ivona.ua Open in urlscan Pro
13.32.99.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ivona.ua/
Effective URL:
https://ivona.ua/
Submission: On April 18 via api (April 18th 2022, 4:04:34 am UTC) from GB — Scanned from GB

Summary HTTP 342 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 56 IPs in 14 countries across 53 domains to perform 342 HTTP transactions. The main IP is 13.32.99.49, located in United States and belongs to AMAZON-02, US. The main domain is ivona.ua.
TLS certificate: Issued by Amazon on June 27th 2021. Valid for: a year.

This is the only time ivona.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 17	13.32.99.49 13.32.99.49	16509 (AMAZON-02) (AMAZON-02)
1	91.198.36.26 91.198.36.26	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
13	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
8	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 4	146.59.10.80 146.59.10.80	16276 (OVH) (OVH)
11	78.159.118.240 78.159.118.240	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
9	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
16	52.222.214.12 52.222.214.12	16509 (AMAZON-02) (AMAZON-02)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
8	91.198.36.35 91.198.36.35	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
20	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
23	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
18	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
11	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	194.247.175.38 194.247.175.38	196831 (BEMOBILE-AS) (BEMOBILE-AS)
1	2a00:1450:400... 2a00:1450:400c:c0b::9b	15169 (GOOGLE) (GOOGLE)
5	193.29.200.142 193.29.200.142	197203 (UMHAS) (UMHAS)
2	185.86.138.121 185.86.138.121	201081 (SMARTADSE...) (SMARTADSERVER)
4	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	185.86.137.114 185.86.137.114	201081 (SMARTADSE...) (SMARTADSERVER)
10	185.132.133.134 185.132.133.134	49981 (WORLDSTREAM) (WORLDSTREAM)
5	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	193.29.200.162 193.29.200.162	197203 (UMHAS) (UMHAS)
2	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
1	167.71.9.19 167.71.9.19	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
3	194.247.175.26 194.247.175.26	196831 (BEMOBILE-AS) (BEMOBILE-AS)
26	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	194.247.175.25 194.247.175.25	196831 (BEMOBILE-AS) (BEMOBILE-AS)
10	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	104.16.221.74 104.16.221.74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
25	2404:6800:400... 2404:6800:4008:c07::5e	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:401... 2a00:1450:401f::9	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4009:6::8	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 17	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1 1	2.22.32.24 2.22.32.24	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.194.183.160 18.194.183.160	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	15169 (GOOGLE) (GOOGLE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:7f38:53ec:3dfe:9e2b	16509 (AMAZON-02) (AMAZON-02)
1 2	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2	16509 (AMAZON-02) (AMAZON-02)
342	56

17 13.32.99.49 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-49.fra60.r.cloudfront.net

ivona.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua

i.holder.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.59.10.80 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 78.159.118.240 (Munich, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com

cdn.umh.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.cdn.umh.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.zmctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 52.222.214.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-12.fra56.r.cloudfront.net

i.ivona.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 91.198.36.35 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)

h.holder.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)

jsc.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
autocounter.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.247.175.38 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.29.200.142 (Ukraine)

ASN197203 (UMHAS, UA)

exchange.informer.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)

ww251.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.132.133.134 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-132-133-134.hosted-by-worldstream.net

ad.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.29.200.162 (Ukraine)

ASN197203 (UMHAS, UA)

kolobok.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:3175:5196:e3fd:8c1d (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

bgstats.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.247.175.25 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

sslpagestat.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)

s-img.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2404:6800:4008:c07::5e (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:401f::9 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

rr4---sn-aigzrn7l.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4009:6::8 (London, United Kingdom) 2 redirects

