzhCy_RQ_ve_6ipYnWPyygTzOBRVr7sFeWTHcT3lujrJYInrE52__nxi3LqcktJP-yunk-wJwMquaC8NA0Hy2IpYQJ5EAmvBnXSIR976N8ZqHzmwmI8z_QG6nbpwx7JFTAJ88ZxQaQpN3ot5JvNwNtnh_Ujxw35ScUE18FQcqor23JQdeHPrJ3QH3qdjSxQERjtxJTv32Is9rPXBjjIiVs1N4QEaY_FvMfRx83oacZGypMTqmpn_NNvlm1V_0oCTh20AYG_A3xF6wRzGxI-dXawbOae04qK3iiVg73H0ZIkbUgcaeGZQ2c6xmWcl228A1BYP0nTP65vK5MaT7v6pETJWOduZL9Nk6Xt-adR4V3DZ8mMAxdX5n2gUYGSED_qvMaTPtBw97VIUlyV516RVz3jNlLmfpA4PpyO_NjjiBR9tI2vUX4QiGkWvQhu2lk5bOp0QKwjIUqYoYY_75LtYJ5I22ivIc0H-sX5ZA3qBcR9e3rkIMnHuse-1pv2QV99x-U5gggAY3Fd0RXQ_wo9rvwC9BnilOU7rdjyDfKeWQhGvNisBGDIRbLObocJUUlG0SEkHmQYRx4zas0fYKJkvRU0PfM5Pw-PyK7PCZMdVx0j2LWI6vuVRRj_-WMPCdg8hvp-UWLyAm87fUQNdvm8P1DS88Qq7_TKEtRcOmLfxogsnecoLshuQYcJhUJoG2cCGNmdY3LWuBPQgEJAWW8YyN37c4T79rtVZsPzFA6ZL5fTULsnvMfpJ1A4T3ESh8qeD-IcLQNt7YGEXq8MPFOxhP9IunjvDhEVvnD6cpY0OqXJBZ2luDA7JtycugqFlLcCFIlfkmRDPXcJ5YAezMYGhs8hN0bpJFhOwXhq55VUX_qaMY3QmBuWqVbuzI8FKP55glA3_Nd4U_StKxymRIjnppbqAAX3FMokw27YcItq2zi4MGCrvcByqmjSXZ8o00QtKqjIj2pCuBEC0hEv5xIJMRLMz2bhOG4XvGLebges37mNknKWZCTssw2XvQDvuK6YcXf5nr4M68BdqPf-vXJlXuaYa-wrz2WVyZZZ80tpLUTT9CD-AjQJ_xD75vzef4uDfb4svNbIUAadPXPcp0qmAxYUAPOLplyi_FtcMej9yN6PjqQQxq1Jb8TDB1hq8ILWl_4MKNn_On4DzNUwbZYtaFm3_Ns84EVBg3bJNqiz1w8KKVdLWKeyWLt_7gljRksetXLBGtH3qXYacYSF7yceP2tTfC&cid=CAASBORoNK0&rfl=2%2Chttps%253A%252F%252Fhi.dn.ua%252F%240

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23da922405663f5d592a1c7b410fbf63895a0d63aa1a2688ef6c593096c77001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 19:16:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34834
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 1FC7 2 KB
1 KB 127ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 19:11:51 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 1FC7 15 KB
6 KB 121ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0
server: cafe
etag: 16791967082338318403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 19:12:23 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FC7 124 KB
38 KB 136ms
73ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38829
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645619776399499"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 19:16:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FC7 42 B
63 B 91ms
90ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BVDh_BJbndepqEw8PRKKdPuvRpdd99yphesEPJtph8qjxMg91QaE0HS5MqLW1K38V8TPZHAC4tm4_eCmiezcfa8_xilM9IacPDrNR4EyyNBeTZcxw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 19:16:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9112 2 KB
1 KB 230ms
112ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkrGwAHUkkIFWNlAA9eKgJIaVqXTPiLVIpEoA&u=%7CHiGM6oXEA5U9A3bvdsDCM%2FHNDyoa2mLJP5MyFJVdtBc%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5zvRnTkAPdWlBQTCKyhY3Pl7u_hgncGUFOLaXAXQVWTrbPSx2uidEeIUdbRtiHmGqSHuNuQLYNLmB36m5eghqYV23csNkPN0bdMkjo1LL7O2rQtCcqU83IXjOTIWuJL1iieQ-TgbPM6_gpcc0jdfNN-PuPOQLNmwcYrwGf0F6mhLcBeMN6z0ea7Ghi7ErweTcG5qZ-HUGi6q9iQpkBHsQ89YUk3DzUeRYQ26Vf9MjbxHUToWwJm8Jpdw7kNwjljt4NITVkQkwZ7mpZ_RR4HQgHgtZ6wxBcxWOFCTGTCeftiI_hzCKPJclhcOxML5UIiCkAB--bhvdPy64HiWThNx-yGzJDTMoun9Z8PQmkK_gbKMeAweHMmrVcKqM1S5hfThI4qMaeGOh7YO79msZm-n8EIzGbnE0H-JbpiqSmzy-A3q-83gjJvzliqw2Tqd55wnOcF2R37jMTgs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCcQFBGysZYsmkHeXG1fAPqry98ArJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNDY0Mzc2NzcxOTcwNTIzOaAB1bbS6gPIAQmpAtTZLUbg3bI-qAMBqgTXAU_QEocrcBmKX2qMgjGoOWYp6ewKH-cPWRGJUiRkMawxSCKld6KVVPY4oNiIG9em0rc572UyBS6KQfVVti7r5xVr_MsmiDCBubrkES0MjYAVnPTzewSj5ZwFdxkp-Ai9AoxCZ4NStHtVtmPNDGdlEQ2-rRICddetG5vi2g6alN62u2y4IU17NNH20FwCPk8oV_XsmvT1PCSMLEpYGCg7x8lIJspeCN54cKYK8Q6LTYwpeDHDE0594UrVmuZjXXkoIXxTuJFE8sEH6H7NfpDEuDPmsKfrXSLWgAbvnYGk15WtmxugBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3iGphW_DkFWIzGhsMAq-GUmuhShA%26client%3Dca-pub-4643767719705239%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9112 2 KB
1 KB 174ms
57ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9112 308 B
636 B 175ms
58ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 close.jpg
static.criteo.net/flash/icon/ Frame 9112 8 KB
8 KB 229ms
111ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

065734ca38e4bce06b5164f1ef8f19d579e7d7d9c92add1450bbe30264ff6c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
last-modified: Mon, 26 May 2014 13:42:14 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "538344b6-1e07"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7687
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 9112 507 B
835 B 174ms
57ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 9112 43 B
347 B 188ms
58ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=8MeQXxnHx7h9bznem60IyzsTC3lQ4qWqh_hrocGyXyRKsPTZjqE9ppVOdVJy2wupiJJZZLVxH5t7aEy237FJ_PyX0LrGGBpg1PkdyCNQ3ApEKEQk0j5AMBu3O_L2Jk1t3LVF6diB9j9A33ZN5D1pltIl5hu4Y-zuOe9qPbOUUhb1uF8lo-m7NOUnln0aHLvet5VEVXTPsX52bkAA0qvumvsyhyUbZoY1SfSMuEWbw0ihyGYHZK2D-ylhr4ndMhD0CZPjqOneR6Ny9j5nKq32tHcIFwr-v0GmA3GI-Adf4vMVVkGP2jibEn7Rc-2e0ta8K5wNt8NwjMJRh0w6IABHHKafskzFCCKtv9tghE5DqXaXNM7W9vEa097BOJ0jLX5VfbNHWmNebOulesVC97eACbppIMLUbFTGxksgE0u2ptlSHVOPiYwceQ7RoXEKRMVwepPUTg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 19:16:43 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2485537
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 1DBC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf57bf5ddb24fc8fb0daa5367f529efd847f146a249c0e228b8d856159979d8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9112 12 KB
5 KB 144ms
50ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1892254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEMszAzBiMo%2Flb3fH2Ny4u1wb8AtqqlTUcQ66UPOgMLOKRqbgncak4PrLX7YhBWmXV4C2fDnJDSNa5%2F88ltpDz%2BhfwPzIkC38dMopt6ffPEYL0Ok1AEJJ%2FlQMLl9tRnC8HDeYxVf%2Bza5YOEjvegVP%2FM2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e33450f6c817765-LHR
expires: Wed, 15 Feb 2023 19:16:44 GMT

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 9112 68 KB
68 KB 231ms
117ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 9112 68 KB
68 KB 328ms
214ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9112 12 KB
6 KB 71ms
63ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9112 24 KB
24 KB 245ms
127ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F211022%2F45f963b9b4db4061b7e96b7b9b33fb3d_img_horizontal_1.png&v=3&w=1200&s=aIsSsacyWVs96MWgv5ZIoipd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28303447
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24138
expires: Thu, 19 Jan 2023 09:20:51 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9112 0
127 B 184ms
63ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=XZkg4fB8hpGmIOJJzRb6pAqC6XKVLoXzNGygll2Roc8MVcDbJDjll8cnYPJ0EpJ1YsjC3WayxUkw_o93SjKNgk-4kZAmVpXT3wuVCqtH_jT39qRqsubgA-sJEvHpY3IpdmmBpsahpQhQA2H1wafGbw5IqZ8xeCDa6mrcFgDufqJcse7y_6m1Om9zMskcnkovtI4USnj7O9bt1ue9vjLh2fSQ76F3ArLH4mcgIZPjR4eKaOZIDERHbMd0M50&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 25 Feb 2022 19:16:43 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9112 2 KB
1 KB 109ms
109ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9112 2 KB
1 KB 109ms
109ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 52D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfxmKFmkV8I8lUiXEpUnF0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfxmKFmkV8I8lUiXEpUnF0&google_cver=1&C=1

