urlscan.io logo urlscan.io
SecurityTrails logo

ex.ua Open in urlscan Pro
207.154.204.88  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ex.ua/
Effective URL: https://ex.ua/
Submission: On December 04 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 3 countries across 10 domains to perform 55 HTTP transactions. The main IP is 207.154.204.88, located in Frankfurt am Main, Germany and belongs to DIGITALOCEAN-ASN, US. The main domain is ex.ua. The Cisco Umbrella rank of the primary domain is 159863.
TLS certificate: Issued by R3 on November 6th 2022. Valid for: 3 months.
This is the only time ex.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

15    207.154.204.88 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
ex.ua
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
18    35.244.164.190 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 190.164.244.35.bc.googleusercontent.com
cdn.u.media
3    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
18 u.media
cdn.u.media
802 KB
15 ex.ua
ex.ua — Cisco Umbrella Rank: 159863
608 KB
9 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
203 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 73
10 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2610
www.google-analytics.com — Cisco Umbrella Rank: 27
20 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 70
www.google.com — Cisco Umbrella Rank: 2
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 48
119 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8649
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 859
693 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
1 KB
55 10
Domain Requested by
18 cdn.u.media ex.ua
15 ex.ua 1 redirects ex.ua
6 pagead2.googlesyndication.com ex.ua
pagead2.googlesyndication.com
tpc.googlesyndication.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com ex.ua
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com ex.ua
55 14

This site contains links to these domains. Also see Links.

Domain
mail.ex.ua
fex.plus
u.media
Subject Issuer Validity Valid
ex.ua
R3		 2022-11-06 -
2023-02-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.u.media
R3		 2022-11-06 -
2023-02-04		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://ex.ua/
Frame ID: 8EFD4D42E3C95558316D1B2ED7FD065F
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 1555C5D1DBF2B481E66ECADFEB3E38BD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5141359498022804&output=html&h=280&slotname=8877403118&adk=2837362657&adf=1199087956&pi=t.ma~as.8877403118&w=1200&fwrn=4&fwrnh=100&lmt=1670125178&rafmt=1&format=1200x280&url=https%3A%2F%2Fex.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670125178082&bpp=4&bdt=302&idt=325&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=2739483720036&frm=20&pv=2&ga_vid=66744370.1670125178&ga_sid=1670125178&ga_hid=74282416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070993%2C44774606%2C44779076&oid=2&pvsid=2445354763668891&tmod=944060946&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=e2cV0tZpcl&p=https%3A//ex.ua&dtd=340
Frame ID: C922F0DA4208718F6BD1756EF2F705A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5141359498022804&output=html&adk=1812271804&adf=3025194257&lmt=1670125178&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fex.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670125178097&bpp=1&bdt=316&idt=331&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=2739483720036&frm=20&pv=1&ga_vid=66744370.1670125178&ga_sid=1670125178&ga_hid=74282416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070993%2C44774606%2C44779076&oid=2&pvsid=2445354763668891&tmod=944060946&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=336
Frame ID: DF86471ACC5460A75275F37995A8D1B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B09A6BD0D00428EE3CD6390B6418B89B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C3414259047A70F753F369158D111274
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

EX.UA - Обзоры программ, сравнения сервисов и полезные лайфхаки

Page URL History Show full URLs

  1. http://ex.ua/ HTTP 301
    https://ex.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