ASN15169 (GOOGLE, US)

rr3---sn-aigl6nsk.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.186.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:98f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.246 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.22.32.24 (Milan, Italy) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-32-24.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.183.160 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-183-160.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Rheinfelden, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:7f38:53ec:3dfe:9e2b (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.90.192.27 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	292 KB
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 128 a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com	2 MB
44	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	491 KB
36	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 45202 inv-nets.admixer.net — Cisco Umbrella Rank: 2574	214 KB
33	ivona.ua 1 redirects ivona.ua i.ivona.ua	380 KB
15	idealmedia.io jsc.idealmedia.io — Cisco Umbrella Rank: 96083 c.idealmedia.io — Cisco Umbrella Rank: 85673 cdn.idealmedia.io — Cisco Umbrella Rank: 146797 servicer.idealmedia.io — Cisco Umbrella Rank: 96464 s-img.idealmedia.io — Cisco Umbrella Rank: 89268 cm.idealmedia.io — Cisco Umbrella Rank: 12130 autocounter.idealmedia.io — Cisco Umbrella Rank: 106362	193 KB
11	mox.tv ad.mox.tv — Cisco Umbrella Rank: 43127 bgstats.mox.tv — Cisco Umbrella Rank: 54241	111 KB
11	google.com adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4 mts0.google.com — Cisco Umbrella Rank: 3772	152 KB
11	umh.ua cdn.umh.ua — Cisco Umbrella Rank: 250349 z.cdn.umh.ua — Cisco Umbrella Rank: 265444	6 KB
9	holder.com.ua i.holder.com.ua — Cisco Umbrella Rank: 302266 h.holder.com.ua — Cisco Umbrella Rank: 292523	9 KB
8	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 238	147 KB
6	googlevideo.com 3 redirects rr4---sn-aigzrn7l.googlevideo.com — Cisco Umbrella Rank: 43176 rr3---sn-aigl6nsk.googlevideo.com — Cisco Umbrella Rank: 37079	5 MB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	173 KB
5	informer.ua exchange.informer.ua — Cisco Umbrella Rank: 556718	26 KB
5	bemobile.ua source.mmi.bemobile.ua — Cisco Umbrella Rank: 169835 sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 169130	25 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 46301 ls.hit.gemius.pl — Cisco Umbrella Rank: 11850	16 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	5 KB
4	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5993	680 B
4	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4830 www.google.co.uk — Cisco Umbrella Rank: 3132	2 KB
3	tns-ua.com pa.tns-ua.com — Cisco Umbrella Rank: 126675	4 KB
3	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1356 ww251.smartadserver.com — Cisco Umbrella Rank: 196050	990 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 622	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1696	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 601	888 B
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 860	482 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 884	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 577	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 824 s.tribalfusion.com — Cisco Umbrella Rank: 2497	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 769 r.turn.com — Cisco Umbrella Rank: 3288	869 B
2	quantserve.com pixel.quantserve.com — Cisco Umbrella Rank: 423 cms.quantserve.com — Cisco Umbrella Rank: 1127	735 B
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 897	43 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	697 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
2	zmctrack.net s.zmctrack.net — Cisco Umbrella Rank: 177004	24 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	85 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2388	40 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1591	296 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 350	460 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474	1 KB
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1548	583 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 3276	173 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 44302	511 B
1	linkedin.com 1 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 482	830 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1824	1 KB
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 868	474 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 355	265 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 576	541 B
1	kolobok.ua kolobok.ua	8 KB
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 381835	170 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	410 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 436	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	38 KB
0	mediawayss.com Failed ad.mediawayss.com Failed
342	53