43 B
1013 B

133ms
133ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfxmKFmkV8I8lUiXEpUnF0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY15udwwEwAQ&v=APEucNUZ_y6YYv5j6WydVsBvuq-wnJH6JTpVe9UX7XsFurikA_rqcQR3UUHFC8VNPL_eH-ZX-bpcRSyOzxoSPFOvCHQSvFq7YXYT8yABDGi9LSWTecHjlr4vZqjjrslae0UW4BivQru5abR4lFTWCOZhitBZKEIqjQgHmm5IiCsNnAlGYeN0ZXI
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 19:16:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 25 Feb 2022 19:16:44 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 19:16:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfxmKFmkV8I8lUiXEpUnF0&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Fri, 25 Feb 2022 19:16:44 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 52D9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YhkrHMQxko2Y2FTi5SnBeAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfxmKFmkV8I8lUiXEpUnF0&google_cver=1

43 B
893 B

96ms
95ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfxmKFmkV8I8lUiXEpUnF0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY15udwwEwAQ&v=APEucNUZ_y6YYv5j6WydVsBvuq-wnJH6JTpVe9UX7XsFurikA_rqcQR3UUHFC8VNPL_eH-ZX-bpcRSyOzxoSPFOvCHQSvFq7YXYT8yABDGi9LSWTecHjlr4vZqjjrslae0UW4BivQru5abR4lFTWCOZhitBZKEIqjQgHmm5IiCsNnAlGYeN0ZXI
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 19:16:44 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 25 Feb 2022 19:16:44 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Feb 2022 19:16:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOfxmKFmkV8I8lUiXEpUnF0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 52D9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEG2W0Em6jk7iLm8Weg9PmLs&google_cver=1

43 B
1004 B

160ms
77ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEG2W0Em6jk7iLm8Weg9PmLs&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM6njwIQ8cnEggIY15udwwEwAQ&v=APEucNUZ_y6YYv5j6WydVsBvuq-wnJH6JTpVe9UX7XsFurikA_rqcQR3UUHFC8VNPL_eH-ZX-bpcRSyOzxoSPFOvCHQSvFq7YXYT8yABDGi9LSWTecHjlr4vZqjjrslae0UW4BivQru5abR4lFTWCOZhitBZKEIqjQgHmm5IiCsNnAlGYeN0ZXI

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 19:16:44 GMT
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3b9f6647-acd3-4f3e-b1ee-07510e475820
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 25 Feb 2022 19:16:44 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEG2W0Em6jk7iLm8Weg9PmLs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 52D9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc2NDY4MjQ4OTcyNzg3NTEzMw%3D%3D

170 B
188 B

143ms
80ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc2NDY4MjQ4OTcyNzg3NTEzMw%3D%3D

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 19:16:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 19:16:44 GMT
X-Proxy-Origin: 82.199.130.37; 82.199.130.37; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 50977e65-de35-4e58-96ba-4f079672ea25
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc2NDY4MjQ4OTcyNzg3NTEzMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 3BC6 2 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=9215904351&adk=1500826456&adf=3527882582&pi=t.ma~as.9215904351&w=785&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=785x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603089&bpp=1&bdt=1086&idt=307&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=3411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=uOD20x9SDl&p=https%3A//hi.dn.ua&dtd=311

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 19:11:51 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BC6 124 KB
38 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38829
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1645619776399499"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 19:16:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/ Frame 3BC6 15 KB
6 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220223/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:12:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6434
x-xss-protection: 0
server: cafe
etag: 16791967082338318403
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 19:12:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3BC6 0
0 127ms
126ms Fetch
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ1OJGysZYq6IH9zQmQad9YbYDMme0rFczYbj1pMBwI23ARABIABglQKCARdjYS1wdWItNDY0Mzc2NzcxOTcwNTIzOaAB1bbS6gPIAQmpAlwtR9v00bI-qAMBqgSwAU_QZtfnIEKhPOrrmps_xnBbopGuH8kVFt_anvmmcc0zqqZ1ENxQV6cUy1yE9H2XKAxudeJLtVzhPkKlGU68dAKSqFFlQjXWuX0haPXUuLswFKz6NX2zv22csrfgr0J-MTv1u50-gzdWcQ5TCjNank5X9tYWwamsJ5_1qnhDj-UbGTlpXdUJnUJm8w-D2dAdSMCircLwRZk8BJrImx9OKsJKk8ElAYg4pmipaVlUjb9dgAbvnYGk15WtmxugBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00NjQzNzY3NzE5NzA1MjM5GAA&sigh=3IP4G9BbySU&uach_m=[UACH]&cid=CAQSGwCNIrLM-Rv3RUXWsPnGhiM9LI9D0GtTA2DPQBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=9215904351&adk=1500826456&adf=3527882582&pi=t.ma~as.9215904351&w=785&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=785x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603089&bpp=1&bdt=1086&idt=307&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=408&ady=3411&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=3&fsb=1&xpc=uOD20x9SDl&p=https%3A//hi.dn.ua&dtd=311
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 25 Feb 2022 19:16:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 3BC6 0
0 58ms
58ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U_i0Ecz6RJEGmAKdg2ICAgAAANwQGhD4fsPvzzvhDqlQ6LAQGysZYmhOqutFpFztwGIFABI&wp=YhkrGwAHxC4KxmhcAAG6nTZ_h3J9T8K0NW9LLA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:43 GMT
server: Kestrel
server-processing-duration-in-ticks: 266887
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 59CB 118 KB
43 KB 143ms
142ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkrGwAHxC4KxmhcAAG6nTZ_h3J9T8K0NW9LLA&u=%7CHiGM6oXEA5XwqLAON2WPOQZ73Tvj%2Bt%2B0ZRTPTKhYs%2Bc%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5zvRnTkAPdWmvLVilgC0DiLTcQ9rLc1tTVgAqhfDjCpZ-ihRuUaJZoCo7N0XMR6dWO4Lmf2Go8U8nidn4uIPHoFL_NhhaqPA1zDlIiEQ9GQ_BxTxh8sHu48127E1Vtb0KfLGRlnphPpElY1cwrLz3hcoQZ7cNwWCnYzCShMdyhi7xrcnRT8XtsJH6Gbmd0NfUWWuHo5Zq8UfUWzdzQYBX-OVoD4AI-ZMlQybN5XwhVGuA3oX2uuiql8Gn8hL2aeHc94jYe4ZsWPGTLFfiwQO58N5M1dERTP9n5ytsjtX88q3hGrTgFDBv-sn_TgNF2ir4JOWcfRLKE3doJmPSf-KM1VPmEkLdnUBbO90koqGw2WytIzAMM1l4AJkfWKpXK94Y4eA4pvr9BShqSsp0YPlSwpzhkPv-j3A4bbJMkv9Qom2iq7Dxrf8oHvgmAV_lTPkmkTtVrKOx9I4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaR8yGysZYq6IH9zQmQad9YbYDMme0rFczYbj1pMBwI23ARABIABglQKCARdjYS1wdWItNDY0Mzc2NzcxOTcwNTIzOaAB1bbS6gPIAQmpAlwtR9v00bI-qAMBqgSzAU_QZtfnIEKhPOrrmps_xnBbopGuH8kVFt_anvmmcc0zqqZ1ENxQV6cUy1yE9H2XKAxudeJLtVzhPkKlGU68dAKSqFFlQjXWuX0haPXUuLswFKz6NX2zv22csrfgr0J-MTv1u50-gzdWcQ5TCjNank5X9tYWwamsJ5_1qnhDj-UbGTlpXdUJnUJm802B-EKax1yxEl7k5kkBomLBjxX4IOxSEXXtPC7KGXaFcdz-Cazi2T3FgAbvnYGk15WtmxugBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1nkKotrZthbOXA0jmctudWoXcBIg%26client%3Dca-pub-4643767719705239%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2b86bc31b7af1c33e9fd4ebdb74e74d7af92a491616092822f633ec9bc4e7184

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Fri, 25 Feb 2022 19:16:43 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=w9S72fB8hpGmIOJJFFhBkKF9_Vx6tgq1D6bcKVWpvxvKhbljQAkq51Oc73Ut8sTtVusvwVm9EbbC6X4SFe6HqkbyvRzl-yY03AhCuYZlqfxHICYySWLMD2ulM4S4Drox67QVF4M_JPz26eMCck9fTymoUXmBDdiFibmQ3eeLS4Z4HkEmhBRn5mtr_4scts_JuZKU1X6SsMVrKmb9Q0jrq2Ogga8T4qtQ3YfNa4e7BcEkUlDx6NryeiSB9BhKRtr_uBt7Ig"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 70460470
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/963770/61152063/ Frame 1FC7 47 KB
12 KB 223ms
69ms Script
application/javascript 34.250.206.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/963770/61152063/skeleton.js?ias_dspID=3&ias_campId=26959354&ias_pubId=pub-4643767719705239&ias_chanId=1&ias_placementId=16384157643&bidurl=https://hi.dn.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hYfwal2b5-PmZOkvq8U0DL
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.206.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-206-93.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 9c18861d2ab695ecc9854466fa63a1e0d1ba7ff1a3a731544cbd3563ee1ea7ee