55
Requests

100 %
HTTPS

86 %
IPv6

10
Domains

14
Subdomains

14
IPs

3
Countries

1766 kB
Transfer

2654 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ex.ua/ HTTP 301
    https://ex.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ex.ua/
Redirect Chain
  • http://ex.ua/
  • https://ex.ua/
86 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Next.js
Resource Hash
26fb7a97962d6e46376e025f537661b9f2cdd01e03dd51a30d4c18d279a57967
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 04 Dec 2022 03:39:37 GMT
referrer-policy
no-referrer-when-downgrade
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Next.js
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sun, 04 Dec 2022 03:39:37 GMT
Location
https://ex.ua/
Server
nginx
js
www.googletagmanager.com/gtag/ 		216 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-268F9VM54Y
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bc243e623eed8d305a2a05f84f0f7ff0d606f8e23bf1be49a3fceb7044c31217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77280
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 04 Dec 2022 03:39:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		142 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5141359498022804
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46300065582a6d59ffe6604a98dc40bc58f46f9da11b230b1ed2d6a31494380c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ex.ua/
Origin
https://ex.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49030
x-xss-protection
0
server
cafe
etag
13146209797705352083
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 04 Dec 2022 03:39:37 GMT
217798ea5eae3e8beaf7.css
ex.ua/_next/static/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ex.ua/_next/static/css/217798ea5eae3e8beaf7.css
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
c8b5ebd3c2a45ca4fec787e31a83762383fa66398ff3fe1ef55cb2f9b7d1c5b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 10:36:13 GMT
server
nginx
content-encoding
gzip
x-powered-by
Express
etag
W/"3bd7-1801d586514"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-xss-protection
1; mode=block
6f99600878ebd3116af7.css
ex.ua/_next/static/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ex.ua/_next/static/css/6f99600878ebd3116af7.css
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
21f3fb1b955172cc5e4ca39cfbd691162960f40e4595e26eb2461c1a69b7b869
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 10:36:13 GMT
server
nginx
content-encoding
gzip
x-powered-by
Express
etag
W/"26ab-1801d586514"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-xss-protection
1; mode=block
webpack-1127939f76ff39694242.js
ex.ua/_next/static/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ex.ua/_next/static/chunks/webpack-1127939f76ff39694242.js
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
6da4689a48d16e971a4d88bcaca2c0ad8344923e8a20775906243372e16fa1a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 10:36:13 GMT
server
nginx
content-encoding
gzip
x-powered-by
Express
etag
W/"11b5-1801d586518"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-xss-protection
1; mode=block
framework-c93ed74a065331c4bd75.js
ex.ua/_next/static/chunks/ 		129 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ex.ua/_next/static/chunks/framework-c93ed74a065331c4bd75.js
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
a5362a63bcc6151d6076060de35b41211e71775ea2e4e5d24ce211f8a0d0a1b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 10:36:13 GMT
server
nginx
content-encoding
gzip
x-powered-by
Express
etag
W/"2023c-1801d586518"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-xss-protection
1; mode=block
main-8d15616dad332ac01c02.js
ex.ua/_next/static/chunks/ 		76 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ex.ua/_next/static/chunks/main-8d15616dad332ac01c02.js
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
97bfd06f6df865dc2b05c1cd06700689a867a84a98a28a370d8cc7b23323ae62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 10:36:13 GMT
server
nginx
content-encoding
gzip
x-powered-by
Express
etag
W/"12e2b-1801d586514"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-xss-protection
1; mode=block
_app-1c3cd8f4fda80232ac11.js
ex.ua/_next/static/chunks/pages/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ex.ua/_next/static/chunks/pages/_app-1c3cd8f4fda80232ac11.js
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
62822e2dc9783084dd7b8ef972391f141f01cdb7b863959531de1fb405e31f06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 10:36:13 GMT
server
nginx
content-encoding
gzip
x-powered-by
Express
etag
W/"a0c7-1801d586514"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-xss-protection
1; mode=block
263-888d5fd72fb62b10ff65.js
ex.ua/_next/static/chunks/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ex.ua/_next/static/chunks/263-888d5fd72fb62b10ff65.js
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
31c972727c493989d803a28457baa673ebb02289b5d2f835fa3f4ed94cfa02fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 10:36:13 GMT
server
nginx
content-encoding
gzip
x-powered-by
Express
etag
W/"3579-1801d586518"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-xss-protection
1; mode=block
index-ac3c8f1f1bb6cd133aa9.js
ex.ua/_next/static/chunks/pages/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ex.ua/_next/static/chunks/pages/index-ac3c8f1f1bb6cd133aa9.js
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
690a3ed03b14e2a401c7e975c9ef88a1b9795b1f5e4d5bf3db76d86d1608c98b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 10:36:13 GMT
server
nginx
content-encoding
gzip
x-powered-by
Express
etag
W/"ea0-1801d586514"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-xss-protection
1; mode=block
_buildManifest.js
ex.ua/_next/static/fI5LlDut9ghi2uwrcpVaK/ 		1 KB
938 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ex.ua/_next/static/fI5LlDut9ghi2uwrcpVaK/_buildManifest.js
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
e25c3efd83ad13f963036a9c57df310dd0f12a4d17e0d93cd2afd46b35597fb4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 10:36:13 GMT
server
nginx
content-encoding
gzip
x-powered-by
Express
etag
W/"502-1801d586514"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-xss-protection
1; mode=block
_ssgManifest.js
ex.ua/_next/static/fI5LlDut9ghi2uwrcpVaK/ 		77 B
430 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ex.ua/_next/static/fI5LlDut9ghi2uwrcpVaK/_ssgManifest.js
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 10:36:13 GMT
server
nginx
content-encoding
gzip
x-powered-by
Express
etag
W/"4d-1801d586510"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, immutable
x-xss-protection
1; mode=block
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik:ital,wght@0,400;0,500;0,700;1,400;1,500;1,700&display=swap
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8301152dda027540cc4b2411a1f168663246ff6e0c545582d7a40f358e5966f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 04 Dec 2022 03:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 03:39:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 04 Dec 2022 03:39:37 GMT
9ZINT577R.svg
cdn.u.media/exua_tmdv/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/exua_tmdv/9ZINT577R.svg
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
/
Resource Hash
57f5851bd6ad1d373553cf5da798aa6c3bed980133ba98869237f4c70e360ddc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 14:14:48 GMT
via
1.1 google
last-modified
Tue, 17 Aug 2021 09:27:32 GMT
age
998690
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1289
yHDPNdcng.jpeg
cdn.u.media/c/w1258h718/x10y0/exua_tmdv/ 		137 KB
138 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w1258h718/x10y0/exua_tmdv/yHDPNdcng.jpeg
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
3f291864c79905668c927fa0eb78e6112e758da86a6c6eb0ac5277574404bfee