	Domain	Requested by
26	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net ivona.ua a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
25	csi.gstatic.com	www.gstatic.com
23	inv-nets.admixer.net	cdn.admixer.net ivona.ua ad.mox.tv
18	pagead2.googlesyndication.com	ivona.ua pagead2.googlesyndication.com cdn.admixer.net tpc.googlesyndication.com googleads.g.doubleclick.net a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com www.googletagservices.com
17	cm.g.doubleclick.net	2 redirects a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com ivona.ua
17	ivona.ua	1 redirects ivona.ua cdnjs.cloudflare.com
16	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
16	i.ivona.ua	ivona.ua
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net ivona.ua www.googletagservices.com www.gstatic.com
13	cdn.admixer.net	ivona.ua cdn.admixer.net
10	www.gstatic.com	googleads.g.doubleclick.net a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
10	ad.mox.tv	ivona.ua ad.mox.tv
10	z.cdn.umh.ua	cdn.umh.ua
9	fonts.gstatic.com	fonts.googleapis.com
8	h.holder.com.ua	i.holder.com.ua ivona.ua
8	cdnjs.cloudflare.com	ivona.ua cdnjs.cloudflare.com
5	www.googletagservices.com	ad.mox.tv googleads.g.doubleclick.net a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
5	www.google.com	ivona.ua tpc.googlesyndication.com googleads.g.doubleclick.net a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
5	exchange.informer.ua	h.holder.com.ua exchange.informer.ua
5	fonts.googleapis.com	ivona.ua googleads.g.doubleclick.net a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
4	s-img.idealmedia.io	ivona.ua
4	a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	prebid-eu.creativecdn.com	cdn.admixer.net
4	jsc.idealmedia.io	h.holder.com.ua i.holder.com.ua jsc.idealmedia.io
4	gaua.hit.gemius.pl	1 redirects ivona.ua gaua.hit.gemius.pl
3	rr3---sn-aigl6nsk.googlevideo.com	2 redirects a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
3	rr4---sn-aigzrn7l.googlevideo.com	1 redirects a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
3	mts0.google.com	a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
3	sslpagestat.mmi.bemobile.ua	source.mmi.bemobile.ua
3	pa.tns-ua.com	source.mmi.bemobile.ua pa.tns-ua.com ivona.ua
3	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
3	adservice.google.co.uk	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	id.rlcdn.com	2 redirects
2	onetag-sys.com	1 redirects a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
2	pm.w55c.net	2 redirects
2	c1.adform.net	2 redirects
2	cm.idealmedia.io	jsc.idealmedia.io
2	servicer.idealmedia.io	jsc.idealmedia.io
2	unpkg.com	ad.mox.tv
2	prg.smartadserver.com	cdn.admixer.net
2	source.mmi.bemobile.ua	h.holder.com.ua source.mmi.bemobile.ua
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s.zmctrack.net	ivona.ua
2	connect.facebook.net	ivona.ua connect.facebook.net
2	stackpath.bootstrapcdn.com	ivona.ua
1	ag.innovid.com	a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
1	pixel.rubiconproject.com	1 redirects
1	cms.quantserve.com	a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	tr.blismedia.com	a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	px.ads.linkedin.com	1 redirects
1	cs.media.net	1 redirects
1	sync.go.sonobi.com	a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
1	match.adsrvr.org	a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com	ivona.ua
1	a.tribalfusion.com	1 redirects
1	r.turn.com	ivona.ua
1	ad.turn.com	1 redirects
1	autocounter.idealmedia.io	ivona.ua
1	cdn.idealmedia.io	ivona.ua
1	c.idealmedia.io	jsc.idealmedia.io
1	bgstats.mox.tv	ivona.ua
1	pixel.quantserve.com	ivona.ua
1	kolobok.ua	exchange.informer.ua
1	www.google.co.uk	ivona.ua
1	ww251.smartadserver.com	cdn.admixer.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	loadercdn.net	ivona.ua
1	www.facebook.com	ivona.ua
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	cdn.umh.ua	ivona.ua
1	cdn.jsdelivr.net	ivona.ua
1	www.googletagmanager.com	ivona.ua
1	i.holder.com.ua	ivona.ua
0	ad.mediawayss.com Failed	ivona.ua
342	81

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
idealmedia.io
clck.idealmedia.io
bigmir.net
afisha.bigmir.net
finance.bigmir.net
news.bigmir.net
info.bigmir.net
job.i.ua
digimedia.com.ua

Subject Issuer	Validity	Valid
ivona.ua Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
holder.com.ua R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-21`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
cdn.umh.ua R3	`2022-04-10` - `2022-07-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-25` - `2022-04-25`	3 months	crt.sh
s.zmctrack.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-21` - `2022-04-25`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
loadercdn.net R3	`2022-02-11` - `2022-05-12`	3 months	crt.sh
*.mmi.bemobile.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-14` - `2023-02-03`	a year	crt.sh
exchange.informer.ua R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
ad.mox.tv R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
kolobok.ua R3	`2022-03-14` - `2022-06-12`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
bgstats.mox.tv R3	`2022-03-30` - `2022-06-28`	3 months	crt.sh
juke.mmi.tns-ua.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2022-02-20` - `2022-05-21`	3 months	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 29 frames:

Primary Page: https://ivona.ua/
Frame ID: 314BD80EDB3DD79FA3AE0BD2D98F56BD
Requests: 177 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Frame ID: D9D808773435954444A8BB1E5EF9B8F7
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 7A6EFCC7F242D15D9E2FD2A6E339686D
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 79385963B812A974773928F326BA7922
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Frame ID: 08B95500A522A9830172787184DF24BF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Frame ID: EA430F1CFD04CBEADE8FA07512D6B792
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Frame ID: ED58F0EC9C5F34C948BE075CFC0818C9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Frame ID: 79BA7AB8E9B9BFB798233E93BEC92A0F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Frame ID: 9AB01C22572C00F3E2D3FE244466781B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1650254666&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fivona.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650254666350&bpp=2&bdt=571&idt=309&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=557144391490&frm=20&pv=2&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1358437930&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065545%2C31067099%2C31066184%2C31062930&oid=2&pvsid=2914074695639086&pem=933&tmod=1859757062&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=323
Frame ID: 1791662A63B0B1F53EACBB31B572A08F
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=kolobok
Frame ID: D1A2C848EEB52121A47369C40010A210
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 3AA76C35F98A92801AD3C38D214AF60B
Requests: 8 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: E4D2B6AFA715BECD7A12FE363A049938
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650254666987&bpp=3&bdt=100&idt=128&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&correlator=557144391490&frm=23&ife=5&pv=1&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1155762858&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C44760911%2C31067063%2C31067068%2C31066184&oid=2&pvsid=3100504603474102&pem=933&tmod=1300855319&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jy5hhy20ou&fsb=1&dtd=145
Frame ID: 7654DE7BEF5949B50F74047518E7E321
Requests: 17 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: BC1AEC901A8F0E45C971B9513817038D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6F5081BD118D712E2FBC1CB536760EDE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9FB6EEA657539105940A8BBC8E94471A
Requests: 2 HTTP requests in this frame

Frame: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8AC03ED05C7ECC4A8B24FF51C2D62711
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js
Frame ID: E2290C123732F73FAE4145795D76BE2D
Requests: 1 HTTP requests in this frame

Frame: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F763DDE4619AC428EF3FCBC968D78B69
Requests: 30 HTTP requests in this frame

Frame: https://cm.idealmedia.io/i-noref.js?cbuster=1650254668140336641952
Frame ID: E6119A206A99A44772634104AC29AE06
Requests: 1 HTTP requests in this frame

Frame: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7D41075F1E9E026E460F90D3C758A619
Requests: 34 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B2AB67C8EE6EFB6F1AA09EB2B35C135E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DC086CE3216FF88C14ACEE4D393B82C1
Requests: 9 HTTP requests in this frame

Frame: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7F0E9E9278A4E7E31B49E67FCFCDAF32
Requests: 34 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 07A6BE2840BBB3A3E34593C67B8098D6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 9AADA8383967299EAD734131045EFC3D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: C87AB7B2D007D275E6AFB4AC11802DCF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 65ED095DC4B4327DBAF9D9F58F6BCD0D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Женский журнал IVONA

Page URL History Show full URLs

http://ivona.ua/ HTTP 301
https://ivona.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

342
Requests

94 %
HTTPS

45 %
IPv6

53
Domains

81
Subdomains

56
IPs

14
Countries

10090 kB
Transfer

14250 kB
Size

103
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Ivona.bigmir.net/
Title: Ivona bigmir)net