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 1FC7 106 KB
38 KB 179ms
63ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 14:21:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Feb 2022 14:21:34 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/ Frame 1FC7 8 KB
3 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsyqgCHLvvOmOpzU9h0hj-9rRZt0x_DPaTnAHJ2rIqkr0dZn5zdlyh1gc3LloTodJTIqTVrHgOW_nPCVv-hfLzDUAxoe-GeNz8sq0i8Yf5Jm4zeNV5rtaeck4Y4mcDo-630wwaLuT9JUzxj0f8wNnijMEhoA&dbm_d=AKAmf-C-vJMR56lW17WKL8YN2nDqsJ4q8PFL4IOCBtEFrd7Zx1RcQSbZ7B_k4YfQd2phO90XvbGCwyHu5FdQZROg8oViZf_QTvJscjBx0GjGd0LHC0t_kwaI7YOMl6D_bX34pYhxLynX_6YnQ99p3wIyoRb8i7nn098wQzlvql6uBtwXQuqACYMwzQ0NV0ED652Rwlt_NLDH4sLNWpiA8UOwHAoIm5V33qKtYFO8xq9g2Icr631R5jrAbQAKZP60jNsQDzdIP3tFOMbqPn79iUr1BOYAnQG942WwB-cwKExC165SGPPp2B1zasPkrzs_DgEeTq0DarcPbA8uL-t70lE3layRqBGihLDrhfHpJt4HMvVRrSr1NsftWLf_aoGv67CjKi6c6yVmQv_HmTw6oKCgqF69g7L9M-qOgzTROnD7nfc3Ds5ckYxC1FrRU-uw-zTyDaTgC112OXHRNnEDlTC-4tJGE69zCzgDy0Z20WdAZ02dFQw8uPHXHK-BZXqr-CVlIk4dQThAkZlfIjrRyGgL0UepKp8HRahvlVaVoHhD8cOho9NUaaboMJ5DwjAVRnokDOJ93QzRWI5gL5tQNuZdnudLE-4x92D6XjCzad1A0bNsj3aGijuXLtD6blGcZHXAugZrTBuABfEon6UEwFgWtOD5XYSEO-Xda_k7qqInsHUfHhvcTTMiCI2_mte6DoovQHohxSGOQC0iEPolwfFxC-A45LzByCE4nlmXDMSjOYaCHa0u_mZe9g33SrdKx817-3CMNyzA7l0apkURTvoApp7-2yo5ztzJi2VToM9Yh1UyzvMY3xgGEAXOiYfHLG7YAl5jkoS9RxhwJJYSfU7WihoBfjksdBl5CQ_PSJa2kjuqWE9UrtO6L2A5-SVwsZGYq_uTchl2KS4Jf2TLOcCqWzJpPzrMvZ_Z36uBAgAhQ0X4VKjUpe2MuPc281AOVq5DHe2iJErM505Tbmflj00OrDKIAfEqVHOcsJc33qy-QNAOlt-X_2cTwnrvexHZ8HQJf9dviTM9C7jVF-enRJKXcqTH6nyxFG-C7b0k62ETRtJfVwIYIvnZjfInzzJNqNI8MyifzFc6_IfqglAo3yMwbw7LHAQOS6sUZPa8rDcNCto_qgjm6RGBA9ZsqKEeP62AisxT1eXMRPbEFCTeHZ3kGZfte1kECl7cLEGg88HubNt7HghcyjBkN-MvRntFAc7Kv1nJqRuw695QSG_N4bx3L5TF2xH4VZmIkdQLa0zVsNuMy8wTNa_ZoNUofdhcR_DsYZofjY31zQ_Apjqb_voSOXRxm0POb476MPhC7s40B2CdleuukSdfdkdFukqYdWHNNBHZd37bo9ZsCxAvijYPXqU6Wk_fbe-Yf_wgxBWKgo4T3h_MTle4S7MhfV81q_j6wk4HnKMv7NhWf-1hmr_IdCWkXlRIgv3fUI-RXUB5hnsqhr9JGdhJuUtUaoyWl87SbyF21R0NcihXVfd6MXeLUDhxCW7kvq-i1VBIUg_tayDJgkL3W7topXpqvHWPJKdGQCM33IVDRIGNtMAAnXpcz7S4qTHnPu35lh6_7o_s6c6EyQXX1KAXkMWfZhVHwORM4JXEpQPVcWdoSsXm_R7KU1fWol_bffj0CohU9KIUSrd1DR-CfTj6McMjqphMMP94q6MzqODePDYMkqXzAOiX4dzUhkJSxYGhwiquIREdGGR1fSj6PtGl-h0YjNLnmJBtdM5jVP0ZL-dSUeRaStqhsKhDSu0lSO7U6EqXX-o400oaVjhldtJnC5NZ3kb5ebE-nK7Cf5TMgSTYySjOTpg03bjQ6av5w0kDtU6_cXQUHOo6Kp-FzhCy_RQ_ve_6ipYnWPyygTzOBRVr7sFeWTHcT3lujrJYInrE52__nxi3LqcktJP-yunk-wJwMquaC8NA0Hy2IpYQJ5EAmvBnXSIR976N8ZqHzmwmI8z_QG6nbpwx7JFTAJ88ZxQaQpN3ot5JvNwNtnh_Ujxw35ScUE18FQcqor23JQdeHPrJ3QH3qdjSxQERjtxJTv32Is9rPXBjjIiVs1N4QEaY_FvMfRx83oacZGypMTqmpn_NNvlm1V_0oCTh20AYG_A3xF6wRzGxI-dXawbOae04qK3iiVg73H0ZIkbUgcaeGZQ2c6xmWcl228A1BYP0nTP65vK5MaT7v6pETJWOduZL9Nk6Xt-adR4V3DZ8mMAxdX5n2gUYGSED_qvMaTPtBw97VIUlyV516RVz3jNlLmfpA4PpyO_NjjiBR9tI2vUX4QiGkWvQhu2lk5bOp0QKwjIUqYoYY_75LtYJ5I22ivIc0H-sX5ZA3qBcR9e3rkIMnHuse-1pv2QV99x-U5gggAY3Fd0RXQ_wo9rvwC9BnilOU7rdjyDfKeWQhGvNisBGDIRbLObocJUUlG0SEkHmQYRx4zas0fYKJkvRU0PfM5Pw-PyK7PCZMdVx0j2LWI6vuVRRj_-WMPCdg8hvp-UWLyAm87fUQNdvm8P1DS88Qq7_TKEtRcOmLfxogsnecoLshuQYcJhUJoG2cCGNmdY3LWuBPQgEJAWW8YyN37c4T79rtVZsPzFA6ZL5fTULsnvMfpJ1A4T3ESh8qeD-IcLQNt7YGEXq8MPFOxhP9IunjvDhEVvnD6cpY0OqXJBZ2luDA7JtycugqFlLcCFIlfkmRDPXcJ5YAezMYGhs8hN0bpJFhOwXhq55VUX_qaMY3QmBuWqVbuzI8FKP55glA3_Nd4U_StKxymRIjnppbqAAX3FMokw27YcItq2zi4MGCrvcByqmjSXZ8o00QtKqjIj2pCuBEC0hEv5xIJMRLMz2bhOG4XvGLebges37mNknKWZCTssw2XvQDvuK6YcXf5nr4M68BdqPf-vXJlXuaYa-wrz2WVyZZZ80tpLUTT9CD-AjQJ_xD75vzef4uDfb4svNbIUAadPXPcp0qmAxYUAPOLplyi_FtcMej9yN6PjqQQxq1Jb8TDB1hq8ILWl_4MKNn_On4DzNUwbZYtaFm3_Ns84EVBg3bJNqiz1w8KKVdLWKeyWLt_7gljRksetXLBGtH3qXYacYSF7yceP2tTfC&cid=CAASBORoNK0&rfl=2%2Chttps%253A%252F%252Fhi.dn.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:11:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 19:11:51 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/ Frame 1FC7 25 KB
9 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220223/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:14:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9647
x-xss-protection: 0
server: cafe
etag: 6462939580093197770
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Mar 2022 19:14:08 GMT

GET
H/1.1 200
OK blank.gif
hi.dn.ua/modules/mod_responsive_slider/assets/images/ 1 KB
1 KB 92ms
92ms Image
image/gif 78.109.29.56
HOSTING-AS hostin...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hi.dn.ua/modules/mod_responsive_slider/assets/images/blank.gif
Requested by: Host: hi.dn.ua
URL: https://hi.dn.ua/templates/shaper_newskit/css/template.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 78.109.29.56 , Ukraine, ASN41665 (HOSTING-AS hosting.ua, UA),
Reverse DNS: 56.29.109.78.hosting.ua
Software: nginx /
Resource Hash: aee8c07608f2afc59c654360702b207236006a9adfd0abeb287fe33b362c7293

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/templates/shaper_newskit/css/template.css
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: public
Date: Fri, 25 Feb 2022 19:21:23 GMT
Last-Modified: Mon, 15 Oct 2018 18:26:48 GMT
Server: nginx
ETag: "5bc4dbe8-449"
Content-Type: image/gif
Cache-Control: max-age=1296000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1097
Expires: Sat, 12 Mar 2022 19:21:23 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1FC7 41 KB
15 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 14:20:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Feb 2023 14:20:56 GMT