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:11:15 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1351703
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140706
h8_oKmc7g.jpeg
cdn.u.media/c/w766h438/x0y21/exua_tmdv/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w766h438/x0y21/exua_tmdv/h8_oKmc7g.jpeg
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
767e3768046e29acd2e988357820c2176aca8a228a47e5fbe053b0d2945c8377

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:11:15 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1351703
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7746
-BbvmKvnR.png
cdn.u.media/c/w2735h1563/x0y261/exua_tmdv/ 		60 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w2735h1563/x0y261/exua_tmdv/-BbvmKvnR.png
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
525a037df7bf504294a8f08283fccdb806479c6e450230a1996b1fd98834955b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:11:16 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1351702
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60936
WlsV7qHng.jpeg
cdn.u.media/c/w787h449/x56y0/exua_tmdv/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w787h449/x56y0/exua_tmdv/WlsV7qHng.jpeg
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
8dfa315533778e9d42f261ba73bc667aa80c76d8ec2f98b00e3b7e82e1856952

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:11:15 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1351703
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19848
DvnunXH7g.png
cdn.u.media/c/w687h392/x6y0/exua_tmdv/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w687h392/x6y0/exua_tmdv/DvnunXH7g.png
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
be07a5d313dc6333acce203b6d3b7dc9a9cdc2e9e7979274b0630266993cc54f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:11:15 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1351703
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3724
g_bHnuN7g.png
cdn.u.media/c/w729h416/x10y0/exua_tmdv/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w729h416/x10y0/exua_tmdv/g_bHnuN7g.png
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
74859216ba30f2d0ac895c7c9ae174b013c4c8e82e95b557914dc24bae6b5e48