Search URL Search Domain Scan URL

URL: http://idealmedia.io/

Search URL Search Domain Scan URL

URL: https://clck.idealmedia.io/pnews/10069582/i/29295/pp/1/1?h=qWKQJDZvhHekh77daHHXfmUyGKOFkgV4YLkeG1xGH7hAxSVWVeoy6s-I_2xGfWln&utm_campaign=ivona.bigmir.net&utm_source=ivona.bigmir.net&utm_medium=referral&rid=a44a1c9e-becc-11ec-b76d-e43d1a2a96ea&tt=Direct&att=3&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://clck.idealmedia.io/pnews/10061444/i/29295/pp/2/1?h=qWKQJDZvhHekh77daHHXfiVqxWJQfVQ7bNq38MdXs_wungorXGB-hEmfhkPPXWxq&utm_campaign=ivona.bigmir.net&utm_source=ivona.bigmir.net&utm_medium=referral&rid=a44a1c9e-becc-11ec-b76d-e43d1a2a96ea&tt=Direct&att=3&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://clck.idealmedia.io/pnews/10057706/i/29295/pp/3/1?h=qWKQJDZvhHekh77daHHXfqNyXdhZ11ygCtRNuSf7UkwP68guZYYZqiyHhFn38DYs&utm_campaign=ivona.bigmir.net&utm_source=ivona.bigmir.net&utm_medium=referral&rid=a44a1c9e-becc-11ec-b76d-e43d1a2a96ea&tt=Direct&att=3&iv=11&ct=1&gdpr=1&st=60

Search URL Search Domain Scan URL

URL: https://bigmir.net/

Search URL Search Domain Scan URL

URL: https://afisha.bigmir.net/
Title: Афиша

Search URL Search Domain Scan URL

URL: https://finance.bigmir.net/realty/lun
Title: Недвижимость

Search URL Search Domain Scan URL

URL: https://news.bigmir.net/
Title: Новости

Search URL Search Domain Scan URL

URL: https://finance.bigmir.net/
Title: Финансы

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Ivona.ua
Title: Ivona.ua в Facebook

Search URL Search Domain Scan URL

URL: https://info.bigmir.net/
Title: Помощь

Search URL Search Domain Scan URL

URL: https://info.bigmir.net/rules_ivona
Title: Правила

Search URL Search Domain Scan URL

URL: https://info.bigmir.net/materials
Title: Использование материалов

Search URL Search Domain Scan URL

URL: https://info.bigmir.net/contract
Title: Пользовательское Соглашение

Search URL Search Domain Scan URL

URL: https://info.bigmir.net/privacy_policy
Title: Политика в сфере конфиденциальности и персональных данных

Search URL Search Domain Scan URL

URL: https://job.i.ua/info/vacancy/692624/
Title: Вакансии

Search URL Search Domain Scan URL

URL: https://digimedia.com.ua/
Title: Cейлз-хаус "Диджимедиа"

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ivona.ua/ HTTP 301
https://ivona.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://gaua.hit.gemius.pl/_1650254666581/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=332&lsdata=x41nDsZ3jOlbZHmfylx_7DRyT77V6iWe4ktRK8Ua_R7..783va1Tb5pPhgAStkQ7cc2o3RfCTSUhEuitvC71JLJp8Hbz/TzfnLfa0BQxse/&fpdata=xXzGU9tH_fq2ZzuEhbtW_1611AZFxtwXKd6ideiG9TP.b7&vis=1&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1650254666581/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=332&lsdata=x41nDsZ3jOlbZHmfylx_7DRyT77V6iWe4ktRK8Ua_R7..783va1Tb5pPhgAStkQ7cc2o3RfCTSUhEuitvC71JLJp8Hbz/TzfnLfa0BQxse/&fpdata=xXzGU9tH_fq2ZzuEhbtW_1611AZFxtwXKd6ideiG9TP.b7&vis=1&fpcap=

Request Chain 151

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=cc1ff3b1-3ad6-4f46-aa86-c44e5819b189&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=cc1ff3b1-3ad6-4f46-aa86-c44e5819b189&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=75984b21-7f3a-516c-8e54-296aec08ca21&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://ad.mox.tv/delivery/sync?userid=c00f2201-4599-4d11-b30a-e9ff988177ab HTTP 302
https://ad.mediawayss.com/delivery/sync?userid=c00f2201-4599-4d11-b30a-e9ff988177ab&inner_redirect=1&inner_uuid=fcfc0b69-06f4-4b81-8198-e12cf48c2c23&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8=