GET
DATA 200
OK truncated
/ Frame 1FC7 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93b286bc829f1a8fa2c9afa62b5f0bb56e335afcd14dcea89a6763ef1bc85289

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3BC6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cc60b834173d903c56d5eb4cf3043a9cd05e83b78b4cda45884806ed559e870

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 59CB 2 KB
1 KB 58ms
57ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YhkrGwAHxC4KxmhcAAG6nTZ_h3J9T8K0NW9LLA&u=%7CHiGM6oXEA5XwqLAON2WPOQZ73Tvj%2Bt%2B0ZRTPTKhYs%2Bc%3D%7C&c1=0n2XosTo5cmJbNb7DNNVBd09feAUrRU5zvRnTkAPdWmvLVilgC0DiLTcQ9rLc1tTVgAqhfDjCpZ-ihRuUaJZoCo7N0XMR6dWO4Lmf2Go8U8nidn4uIPHoFL_NhhaqPA1zDlIiEQ9GQ_BxTxh8sHu48127E1Vtb0KfLGRlnphPpElY1cwrLz3hcoQZ7cNwWCnYzCShMdyhi7xrcnRT8XtsJH6Gbmd0NfUWWuHo5Zq8UfUWzdzQYBX-OVoD4AI-ZMlQybN5XwhVGuA3oX2uuiql8Gn8hL2aeHc94jYe4ZsWPGTLFfiwQO58N5M1dERTP9n5ytsjtX88q3hGrTgFDBv-sn_TgNF2ir4JOWcfRLKE3doJmPSf-KM1VPmEkLdnUBbO90koqGw2WytIzAMM1l4AJkfWKpXK94Y4eA4pvr9BShqSsp0YPlSwpzhkPv-j3A4bbJMkv9Qom2iq7Dxrf8oHvgmAV_lTPkmkTtVrKOx9I4&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaR8yGysZYq6IH9zQmQad9YbYDMme0rFczYbj1pMBwI23ARABIABglQKCARdjYS1wdWItNDY0Mzc2NzcxOTcwNTIzOaAB1bbS6gPIAQmpAlwtR9v00bI-qAMBqgSzAU_QZtfnIEKhPOrrmps_xnBbopGuH8kVFt_anvmmcc0zqqZ1ENxQV6cUy1yE9H2XKAxudeJLtVzhPkKlGU68dAKSqFFlQjXWuX0haPXUuLswFKz6NX2zv22csrfgr0J-MTv1u50-gzdWcQ5TCjNank5X9tYWwamsJ5_1qnhDj-UbGTlpXdUJnUJm802B-EKax1yxEl7k5kkBomLBjxX4IOxSEXXtPC7KGXaFcdz-Cazi2T3FgAbvnYGk15WtmxugBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1nkKotrZthbOXA0jmctudWoXcBIg%26client%3Dca-pub-4643767719705239%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 59CB 2 KB
1 KB 65ms
65ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 59CB 308 B
636 B 79ms
77ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 close.jpg
static.criteo.net/flash/icon/ Frame 59CB 8 KB
8 KB 74ms
72ms Image
image/jpeg 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

065734ca38e4bce06b5164f1ef8f19d579e7d7d9c92add1450bbe30264ff6c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
last-modified: Mon, 26 May 2014 13:42:14 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "538344b6-1e07"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 7687
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 59CB 507 B
835 B 78ms
78ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 59CB 43 B
347 B 68ms
67ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=ha3WN1gLZnpK0PxU1OnM9rwR6ZkLr0m-RkEUuODry0yx-H6t-2wgQ2JPEpIKFJh8_6acsesSnaCjKIwMnh4DzJYzXhmGi_XWFVBwF0IL72XqNs3VgiOere3N1Agz-ANY5N-frn-qJynlEGY9dx6WPEyOP6b_S4QBpi8IcskiRUy_O2KQeq9NrFHCz4u6YCEzxvkrG--tARb7vnnQYOhcr9nUZvqTU_hx1hrxq5PNgh8zB8Ba348lQf6QkkFdOJCtaYMaXlPZRTiXlaBXLKizClB_6xvrt45E5kzcvw4iWxxIL5-TYHYkPSXKljfcdLglmIVloJ5xIBE-kzVSe81E_XhUHMPQ7Ohgt4XPLuk70i-_qDy5PqZ5iP1ewY1jM-izzYabFA9kije6buR2PHS2Kf5lwoV0bInAP2jAOUIiWdo5UMdWV68eewXXTle017eoHTEgww

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 19:16:44 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2363991
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 99B0 22 KB
8 KB 63ms
62ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Feb 2022 11:03:55 GMT
expires: Thu, 23 Feb 2023 11:03:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 202369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame 59CB 68 KB
68 KB 178ms
178ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10ec0"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame 59CB 68 KB
68 KB 130ms
130ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 10:27:15 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"61028283-10f14"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 59CB 12 KB
5 KB 116ms
58ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1892254
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHMF1%2BzW9TgUKqnRsHFRwdiuvpuy5XoFu4GEqnZDPZYStgzaDkDOz36k4q24pTXY6Td3CYvtwfs2Ed2oh2kjSvg41FxRMuQDgIdTgcSqUPCx6zvyQlOmoSm0FvjCrTNPLspekZaP2vvEhiilwvScYu4y"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e334510ed9d773d-LHR
expires: Wed, 15 Feb 2023 19:16:44 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 59CB 12 KB
6 KB 68ms
67ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 59CB 35 KB
36 KB 87ms
86ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=7450&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F7450%2F211022%2F498532715f9d4c2eb8c1c40789d2bf23_img_square_1.png&v=3&w=1200&s=4jR_MexrBPS9qxC__FRyOj-f

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6fb7208f6d4dff4c07ef081d3f96214ba3a53656c4f1411ebe3e7041747597d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:43 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28561136
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 36272
expires: Sun, 22 Jan 2023 08:55:40 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 59CB 0
127 B 75ms
75ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=w9S72fB8hpGmIOJJFFhBkKF9_Vx6tgq1D6bcKVWpvxvKhbljQAkq51Oc73Ut8sTtVusvwVm9EbbC6X4SFe6HqkbyvRzl-yY03AhCuYZlqfxHICYySWLMD2ulM4S4Drox67QVF4M_JPz26eMCck9fTymoUXmBDdiFibmQ3eeLS4Z4HkEmhBRn5mtr_4scts_JuZKU1X6SsMVrKmb9Q0jrq2Ogga8T4qtQ3YfNa4e7BcEkUlDx6NryeiSB9BhKRtr_uBt7Ig&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 25 Feb 2022 19:16:43 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 59CB 2 KB
1 KB 68ms
68ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 59CB 2 KB
1 KB 70ms
69ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Feb 2023 19:16:44 GMT

GET
H2 200 main.gr.19.8.289.js Show response
static.adsafeprotected.com/ Frame 1FC7 189 KB
60 KB 198ms
65ms Script
application/javascript 2600:9000:224a:3c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.289.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/963770/61152063/skeleton.js?ias_dspID=3&ias_campId=26959354&ias_pubId=pub-4643767719705239&ias_chanId=1&ias_placementId=16384157643&bidurl=https://hi.dn.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hYfwal2b5-PmZOkvq8U0DL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Feb 2022 17:07:10 GMT
content-encoding: gzip
age: 871775
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 15 Feb 2022 16:52:16 GMT
server: AmazonS3
etag: W/"e894d9dd87d5e06b21396e04a0c29127"
vary: Accept-Encoding
x-amz-version-id: QoliWv7Zm09sOtt_1ftKxG1EPIuNscaU
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: up-qyFJ-F6MegfdBDsYiW6t8iRlEcAGXxblE1umILobTFwqhrawbwg==