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:11:15 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1351703
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4932
Urr2WXNng.png
cdn.u.media/c/w1102h629/x48y0/exua_tmdv/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w1102h629/x48y0/exua_tmdv/Urr2WXNng.png
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
85f82cd1b3db17ed3f7950c4c32d195210f7e5241da980c7b7966233daf1c4b6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:11:15 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1351703
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10488
UY9g3UHng.jpeg
cdn.u.media/c/w1599h914/x0y42/exua_tmdv/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w1599h914/x0y42/exua_tmdv/UY9g3UHng.jpeg
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
0b5726a739a6f4bb431f81fa40905fc66844fbbe39d59cbe8e87c4aa21ac954b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:02:57 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1003001
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59666
SyM4YUN7R.png
cdn.u.media/c/w591h337/x4y0/exua_tmdv/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w591h337/x4y0/exua_tmdv/SyM4YUN7R.png
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
0b115d6b804ffbc305afa0cce652f8a3fd5a6739dac91e8870e754b7fe993c07

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:11:15 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1351703
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6448
C9q5f8HnR.jpeg
cdn.u.media/c/w1919h1097/x0y20/exua_tmdv/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w1919h1097/x0y20/exua_tmdv/C9q5f8HnR.jpeg
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
efeceb8b09f920bb51aed0ef8c5521d8dada49b88be165fb0f41e8930f5c4d1e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:02:58 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1003000
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13478
xCbw-UH7g.png
cdn.u.media/c/w728h416/x6y0/exua_tmdv/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w728h416/x6y0/exua_tmdv/xCbw-UH7g.png
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
1f49c1de11c013c5d48af69cce4c8ab1f074f8a13546f47ae3a5a38505d53454

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:02:57 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1003001
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5860
7Be4JTN7g.jpeg
cdn.u.media/c/w698h398/x31y0/exua_tmdv/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w698h398/x31y0/exua_tmdv/7Be4JTN7g.jpeg
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
bea84a4e283e4b2a68698f6c89194c776158dd6870d484a8a502d3f31d188d1f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:11:15 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1351703
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
74380
OmqBioNng.jpeg
cdn.u.media/c/w3780h2160/x30y0/exua_tmdv/ 		141 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w3780h2160/x30y0/exua_tmdv/OmqBioNng.jpeg
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
dbfac6a817858d7bf47828b6daf783d816aece539db1831a5714fde75880bba6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:02:58 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1003000
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
144882
U-nLIMNng.webp
cdn.u.media/c/w1162h664/x53y0/exua_tmdv/ 		182 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w1162h664/x53y0/exua_tmdv/U-nLIMNng.webp
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
28869e3234fc4075de27c9999a1e3dc782cb853319015eff72d45c7668555410