GET
H3 200 300x250.html Show response
s0.2mdn.net/10176755/1645543836780/ Frame E8A2 6 KB
2 KB 119ms
57ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10176755/1645543836780/300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aab30c409ae4ba9c5a75151851fb4a02a28a74b2b25af8f50c931f74e895bc51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 2351
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Feb 2022 11:52:47 GMT
expires: Sat, 26 Feb 2022 11:52:47 GMT
cache-control: public, max-age=86400
age: 26637
last-modified: Tue, 22 Feb 2022 15:30:36 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1FC7 0
571 B 247ms
131ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvg4DvsF3_45umjQnH5j3NZDud3wA3Uyaaz8HYUyeaJqrxbsCi_BL9G1uA86KZw-oNgAZvfKyx5654F-TDit5YdCaZL9iCIoKc56UVcrXMhI7wJlFCW80aONkz1p6sYuW3S4ooh8fACgvMR4sgxd2aPT71BAkZGjMKs8YZu5UZCB4FHtN2kovN1VKqYfUjCo1l7rATQzPJ95Kj__QGcZ79W9xFzRpW9K2jxDKYVz5Srnv_ToW0hITRUvaxkj93OyB7uEuYY16_8GxQIHVaThtkc4b02ITNa6n0O8uhxxZIR0cqr0DZI4em70Es0aMSIyYOx4NOsmwW63ukGjhKqAaX90ALu5SCodsHxtQoRVLRakEzpfiJtUkYz_DXKalVfsz1F7bsLBdIjzuUsIFONSND9ii_uDy_qULLPLe_ewK4yj5qHAvV71OFrHG440jWQB7TGaFRUQuh8UQYLyeM2SXqAgYx6JbYrWmtr7nLdPaBfv0zMHlIIxTBr0KW0wdlvuG01rEZ9Jigs0Oc37IlXKNhCfBGC0hM8EWsU78Dfz9chR-rJL6G1MGormo0UOO-Db2v6IzGg1jCtwWdnhHvo0atJdL4NOu49wfs3brP6J4sGVmizTGhgerW-WvyFuhvLpq1guvmHbathQGh28NB-zQs2bfrh2GFORuatovBmJXuXp6l6vsuwakCugXSq_SEymQgOlzw0wRKNed3LLoM02FH4vAOP_DKyQkbZuEDSontuwQZsK-SkpV88vmNzRTBZ1LYz_m6oiR9GwzDH_8XA0OQ5hfGa-de3oViJhqVB1WUsaMhJQqc0xifDQZJN9kbIDX-frH0YHWs_T3xPkpNcIOHPdf4ZHezzTrVpiMarGwgYuJ5QjjZ-WFq2ayisybObXUaCD3B35OTeLcqBEilqhx-Q4PBMtUAsSt6Dk_rwFh2dQbWYuom0KT9Vh94gtB00RftYa3_zxvj6UE-a5RRPwQRom2iEqjHnA-vpIIppVRXOgJRZf9OoTaeDFdgtZa49Q2Fc7qlC4tPMF3Dcq-hfxTeHQN6z0mp9-qKOeXlkCWoqzMR8CnlWY329LaEhMpE6a4R8pufR9t-NvyC3PBGPFFOMbEhqlghAbudj_uhK1pHGUZIgDg_JJJ4nfm3ZNFBx5MT-4NfWjyT0gEvpkSc0gYyP7A&sai=AMfl-YQcFCNWncx1WKc99NorFPjplbJ3QIWi8KWYYsyQFTciSgAAKj-v29SXnDbGliB5r-X_ducMWvJz4R7pfcPBumq4EuNbAw6KVNd941Ken35VHqSQ7bEso3u4g0tuJWPXWdfK&sig=Cg0ArKJSzH2nLwrYdYLCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=280&cbvp=1&cstd=277&cisv=r20220223.78583&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 25 Feb 2022 19:16:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 99B0 35 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 16:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8754
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13759
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 16:50:50 GMT

GET
H3 200 createjs_2019.11.15_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E8A2 236 KB
63 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1645543836780/300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1645543836780/300x250.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64275
x-xss-protection: 0
last-modified: Fri, 15 Nov 2019 19:16:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 25 Feb 2022 19:16:44 GMT

GET
H3 200 300x250.js Show response
s0.2mdn.net/10176755/1645543836780/ Frame E8A2 74 KB
14 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/10176755/1645543836780/300x250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/10176755/1645543836780/300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b384c359c0957238c6f43675c0427ddb0aabfb76ba17dcfea6489ff0e6ae5e0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1645543836780/300x250.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 11:52:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14694
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 15:30:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Feb 2022 11:52:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 99B0 0
20 B 91ms
91ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjVpVGysZYurrOdiX7_UPt_COoAUAAAAAOAHgBAI&bg=!e3ileDzNAAas2QJZrNk7ACkAdvg8Whwmr0ERfjabLcvXbDDXsaPfyWhpPWEzt7icn7LkLGbAQwOE3AIAAABxUgAAAAJoAQcKAJOWDEVZ9SOXaVR-nDir304DesU1AnXFUjean36jta6r0m_2p4n7GyDc-3ex-0QGqK03ZJ9SGlfiDXGkpIZSi2sWzlT5x8ElJyrsfWc3kkpiK_TwbzY8StwJyQeo-W6uXR7cfQagAzT4rhk2LqxnlDr4JM0ACrcFSDMga2Yn5lTn669j6Y15xd63YlWhxaYMGHhgZnGZAt3ycHgcrIL9pfYchtqnvTkYbydIKgUhbKTuXx_zKsLRDTI_AOxWGnK9G2z8yK9vvJYfTico8dnp8l8MSpT_d8p_QemYY1LkBYRjt382lP-T_P7i88uJDixREVqh5RtNaZBYrkVj5b2zFVpd9gawe45SIUaGW6hU1fgyVl-Ca8P5QcaKZybv47O8oSf4ew-TXC9kNYmYrdOmrl4jaSxz_nDMq2y6ohO__bEuSgH381eROP255rFWJFtVuuc0PtHTNz8qRleGox6zTDSJit-EsfU_DWyYICbetOOoWRjTIJ9afmBD8R1Utu-tt1XGWA7oD-CrD_CyvcyI5jsA1IZyF3elIbZ-1pIv-GEpVuKWqCdMXYFlA7TcMpUiwl2DE-dWm8_LH8tM6rHwl37KqNQ6WamXJ8A2jxDxIhDAh8wbaZEN68RXF_8GH5o-4hFSVyeE_WDVQr51268EQY_eBleFLxI8LF6dhBomglzakIRTdlfc3iY7i3Dkex-gikYxiDNRcT9vg5VAi-doZSCFiODMjsFv9_pZqd0R9HEkKVL1zg1ZzHl0Z9FheiQKosaC9H3lgLIJdrFj6nauQMz54T7oPVx1qve-8XFPIx0p29RLYax7oqVcwq2G-Mf8VTX-guCcKzz9oABB4CWBn6Pex4jhY3uhve8ewATgZ8XevnDbr0n6oS90xXxz_i8l-BmS2LCPBDR8U38vRW_ODmrDOc0Ns6Khvx4axfL2JK2jmtxSSN7Q880jOZxXwNm54srr1OZE-pdP7Mqt31sdhTVGa2UzKsvcsVK75qUwlEnClaGOZD73Yls3BBI6fo-OUHWQlHjkr09RjRrEQqRiJKVnPjwHcbPZKl-GisY6P3ojn5N1v_9VqP5zZcE5vGUQ8Q_vh1kFc7Kc6QGgxEODD7Q6zyY5BaduZ2SPpNnyf0bxGmK8oXRRBMu1f6drHH6RYFoZDqM-3wpgwCcLmfoiOo9avGBO

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 19:16:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 1FC7
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/963770/61152063/skeleton.js?ias_dspID=3&ias_campId=26959354&ias_pubId=pub-4643767719705239&ias_chanId=1&ias_placementId=16384157643&bidurl=https://hi.dn.ua/&ia...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

51ms
51ms

Script
application/javascript

2600:9000:224a:3c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315
Protocol: H2
Server: 2600:9000:224a:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 07 Jul 2021 08:35:57 GMT
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
age: 20169648
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: r2585dxOPXn5qn2R_Wzhooj0lmpHHkrMQ3VDW9FliZVqYEgznhHGzA==

Redirect headers

pragma: no-cache
date: Fri, 25 Feb 2022 19:16:44 GMT
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 21A1 80 KB
21 KB 60ms
59ms Script
application/javascript 2600:9000:224a:3c00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 24 Nov 2021 10:01:19 GMT
content-encoding: gzip
age: 8068526
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: DUS51-P1
content-type: application/javascript
x-amz-cf-id: G-8xqSuZmM3MdJxV6vYOMy5D3muOMy72SpCXUfKu0lHHuwa6UAwXPg==

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1FC7 43 B
301 B 385ms
109ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=963770&asId=9bd15a3a-3a74-c670-cde1-862c9763f07c&tv=%7Bc:5gi7B4,pingTime:-3,time:313,type:v,im:%7BpBlk:307%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:376,h:280,t:292%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:313,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:292,wc:0.0.1600.1200,ac:NaN.NaN.376.280,am:sp,cc:-2.0.376.280,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B31~0%5D,as:%5B31~376.280%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYtUKi9+11%7C1211%7C13%7C141%7C151*.963770-61152063%7C1511%7C1512%7C1513%7C16,idMap:151*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 19:16:44 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1FC7 43 B
301 B 384ms
110ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=963770&asId=9bd15a3a-3a74-c670-cde1-862c9763f07c&tv=%7Bc:5gi7B5,pingTime:-6,time:314,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:314,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:292,wc:0.0.1600.1200,ac:NaN.NaN.376.280,am:sp,cc:-2.0.376.280,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B32~0%5D,as:%5B32~376.280%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYtUKi9+11%7C1211%7C13%7C141%7C151*.963770-61152063%7C1511%7C1512%7C1513%7C16,idMap:151*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:hi.dn.ua*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 19:16:44 GMT
X-Server-Name: dt52.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 300x250_atlas_P_1.png
s0.2mdn.net/10176755/1645543836780/images/ Frame E8A2 6 KB
6 KB 55ms
54ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1645543836780/images/300x250_atlas_P_1.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1cd62cb9ac7d2428ac9abbab643953102214151a7016fbd424808b8430d2195

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1645543836780/300x250.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 11:52:47 GMT
x-content-type-options: nosniff
age: 26637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5985
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 15:30:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Feb 2022 11:52:47 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1FC7 0
23 B 156ms
93ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvg4DvsF3_45umjQnH5j3NZDud3wA3Uyaaz8HYUyeaJqrxbsCi_BL9G1uA86KZw-oNgAZvfKyx5654F-TDit5YdCaZL9iCIoKc56UVcrXMhI7wJlFCW80aONkz1p6sYuW3S4ooh8fACgvMR4sgxd2aPT71BAkZGjMKs8YZu5UZCB4FHtN2kovN1VKqYfUjCo1l7rATQzPJ95Kj__QGcZ79W9xFzRpW9K2jxDKYVz5Srnv_ToW0hITRUvaxkj93OyB7uEuYY16_8GxQIHVaThtkc4b02ITNa6n0O8uhxxZIR0cqr0DZI4em70Es0aMSIyYOx4NOsmwW63ukGjhKqAaX90ALu5SCodsHxtQoRVLRakEzpfiJtUkYz_DXKalVfsz1F7bsLBdIjzuUsIFONSND9ii_uDy_qULLPLe_ewK4yj5qHAvV71OFrHG440jWQB7TGaFRUQuh8UQYLyeM2SXqAgYx6JbYrWmtr7nLdPaBfv0zMHlIIxTBr0KW0wdlvuG01rEZ9Jigs0Oc37IlXKNhCfBGC0hM8EWsU78Dfz9chR-rJL6G1MGormo0UOO-Db2v6IzGg1jCtwWdnhHvo0atJdL4NOu49wfs3brP6J4sGVmizTGhgerW-WvyFuhvLpq1guvmHbathQGh28NB-zQs2bfrh2GFORuatovBmJXuXp6l6vsuwakCugXSq_SEymQgOlzw0wRKNed3LLoM02FH4vAOP_DKyQkbZuEDSontuwQZsK-SkpV88vmNzRTBZ1LYz_m6oiR9GwzDH_8XA0OQ5hfGa-de3oViJhqVB1WUsaMhJQqc0xifDQZJN9kbIDX-frH0YHWs_T3xPkpNcIOHPdf4ZHezzTrVpiMarGwgYuJ5QjjZ-WFq2ayisybObXUaCD3B35OTeLcqBEilqhx-Q4PBMtUAsSt6Dk_rwFh2dQbWYuom0KT9Vh94gtB00RftYa3_zxvj6UE-a5RRPwQRom2iEqjHnA-vpIIppVRXOgJRZf9OoTaeDFdgtZa49Q2Fc7qlC4tPMF3Dcq-hfxTeHQN6z0mp9-qKOeXlkCWoqzMR8CnlWY329LaEhMpE6a4R8pufR9t-NvyC3PBGPFFOMbEhqlghAbudj_uhK1pHGUZIgDg_JJJ4nfm3ZNFBx5MT-4NfWjyT0gEvpkSc0gYyP7A&sai=AMfl-YQcFCNWncx1WKc99NorFPjplbJ3QIWi8KWYYsyQFTciSgAAKj-v29SXnDbGliB5r-X_ducMWvJz4R7pfcPBumq4EuNbAw6KVNd941Ken35VHqSQ7bEso3u4g0tuJWPXWdfK&sig=Cg0ArKJSzH2nLwrYdYLCEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=595&vt=11&dtpt=315&dett=3&cstd=277&cisv=r20220223.78583&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: hi.dn.ua
URL: https://hi.dn.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Feb 2022 19:16:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1FC7 43 B
301 B 367ms
109ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=963770&asId=9bd15a3a-3a74-c670-cde1-862c9763f07c&tv=%7Bc:5gi7Bm,pingTime:-2,time:331,type:a,im:%7Bsf:0,pci:%7Btdr:42%7D,pom:1,prf:%7BbeA:451,beZ:452,mfA:728,cmA:730,inA:730,inZ:734,prA:734,prZ:738,si:743,poA:744,bl:758,poZ:758,cmZ:758,mfZ:758,loA:765,loZ:766,ltA:782,ltZ:782%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:336.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:376,h:280,t:292%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:331,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:292,wc:0.0.1600.1200,ac:NaN.NaN.376.280,am:sp,cc:-2.0.376.280,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B49~0%5D,as:%5B49~376.280%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYtUKi9+11%7C1211%7C13%7C141%7C151*.963770-61152063%7C1511%7C1512%7C1513%7C16,idMap:151*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,sinceFw:37,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 19:16:44 GMT
X-Server-Name: dt53.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 300x250_atlas_NP_1.jpg
s0.2mdn.net/10176755/1645543836780/images/ Frame E8A2 55 KB
55 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/10176755/1645543836780/images/300x250_atlas_NP_1.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

340951104a32ad2f5b56041eeceb24e41cf388d849131b9ff420b2c114a4c817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/10176755/1645543836780/300x250.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 11:52:47 GMT
x-content-type-options: nosniff
age: 26637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56708
x-xss-protection: 0
last-modified: Tue, 22 Feb 2022 15:30:36 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 26 Feb 2022 11:52:47 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1FC7 43 B
301 B 334ms
112ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=963770&asId=9bd15a3a-3a74-c670-cde1-862c9763f07c&tv=%7Bc:5gi7Ck,time:391,type:e,im:%7BpWait:4%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:391,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:292,wc:0.0.1600.1200,ac:NaN.NaN.376.280,am:sp,cc:-2.0.376.280,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B109~0%5D,as:%5B109~376.280%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sYtUKi9+11%7C1211%7C13%7C141%7C151*.963770-61152063%7C1511%7C1512%7C1513%7C16,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 19:16:45 GMT
X-Server-Name: dt59.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1FC7 43 B
301 B 155ms
109ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=963770&asId=9bd15a3a-3a74-c670-cde1-862c9763f07c&tv=%7Bc:5gi7Gz,pingTime:-10,time:654,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChMaW51eDsgQW5kcm9pZCAxMSkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg2LjAuNDI0MC4xODUgTW9iaWxlIFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1645816604987%7C%7C54521090f9db1ebc69bc858c517f0f08%7C%7C9a7e3cd5e80b41a311fb3514ffa5f627%7C%7Ce7d8e4fbfd7d4f9c6040eb53e34d6ea4%7C%7C73dccf4d4a48aebc328f208b5c960132%7C%7C8d820508fcc4e3dd6c38da0c346bf184%7C%7C9b691936d1353d17457e4dea7e6cee40%7C%7Ceffec14d17baf877eca3a0b6beabc251%7C%7C1629390669%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4643767719705239&output=html&h=280&slotname=5196745422&adk=3565012385&adf=4284061337&pi=t.ma~as.5196745422&w=363&fwrn=4&fwrnh=100&lmt=1645816333&rafmt=1&psa=0&format=363x280&url=https%3A%2F%2Fhi.dn.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1645816603090&bpp=1&bdt=1087&idt=313&shv=r20220223&mjsv=m202202090102&ptt=9&saldr=aa&abxe=1&prev_fmts=363x280%2C0xnull%2C785x280&correlator=6098250588053&frm=20&pv=1&ga_vid=795597458.1645816603&ga_sid=1645816603&ga_hid=1766725460&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1208&ady=1000&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750774%2C31064858%2C31061829&oid=2&pvsid=2226080441506750&pem=732&tmod=873592277&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=OjvTekkyZD&p=https%3A//hi.dn.ua&dtd=315
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 19:16:45 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2

200

/
m.facebook.com/login/ Frame E6D7
Redirect Chain

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18d3a8323b7924%26d...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconn...
https://m.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnec...

0
0

292ms
291ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://m.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df18d3a8323b7924%2526domain%253Dhi.dn.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhi.dn.ua%25252Ff187ba2e8afe9f8%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNovostiKramatorska%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500&refsrc=deprecated&_rdr

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js?hash=2ccb7f8913371363a7ef1d37fcb1fd59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: about:blank

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options: DENY
content-type: text/html; charset=utf-8
strict-transport-security: max-age=15552000; preload; includeSubDomains
x-fb-debug: WRCMv4FfVvvFSytrJQ6XHp4EjQ3nCZ/LSA2p5lmAVn8Fld6iQandmuBrmotjJ5GuuuGTKb0ZnS6WDfILtUdVfg==
date: Fri, 25 Feb 2022 19:16:45 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

Redirect headers

location: https://m.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df18d3a8323b7924%2526domain%253Dhi.dn.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhi.dn.ua%25252Ff187ba2e8afe9f8%2526relation%253Dparent.parent%26container_width%3D363%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FNovostiKramatorska%26locale%3Dru_RU%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dfalse%26width%3D500&refsrc=deprecated&_rdr
vary: User-Agent
expires: Sat, 25 Feb 2023 19:16:45 GMT
cache-control: private; max-age: 31536000
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: dmNj8c6/GiLPbSslb/3KZzB/Ra/V+XM29iJKZqkLViTrp1B3IBxI5wM3pM9yTRg2Ri2dH6xFJb3EQda27PriEQ==
content-length: 0
date: Fri, 25 Feb 2022 19:16:45 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 132ms
69ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220223&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

91e0eba819d15bb76e4c8e3cdd871ef49c2fce0daa4748614233e4e05a766d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 25 Feb 2022 19:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9768
x-xss-protection: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 1FC7 43 B
301 B 109ms
109ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=963770&asId=9bd15a3a-3a74-c670-cde1-862c9763f07c&tv=%7Bc:5gi7JY,time:865,type:e,im:%7BpLoad:813%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:865,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:292,wc:0.0.1600.1200,ac:NaN.NaN.376.280,am:sp,cc:-2.0.376.280,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B583~0%5D,as:%5B583~376.280%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:157,fm:sYtUKi9+11%7C1211%7C13%7C141%7C151*.963770-61152063%7C1511%7C1512%7C1513%7C16,idMap:151*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf%7D&br=c
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 25 Feb 2022 19:16:45 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 25 Feb 2022 19:16:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5332 13 KB
5 KB 55ms
55ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Feb 2022 19:08:00 GMT
expires: Sat, 25 Feb 2023 19:08:00 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 525
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2D1A 783 B
1 KB 181ms
65ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c6dfcf2ba536b980abb552895c9856bef475d54f8dc7ef0e53c558cd9ad79339