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 13:02:57 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1003001
vary
Accept
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
186089
toGGGGH7g.png
cdn.u.media/c/w892h510/x59y0/exua_tmdv/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w892h510/x59y0/exua_tmdv/toGGGGH7g.png
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
430710c3eab68dcf4b8810d3e82efa5a2b4c900a423def5efff71a56cd64df6b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 15:18:29 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
390069
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14554
ZOR4mGNnR.jpeg
cdn.u.media/c/w1004h573/x7y0/exua_tmdv/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w1004h573/x7y0/exua_tmdv/ZOR4mGNnR.jpeg
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
78f2ff5ee6459fe883e540955042e44d11d2564ad277d5c60ebe78cc4818d75b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 12:11:15 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
1351703
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50392
yV_-zGH7R.png
cdn.u.media/c/w1919h1096/x0y51/exua_tmdv/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.u.media/c/w1919h1096/x0y51/exua_tmdv/yV_-zGH7R.png
Requested by
Host: ex.ua
URL: https://ex.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.164.190 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
190.164.244.35.bc.googleusercontent.com
Software
imaginary dev (bimg 1.1.4) /
Resource Hash
528e9aa7bb6333aa86c975ea90b8715acf86eada16c8904fecc7153c9535724e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Nov 2022 04:38:21 GMT
via
1.1 google
server
imaginary dev (bimg 1.1.4)
age
428477
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public,max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14066
Roboto-Bold.75371f53f06181df75f16f2a140533e5.ttf
ex.ua/_next/static/media/ 		163 KB
164 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ex.ua/_next/static/media/Roboto-Bold.75371f53f06181df75f16f2a140533e5.ttf
Requested by
Host: ex.ua
URL: https://ex.ua/_next/static/css/217798ea5eae3e8beaf7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
baf44ce81636cc927fc27768437e5da853bac699e8aaf832d042f0dfed29b4b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ex.ua/_next/static/css/217798ea5eae3e8beaf7.css
Origin
https://ex.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 10:36:13 GMT
server
nginx
x-powered-by
Express
etag
W/"28da8-1801d586510"
x-frame-options
SAMEORIGIN
content-type
font/ttf
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
167336
x-xss-protection
1; mode=block
Roboto-Medium.7429a63c09f79a1760b0233e3e46f776.ttf
ex.ua/_next/static/media/ 		165 KB
165 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ex.ua/_next/static/media/Roboto-Medium.7429a63c09f79a1760b0233e3e46f776.ttf
Requested by
Host: ex.ua
URL: https://ex.ua/_next/static/css/217798ea5eae3e8beaf7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
4ac8e03606ffa4c37f61a6510a2080f1f37a7054f4726c214887d3b23f72e369
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ex.ua/_next/static/css/217798ea5eae3e8beaf7.css
Origin
https://ex.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 10:36:13 GMT
server
nginx
x-powered-by
Express
etag
W/"292c4-1801d58650c"
x-frame-options
SAMEORIGIN
content-type
font/ttf
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
168644
x-xss-protection
1; mode=block
Roboto-Regular.a8d6ac03c7b96b7acb6228ff2676139d.ttf
ex.ua/_next/static/media/ 		164 KB
165 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ex.ua/_next/static/media/Roboto-Regular.a8d6ac03c7b96b7acb6228ff2676139d.ttf
Requested by
Host: ex.ua
URL: https://ex.ua/_next/static/css/217798ea5eae3e8beaf7.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
207.154.204.88 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Express
Resource Hash
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ex.ua/_next/static/css/217798ea5eae3e8beaf7.css
Origin
https://ex.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 10:36:13 GMT
server
nginx
x-powered-by
Express
etag
W/"29144-1801d58650c"
x-frame-options
SAMEORIGIN
content-type
font/ttf
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
content-length
168260
x-xss-protection
1; mode=block
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 		354 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5141359498022804&plah=ex.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5141359498022804
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3096b857e86eab973eddc159c3f9233154423c62eee6470df746d66b93a7a92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119174
x-xss-protection
0
server
cafe
etag
3264732809814186503