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BtuAKy0YGqw8u6VVa31dKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 25 Feb 2022 19:16:45 GMT
date: Fri, 25 Feb 2022 19:16:45 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-BtuAKy0YGqw8u6VVa31dKQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 5332 35 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/SEydyQZSjRoGK7a6-62vN0wUVQOkw95oJslnxkLdz_Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 16:50:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13759
x-xss-protection: 0
last-modified: Wed, 23 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 16:50:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2D1A 0
0 94ms
94ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220223&jk=2226080441506750&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5332 0
9 B 54ms
53ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?L9E1dA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Fri, 25 Feb 2022 19:16:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 90ms
89ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220223&jk=2226080441506750&bg=!-fql-r7NAAas2QJZrNk7ACkAdvg8Wis52LGMgUpMndTzl90UEMpozmFbf3aHDGnNGb4Zc9_PIfHQ4AIAAABaUgAAAANoAQcKAKU3mKGIMX-SbnEFwQ3ExgJkiRfms-_sd7sz-2CfYG9XMfrvx0_trwZZDVv0HivsdMkdSqUxZRj9hIArm4_BiAB4EgBye6F9XdpKvzuRp3xy6HotQTKhyxiDH8GbyDlooQOnnQzaRqtcx3zuh_30FLYeUmfOjQrynbqIr0IhdFq_Urkut2eYEYcrdBtey2oxrsbs8l74LkIsj-9rLMRGEUX5Lgi3XZeZAnfkvdaIsh6YuuZDJetNiw7ODKDqWji7kb4iapKuug5PKBKeYeTy4ue4Z6E6zbt1aIqV77EOC6BLAONeV1r1fCm12qtnzVJOnYLc7gS8KjFRXywbnqGnG86w1Bee0I35GwZGd6ic2padr9D0M4MEWl4Joo-IoRyqEWxe8hZf1WI22YOdTgRTs1rpHvM7nt6qNwy21x1bE7oOdb9R3bkYcb34eVsVmXlUU684wajQHiE3s5CwU93TwHlNlCDAgo8SbUMXxjmXmZ-LYeU9lwo4iEKpexrjxwBTok56mZRH0CAHGJ7g_uZCqWYlrm39XHfecF0f2AwVKxKdElWdXqDpPs1ieyhGZ2fM4v_TyjNYLZOG1NGaVUJ6zcBz0XFweZfceC7umKiprwXK1FwqR3jCFw2kzEYIw820AodFFUlVfYRP3gt7Sl-k-pxFSQwQcpgGWpDhiWXhlbVPHJ3n_vvrFe5cl976kS0v-HDRJ1kZzVbLwk6OdQgDnabTc8-jmJ8Lh6sa9_Z7rX3Ko99dLH1nAr4Pw47W5DwwrWQblGbKs-Ty_hyxUGTwR8VeNZQIvbOIoQmr8qZ1nx29bH94iIRm6vqQ9jn3xPYWIksnYFuteMA8JwwNkKKDsGQuVDIX_QXTfvdHnJPqrDGPaxajNOmPLUNt6dCU3IenXdTWsJMF7un-T6DK7oLEqaZfP7waQIFC3KiOcUq0t5hNBmZqmugRJMSy9RadvkSClsVMC6tHQV8Ef-K2KfWhh_TkFyTdu2Ro6BVz05z4-LuNrpyJM5OTrViPqzDxiPxStMAjzMjgB9Nyckaj5UaZCcOZjfthzkVcESr4_g2ZYIxw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://hi.dn.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Fri, 25 Feb 2022 19:16:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hi.dn.ua/	1969-12-31 23:59:59	Name: 04e0a671eda8eb9ef13ae0eb17b76657 Value: deb296ijkki2fffhnabrhjdlra
.hi.dn.ua/	1970-01-20 18:41:28	Name: _ga Value: GA1.3.795597458.1645816603
.hi.dn.ua/	1970-01-20 01:11:43	Name: _gid Value: GA1.3.1820234123.1645816603
.hi.dn.ua/	1970-01-20 01:10:16	Name: _gat_gtag_UA_10437307_1 Value: 1
.yadro.ru/	1970-01-20 09:54:32	Name: FTID Value: 1Y6IiR0jLfuG1Y6IiR000BDi
.yadro.ru/	1970-01-20 09:54:32	Name: VID Value: 0rxTj12MdJ8G1Y6IiR000U2b
.hi.dn.ua/	1970-01-20 10:31:52	Name: __gads Value: ID=94f93c74adecab98-2277c3614dcd00ff:T=1645816603:RT=1645816603:S=ALNI_MaCRjip082v8avO1p_XdFr-qNzdCw
.doubleclick.net/	1970-01-20 10:31:52	Name: IDE Value: AHWqTUkcNcC6zc4mXxW3yjBE5bsFd2TVF5_mym5IYOTHVFCV1dJ11jevutNo_QIZzes
.doubleclick.net/	1970-01-20 01:10:17	Name: test_cookie Value: CheckForPermission
.adnxs.com/	1970-01-20 03:19:52	Name: uuid2 Value: 2764682489727875133
.casalemedia.com/	1970-01-20 03:19:52	Name: CMPS Value: 1838
.adnxs.com/	1970-01-20 03:19:52	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTuh/p_'!]tbPl1M>e)ZlrFUfJ+tGXxpS?:Q3r^%#k9L+AFC:@nV^ES-Gt_.zqJ>J@??3If)y3KL9D3I?+!8<H3@
.casalemedia.com/	1970-01-20 01:11:43	Name: CMST Value: YhkrHGIZKxwA
.casalemedia.com/	1970-01-20 09:55:52	Name: CMID Value: YhkrHC4JsDwadcNyD.m09gAA
.casalemedia.com/	1970-01-20 03:19:52	Name: CMPRO Value: 682
.casalemedia.com/	1970-01-20 09:55:52	Name: CMRUM3 Value: 2d62192b1c2760CAESEOfxmKFmkV8I8lUiXEpUnF0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://m.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
counter.yadro.ru
csm.eu.criteo.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hi.dn.ua
ib.adnxs.com
m.facebook.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
s.yimg.com
s0.2mdn.net
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.102.29.65
104.244.36.20
142.250.184.226
142.250.185.226
142.250.186.34
178.250.0.139
178.250.0.160
178.250.0.162
185.33.221.15
2600:9000:224a:3c00:8:48e:53c0:93a1
2606:4700::6810:125e
2a00:1288:80:807::2
2a00:1450:4001:803::2002
2a00:1450:4001:808::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2008
2a00:1450:400c:c0b::9d
2a02:2638::18
2a02:2638::2
2a02:2638::3
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.250.206.93
78.109.29.56
88.212.201.210
065734ca38e4bce06b5164f1ef8f19d579e7d7d9c92add1450bbe30264ff6c09
0820dead056e977451b308d1486b42125be316a6c1c113dbea580f358c24d8d3
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0d8bda111253195f738529a84680ceca2eeb24551f25cae7c01f43839b70b398
0d99caeae193a1f88c9cdde31bc68dccfc68883e416934f2ac8e50a553c57f16
1061c885f8bc68df6083fb301c97817f1f759356366fdb62cc11a36aeae0968f
125888320d828f42ac010da9ef94ec7172c54d468266502bbcb220299c611778
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
127e541e4f7b7361f435bd88df085f479eb27acbc4dbffa188343b887e51627e
13a7568d852d39b8205ac0d57be091c3cfddfcfa678b374f44d74bdf1a452352
1a57618c09f2be28ce199c98f1e85308d101c9130025623bc6b09e9997924b06
1b1206b2bf16bf2893e7f89879dd5fec9a3a9364361f2a8c3aea5aa01e74216b
1df72eb0c6f570ba6c078ebea6e42747f7e11f68bcccdb8c528f85ef39d46df0
1ec1c0519da1b0a13b0670687ffb7bf3d3761fb31fe26fe4f2ed816865a0eeda
1fa3f8d785b1c38d5385eac2c2158affe734a4a5598c0dfe6961c33303f4a591
1ff9a8ec38a3a06884a19fb92a420aba09a8216194fbf59adea8a75dd3d502b8
209eead52c2ce0e1efaee234751cf874761c7678947f231731a5367a4ee3a3ad
2291dfa652ff8d9b621007cc0daf0dc254a34a0fe1e5439a7e0feb305e4542d7
22f05baf5f57ac9c150bd2a5ca6754785d1b4fc4bb675d69fa04c3932e335b2d
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
23da922405663f5d592a1c7b410fbf63895a0d63aa1a2688ef6c593096c77001
256c9c5d92b6992d0467bfc4381c99988a5e4446ad2c0bddc9d93a9bfb045ab9
28b306c5012ffd93dbe76be93ba78d1cea580a3d5f2f480b5d9b48aedc496fa3
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
299cae908ac4a7bbca58f229f2e971009f48202cbec3de519fdc2d7b37b0d75e
2b86bc31b7af1c33e9fd4ebdb74e74d7af92a491616092822f633ec9bc4e7184
2cc60b834173d903c56d5eb4cf3043a9cd05e83b78b4cda45884806ed559e870
301b8ff4a29308164c9934b23b1e67c3fd787c012a52e053decfd102bccd4de0
304bd044fa8ed083e0ffe68514216a6768550f40400730620626af11478e02a1
340951104a32ad2f5b56041eeceb24e41cf388d849131b9ff420b2c114a4c817
37ae3b7989e661e1b8f9a18ec6afb6cbdcfff9adfc9db1ab0693cf9241becb3d
3d0e4610ae5e53daae6513acfcb7bb54e5c3c16a4c24a8efd361bd76504f0654
3deec1e4d19cb71b80daa6f050c395fccb90d7f1c2ec74a920930d476013cf97
40b51c7624c21c078abd3aab455d00d6891a656b8feb891f355d8c15152efb08
42931bd149d230ca9ab1e72b1a914543dc108e3098673d339c1c3d32ccf2d776
452755ab5ffa443c96c4823367b4089531068ad1389beed8418ff4b59dc4f237
46438fa269f3c172286b81be52a5de84753d68dcc6580f6a98b7942cf129bdc1
484c9dc906528d1a062bb6bafbadaf374c145503a4c3de6826c967c642ddcff6
48e25136ee6711353e7bc7f34652fdd5f2713eb9c8d76e053443ba6da737fba7
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4ab141a60815a67770511028d1467e515d78a9fc5c166387fbe258bf60a23ff1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e89cf4a8dcd97348dbd2b89ad8f97251b1149671cf2218c7d6a3906f55ce08f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b6cf4e6eda02f7c90b60b3c32413c0851915f8f80a268a913b92929085132a6
5e85639702795a30d9718cae66608802d78dedfee734aca5bb23e61c4ea5aca8
5fdf9ee680adb2f1fe8ebbcaba1b6124fe6dbb1a7261e568894e6ea96341d379
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d2e304c4a631e8cafa9af39a02191879c2c1b72f8312796a62cd7b89eff324
63ba94079bafeb1a751b6f922a9369e51b241c8e550b3e15a62e4118bd7f3299
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6918121145b46832c9eb3f312eed403144b4fe58e1d2e43cb5ee9f82f6bdb521
69aeae46fdcc1c9259f63a8b652ead63217a46d04104d68e804554de3d97bd1b
6b12f2e298f035cdfbd200d602318887082556b3542b08282936720e4e25bb61
6b37fe651a9bd15cb746d762c7bb682d87b495aacac039f6ceb615e121b3fdd0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b92982ad49856c0b7a6e526d571eb7ad9db7567b5c0694c45173ebce50f3a81
6d362fa22342a2d22cbe8d4472d2d11a8d0864310ee2e8e48ede3148465a609d
6f526cfee5923c3d63805b64100b57e5ecd2f121922fa641dff70c2e16c20398
6fb7208f6d4dff4c07ef081d3f96214ba3a53656c4f1411ebe3e7041747597d2
724e24d4c1459f4b117e9efe31d26ac083ae0145af484fff11b197668b40d492
754fd0da3f8468500a18487b153882f36072b6de75724edf2e21e21ab9433739
7567b45bff1cc6fabb28ee50ea21c1a047d1e89293f120809eae922e5d9edb16
7aaa984a54ee6946f53730ae24cfa99f9d226c4df44b94ab2b8315dccc458f9e
7d9a90eef3570e5b6211e1036d294a6d53b0cc4700b4d63fe59533ee7e6cf3cf
7e82ab1d661f86ff42e06248442db7ebdd153a8f517ff22d6431b69a71a37598
80273fc1aee79a2241ad5a484aa3f6eaa4931bdd242b545f2f40c5d7de8842fc
81b7b2f584dcfe1c72be286287e21f6258f621fed241d139793108e1cdbefc7c
8470a323b64dee607fda5b6c20470a005e354677c612e7a1b4a6d37f501bb720
87b3beae1d08bf029d04938bc1d76c7870d450fd75609a85dfafd761cd472047
8b7ea24747712484c1c05b0337f5538e246fb01a18b8d14ddd2de428f444ea92
8eb5d5e8b339da50d7c8290be7fa53db265d0b40d7decfb235dc2bebb8c5dca7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f33c10e6260fedc9e7980468291b936000570589c1cbe6f1ae086d193fc2971
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fda7cf721d35626d32a0e4cc138e02b35edba75451d3077c739a861c4685178
91e0eba819d15bb76e4c8e3cdd871ef49c2fce0daa4748614233e4e05a766d23
92fcab9c5ecda697f59e5877e9b1e226384a7f53e9b04e9a7b6aa5441738df11
93b286bc829f1a8fa2c9afa62b5f0bb56e335afcd14dcea89a6763ef1bc85289
9beebe40ef8b5070d6fd78d439fcc842f0fcc573a9b7865c9d43f6026e6a5caa
9bf57bf5ddb24fc8fb0daa5367f529efd847f146a249c0e228b8d856159979d8
9c18861d2ab695ecc9854466fa63a1e0d1ba7ff1a3a731544cbd3563ee1ea7ee
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
9d0c476aee1acdae66de07cbcc67359740bace697b73cf0c51515db4f81978be
9f89762aa62701f039a78f280ada12614dde6dd17a381c0ce98b9ba357a72a2a
9fea49b19938fcbb572a3add8755073ebdce61a7faf6e5122234b1d757eb5f5e
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1cd62cb9ac7d2428ac9abbab643953102214151a7016fbd424808b8430d2195
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aab30c409ae4ba9c5a75151851fb4a02a28a74b2b25af8f50c931f74e895bc51
ab0adbe6a9df0051d75d2e06ffdc5dbf0210dc0d2858ef95e28213e4ab3963c3
aee8c07608f2afc59c654360702b207236006a9adfd0abeb287fe33b362c7293
b048e01655cdf47f739c288fc4195c26de3883db4ebc4368242fa38b0ca0062d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b25a4c9a579d21aa8bd8fdb642b9e4ea4fd2e44d2edbacff18bd0c171d9e0171
b3054cfa08c3d9346e7d33fc39e48f4dae13eee61d3903bd509698592e6448a8
b384c359c0957238c6f43675c0427ddb0aabfb76ba17dcfea6489ff0e6ae5e0a
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b5757aa153f991c82c949e638c56b4913042196240f3a41cec5a40c3366d1bdd
b6d608a94541739fa2e3b056d0c1470d8cb23e020b76ba35912ae3c2c25d512d
b72d0d2a02476446719b44d1b120f6f817e271cee1d712298398102c6a37c4e9
b84ce000a97b2083b76ef121ba39ded1ba53b095b1cba87bc2f1213477859f01
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c17b823ddee789bdc88b380ce8aa533558cbdef360c5da8e1f9f0dd3b2a1040b
c6b0383ac9f71fdc60cbfe698ea17089de325989dded2a914a8a6e71c2656049
c6dfcf2ba536b980abb552895c9856bef475d54f8dc7ef0e53c558cd9ad79339
cd49d9fd5c76f7597060a4bfa05c737fddcc7b4768f60fd6446b991288f73ffe
d417948ca0372b9fd425b4609f78298d49d4608838ce3ba4a1e7dea57b50db66
d41a978fd4b0d9d75ff6246ca9140253ae5082a0b73e3ce5c9a95f6dc25f275d
d429acaa034a6e9c352b6de2cca4a187e16f0e8fba917989ed97d5c6d7ad043e
d5a80e0548845269115c1dcb9a3c2ce55366d66d8b1c1334cb349e913d1278a6
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d9508ff260338cef56658378d62ebf781194286a6369c58f5be54e7607453498
dc1162fc9ae488f7e257f137733c866cce9582d546445f902328fa4d536dcbba
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfe713b10c87f9d69c8308bb407233a924d725c7d72ed0b7473ad39c6e8cbbbc
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e101368765276ecfc0384329cd686eab43519313bc05a92d68a6238c9d5723b2
e11741ff720cafd40622027c67ffa91f016ce3cbae795201017d9f2411c8adee
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e78eb36baed0a941949db45b50ad20ed9aef76234a08dcf96126c36037e1b818
e7b39356f04bd228f1d48d68c00d2adb96c7e471cb7f4445da8b8b9202c99f1e
e861d3c3bf074c8b832c72921647e53513a1493a855cbfe43820933cbeb35dca
ee43222bc3a3d6c1cab5dc4115bd2a3c2b348f4b4e448283e0eaca84de6763d6
ee54d53603f2f9ffa44da264ea395d2e7f18d8edac21d5f55f3fb27702cdf4ca
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4796c928f461fe41cdf60bad297d4620b56d13eaa008f3ae127ec4d60e569ee
fdb64ba2f52ae7db430667672de01407d1ffdc54ae7484ac75db997a5458eb00

hi.dn.ua Open in urlscan Pro 78.109.29.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

176 Requests

97 %HTTPS

63 %IPv6

22 Domains

34 Subdomains

33 IPs

10 Countries

4050 kBTransfer

6507 kBSize

16 Cookies

1 Outgoing links

Page URL History

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

hi.dn.ua Open in urlscan Pro
78.109.29.56 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

97 %
HTTPS

63 %
IPv6

22
Domains

34
Subdomains

33
IPs

10
Countries

4050 kB
Transfer

6507 kB
Size

16
Cookies

176 HTTP transactions
3 data transactions