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 04 Dec 2022 03:39:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 1555 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5141359498022804
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ex.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
67742
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 08:50:36 GMT
etag
10353107486223812946
expires
Sat, 17 Dec 2022 08:50:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-206373733-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-268F9VM54Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dd333b94a14877d69fb57f97085ddfd49d040353f66d955befced28930490669
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43597
x-xss-protection
0
last-modified
Sun, 04 Dec 2022 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 04 Dec 2022 03:39:38 GMT
collect
region1.google-analytics.com/g/ 		0
340 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-268F9VM54Y&gtm=2oebu0&_p=74282416&cid=66744370.1670125178&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670125178&sct=1&seg=0&dl=https%3A%2F%2Fex.ua%2F&dt=EX.UA%20-%20%D0%9E%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%2C%20%D1%81%D1%80%D0%B0%D0%B2%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D0%BB%D0%B0%D0%B9%D1%84%D1%85%D0%B0%D0%BA%D0%B8&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-268F9VM54Y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 03:39:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ex.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-206373733-1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 04 Dec 2022 03:24:40 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
898
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 04 Dec 2022 05:24:40 GMT
cookie.js
partner.googleadservices.com/gampad/ 		377 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ex.ua&callback=_gfp_s_&client=ca-pub-5141359498022804&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5141359498022804&plah=ex.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
40d14adf2aa5fc580c532f5ba88a7eea1b218747a098f2b26c41fd54633ebd7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ex.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5141359498022804&plah=ex.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ex.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5141359498022804&plah=ex.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C922 		436 B
237 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5141359498022804&output=html&h=280&slotname=8877403118&adk=2837362657&adf=1199087956&pi=t.ma~as.8877403118&w=1200&fwrn=4&fwrnh=100&lmt=1670125178&rafmt=1&format=1200x280&url=https%3A%2F%2Fex.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670125178082&bpp=4&bdt=302&idt=325&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&correlator=2739483720036&frm=20&pv=2&ga_vid=66744370.1670125178&ga_sid=1670125178&ga_hid=74282416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070993%2C44774606%2C44779076&oid=2&pvsid=2445354763668891&tmod=944060946&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=e2cV0tZpcl&p=https%3A//ex.ua&dtd=340
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5141359498022804&plah=ex.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61874fee52833b19aaf59de6ef8aef3c254cd59a0c89a20f59b509b873ba1fd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ex.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
214
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 03:39:38 GMT
expires
Sun, 04 Dec 2022 03:39:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DF86 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5141359498022804&output=html&adk=1812271804&adf=3025194257&lmt=1670125178&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fex.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670125178097&bpp=1&bdt=316&idt=331&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=2739483720036&frm=20&pv=1&ga_vid=66744370.1670125178&ga_sid=1670125178&ga_hid=74282416&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C31070993%2C44774606%2C44779076&oid=2&pvsid=2445354763668891&tmod=944060946&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=336
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5141359498022804&plah=ex.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e30c668db58bef55e7739ead09b85c6cf6b316be4046238cf530f432894f87f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ex.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
5123
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 03:39:38 GMT
expires
Sun, 04 Dec 2022 03:39:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=74282416&t=pageview&_s=1&dl=https%3A%2F%2Fex.ua%2F&ul=en-us&de=UTF-8&dt=EX.UA%20-%20%D0%9E%D0%B1%D0%B7%D0%BE%D1%80%D1%8B%20%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%BC%2C%20%D1%81%D1%80%D0%B0%D0%B2%D0%BD%D0%B5%D0%BD%D0%B8%D1%8F%20%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%BE%D0%B2%20%D0%B8%20%D0%BF%D0%BE%D0%BB%D0%B5%D0%B7%D0%BD%D1%8B%D0%B5%20%D0%BB%D0%B0%D0%B9%D1%84%D1%85%D0%B0%D0%BA%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1860155712&gjid=53807524&cid=66744370.1670125178&tid=UA-206373733-1&_gid=906360879.1670125178&_r=1&gtm=2oubu0&z=336811469
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ex.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 04 Dec 2022 03:39:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ex.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-206373733-1&cid=66744370.1670125178&jid=1860155712&gjid=53807524&_gid=906360879.1670125178&_u=YADAAUAAAAAAACAAI~&z=212588738
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ex.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Sun, 04 Dec 2022 03:39:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ex.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5141359498022804&plah=ex.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7f3b72a2756ad54d2f11f839e624eaf97e1efe9b1e954aecc0b4eaad2f3fab0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11118
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5141359498022804&plah=ex.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 04 Dec 2022 03:39:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B09A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ex.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
18409
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 22:32:50 GMT
expires
Sun, 03 Dec 2023 22:32:50 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C341 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f11923bf6a40ce71d3e18a5d6e85f2f0383276abd69337d4cda6341bd6761afd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jYjCbigGtMTb4UQ5zsOwFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ex.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-jYjCbigGtMTb4UQ5zsOwFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 04 Dec 2022 03:39:39 GMT
expires
Sun, 04 Dec 2022 03:39:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame B09A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 02 Dec 2022 14:37:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
133313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 14:37:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C341 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2445354763668891&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B09A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?p_3a8A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 04 Dec 2022 03:39:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2445354763668891&bg=!fn2lfTnNAAbvMpMzzzI7ACkAdvg8WsL8dA1LJKH_az_8Em8HBftOWDMiM1xAu8W66A3EFEhV6WVNGgIAAABHUgAAAAJoAQcKAQZBC4NnNMDk_CHWFnTWfyoahjoOsJqyTa53_PkFqKZ42FtRY_vtYTHAxszFFax13C9ePdLFO686QdOYOtfif40EEr5wbIT4_rjQE7kP18jrNMILpG7G-GT58fzOpWEruNTHVj3mbOjNBVrX95gdrALfBKwOtZBNIi6KBGcRVw6fgR5g_TdPbddZ4nVNdHV_qhjt2HnX1JxMROZw2gVUYoVcy2FvIHohhTIwiE9ouLB8Q02gJAbkJ6gyQ73iJEmK5afpWEdV_lPB_CepHgWiAi32Ju3mch9ylyjnVf75hOtGDtuttCMS5AJbmBOHpzRhYpxoqqwewXSKtyNC7q91QN00jlqpzso2mQKUWZ60uo8u7txM-luXzkJIXWqH3ew223ENCM9ju45pY1e19YsNFBLgvwaUu5xwo06srQPyPPhxhDfidCz8vYsbmTA44IkijTsJ6Xc-b2RxIfCCOMWVgOVpplQ2U6ScpeQPGv6ex43beoacuRNvFHWtGKIQwpaWjRksd2Il73SVNa290yPcqlbMh6ihCrSzTfD2_v_mJhHlVRRniPgKcTOOfJGa05ea1Z0y6rbqoROPIkj63kXtLQ2evwyMYF3_TDfIRDLVWpXjxcLpIe5M8rE-sze3OeEFvMFzw102IZSAafoGEU6N5i6r0CFV2ervbFRZ1KbfhfJzp5BjfkLT4bKtc0O2n3SA5E99c4HlQ8KAHJfbR4JllyNiOz_0Bz6rfnuHIB4l2XYA-YquVtTC04iB3RJdjkJiC2p2lpHEVKVMprznQorVY8AKGDLD6mD5JEjFYDpwUz4I8lIg7DyegtQPgtzr13Z67bqQtLrzsoYBeYDnXc1f_ZZVvXI4tW0VMoii21NWoYkzzP1fpRAlQvwiusi7bxnEgVULPpDzILc30PAMHJoEM3JFM3seUp6Oaept4-X-ZCjyTVwYnk2dPHnKFaQuFK-ARk7pqTTqTsD9p6NxNIQCd0v0vV4Ta7vA2IZ2PSxvSlaHw6VHxymGpRmubrLYI_hkV49wDL8pzaUjVlhuS8O40IJUrk-GDrbFZLeGXC8f71BDrzZ5_zk6CKLLbNKIilOTRsGpZGfXfuhqiLysLJAyredTqW2K__pgC9IwUdS7a2GICYiL7UXvU6FkplLilAnTDHNweTWA4rWjWOgsxAhhkeiaOBm8I5NJGBQ-__prE9YcMp2v2zNVej6YArXL5FHM8XcfvjSF0x7Z7_8r_6OE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ex.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| oncontentvisibilityautostatechange function| gtag object| dataLayer object| webpackChunk_N_E object| regeneratorRuntime object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| next object| _N_E object| adsbygoogle object| __BUILD_MANIFEST object| __SSG_MANIFEST object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal string| GoogleAnalyticsObject function| ga function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| gaplugins object| gaData object| GoogleGcLKhOms object| google_image_requests

7 Cookies

Domain/Path Name / Value
.ex.ua/ Name: _ga_268F9VM54Y
Value: GS1.1.1670125178.1.0.1670125178.0.0.0
.ex.ua/ Name: _ga
Value: GA1.2.66744370.1670125178
.ex.ua/ Name: _gid
Value: GA1.2.906360879.1670125178
.ex.ua/ Name: _gat_gtag_UA_206373733_1
Value: 1
.ex.ua/ Name: __gads
Value: ID=4419f4f4089299e1-22bf2ce7d5d80001:T=1670125178:RT=1670125178:S=ALNI_MbHx6zkXq_YNCsrexP3dVIET8M0Vg
.ex.ua/ Name: __gpi
Value: UID=00000b8d68dab355:T=1670125178:RT=1670125178:S=ALNI_MbAooudFVrCUYqVwZ7NFBhMIYFEzw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.u.media
ex.ua
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
2001:4860:4802:32::36
207.154.204.88
2a00:1450:4001:801::2002
2a00:1450:4001:806::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9d
35.244.164.190
0b115d6b804ffbc305afa0cce652f8a3fd5a6739dac91e8870e754b7fe993c07
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b5726a739a6f4bb431f81fa40905fc66844fbbe39d59cbe8e87c4aa21ac954b
1f49c1de11c013c5d48af69cce4c8ab1f074f8a13546f47ae3a5a38505d53454
21f3fb1b955172cc5e4ca39cfbd691162960f40e4595e26eb2461c1a69b7b869
26fb7a97962d6e46376e025f537661b9f2cdd01e03dd51a30d4c18d279a57967
28869e3234fc4075de27c9999a1e3dc782cb853319015eff72d45c7668555410
319cff6e7a31f0f2a41c475dca42890aa5d19fe16017e2290f8c1d4e14f76481
31c972727c493989d803a28457baa673ebb02289b5d2f835fa3f4ed94cfa02fc
3f291864c79905668c927fa0eb78e6112e758da86a6c6eb0ac5277574404bfee
40d14adf2aa5fc580c532f5ba88a7eea1b218747a098f2b26c41fd54633ebd7b
430710c3eab68dcf4b8810d3e82efa5a2b4c900a423def5efff71a56cd64df6b
46300065582a6d59ffe6604a98dc40bc58f46f9da11b230b1ed2d6a31494380c
4ac8e03606ffa4c37f61a6510a2080f1f37a7054f4726c214887d3b23f72e369
525a037df7bf504294a8f08283fccdb806479c6e450230a1996b1fd98834955b
528e9aa7bb6333aa86c975ea90b8715acf86eada16c8904fecc7153c9535724e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57f5851bd6ad1d373553cf5da798aa6c3bed980133ba98869237f4c70e360ddc
61874fee52833b19aaf59de6ef8aef3c254cd59a0c89a20f59b509b873ba1fd5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62822e2dc9783084dd7b8ef972391f141f01cdb7b863959531de1fb405e31f06
690a3ed03b14e2a401c7e975c9ef88a1b9795b1f5e4d5bf3db76d86d1608c98b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6da4689a48d16e971a4d88bcaca2c0ad8344923e8a20775906243372e16fa1a3
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
74859216ba30f2d0ac895c7c9ae174b013c4c8e82e95b557914dc24bae6b5e48
767e3768046e29acd2e988357820c2176aca8a228a47e5fbe053b0d2945c8377
78f2ff5ee6459fe883e540955042e44d11d2564ad277d5c60ebe78cc4818d75b
8301152dda027540cc4b2411a1f168663246ff6e0c545582d7a40f358e5966f6
85f82cd1b3db17ed3f7950c4c32d195210f7e5241da980c7b7966233daf1c4b6
8dfa315533778e9d42f261ba73bc667aa80c76d8ec2f98b00e3b7e82e1856952
97bfd06f6df865dc2b05c1cd06700689a867a84a98a28a370d8cc7b23323ae62
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5362a63bcc6151d6076060de35b41211e71775ea2e4e5d24ce211f8a0d0a1b0
b3096b857e86eab973eddc159c3f9233154423c62eee6470df746d66b93a7a92
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
baf44ce81636cc927fc27768437e5da853bac699e8aaf832d042f0dfed29b4b4
bc243e623eed8d305a2a05f84f0f7ff0d606f8e23bf1be49a3fceb7044c31217
be07a5d313dc6333acce203b6d3b7dc9a9cdc2e9e7979274b0630266993cc54f
bea84a4e283e4b2a68698f6c89194c776158dd6870d484a8a502d3f31d188d1f
c8b5ebd3c2a45ca4fec787e31a83762383fa66398ff3fe1ef55cb2f9b7d1c5b1
dbfac6a817858d7bf47828b6daf783d816aece539db1831a5714fde75880bba6
dd333b94a14877d69fb57f97085ddfd49d040353f66d955befced28930490669
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e25c3efd83ad13f963036a9c57df310dd0f12a4d17e0d93cd2afd46b35597fb4
e30c668db58bef55e7739ead09b85c6cf6b316be4046238cf530f432894f87f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f3b72a2756ad54d2f11f839e624eaf97e1efe9b1e954aecc0b4eaad2f3fab0
efeceb8b09f920bb51aed0ef8c5521d8dada49b88be165fb0f41e8930f5c4d1e
f11923bf6a40ce71d3e18a5d6e85f2f0383276abd69337d4cda6341bd6761afd