Request Chain 152

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=fcfc0b69-06f4-4b81-8198-e12cf48c2c23&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=fcfc0b69-06f4-4b81-8198-e12cf48c2c23&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=75984b21-7f3a-516c-8e54-296aec08ca21&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://ad.mox.tv/delivery/sync?userid=c00f2201-4599-4d11-b30a-e9ff988177ab HTTP 302
https://ad.mediawayss.com/delivery/sync?userid=c00f2201-4599-4d11-b30a-e9ff988177ab&inner_redirect=1&inner_uuid=fcfc0b69-06f4-4b81-8198-e12cf48c2c23&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8=

Request Chain 251

https://rr4---sn-aigzrn7l.googlevideo.com/videoplayback?expire=1650283467&ei=S-NcYtOBOYyO1gLinoDwBg&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&mh=C8&mm=31&mn=sn-aigzrn7l&ms=au&mv=m&mvi=4&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1646312223580167&mt=1650254449&txp=5438434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAOZW-YRPg7ZENa2_e66EO7ugsiujYSHYQu7-FjVJF2yTAiEA2EuGhO_Eeaa_fl1GKOlJDI4ynx6OJvi6_P1El-Vwfgo=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAORm_8LyEqU9vde5VqDDGyjiZUFl559ySuEoNAXjnFDvAiEAuOIgSUkBtZM9Qv4m19T0A0H1eHly-6O19rxHiKcL5Fk=&cpn=cco-4s9Cuq-sHGYj HTTP 302
https://rr3---sn-aigl6nsk.googlevideo.com/videoplayback?expire=1650283467&ei=S-NcYtOBOYyO1gLinoDwBg&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1646312223580167&txp=5438434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAOZW-YRPg7ZENa2_e66EO7ugsiujYSHYQu7-FjVJF2yTAiEA2EuGhO_Eeaa_fl1GKOlJDI4ynx6OJvi6_P1El-Vwfgo=&cpn=cco-4s9Cuq-sHGYj&redirect_counter=1&rm=sn-aigesd7z&req_id=43b62074541836e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=C8&mip=2001:ac8:21:e::8&mm=31&mn=sn-aigl6nsk&ms=au&mt=1650254457&mv=m&mvi=3&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANC1fWTsLavqblIVlxYm9Qdq1ICkg8O-vutTtWbes4-oAiEA5hlbpGFMGq5PbVQCs5Y80U0KEVJnPB_-IVFr5SB9kyk%3D

Request Chain 261

https://rr3---sn-aigl6nsk.googlevideo.com/videoplayback?expire=1650283468&ei=TONcYsLrB87TgAfrw6ywCw&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&mh=C8&mm=31&mn=sn-aigl6nsk&ms=au&mv=m&mvi=3&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1646312223580167&mt=1650254449&txp=5438434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAKCT1Wq7ZcioXJqJS2sZGsyoKfUzoxzxF-hGqLkj8L-LAiEA9DYHZLUMM9o8nbhWwvLS_sLVojjUi58KD834_7FBnp0=&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhALuhQza5lXQet-6GdbDyxik8CsbbQu2-97MmjYHWpk6dAiAxHyumMj0bSLtXw-XmQ_wTmiNQgqsS-xs4jkCXkYATGA==&cpn=z0KTYnCbL0VWJSsT HTTP 302
https://rr4---sn-aigzrn7l.googlevideo.com/videoplayback?expire=1650283468&ei=TONcYsLrB87TgAfrw6ywCw&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1646312223580167&txp=5438434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAKCT1Wq7ZcioXJqJS2sZGsyoKfUzoxzxF-hGqLkj8L-LAiEA9DYHZLUMM9o8nbhWwvLS_sLVojjUi58KD834_7FBnp0=&cpn=z0KTYnCbL0VWJSsT&redirect_counter=1&rm=sn-aigezr7s&req_id=837b7e593a7936e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=C8&mip=2001:ac8:21:e::8&mm=31&mn=sn-aigzrn7l&ms=au&mt=1650254457&mv=m&mvi=4&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPXKo8sQR8RKNHz6qk5yFuM0Q9bwEyy1YI0SIhnMnZoAAiEArBKbBPFC77M6jWyrZjk7B2n963J5AvY190pFPWIvOIA%3D

Request Chain 267

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAMqiySqybvEmq2ZqnPwn54&google_cver=1&google_push=AYg5qPINTrg0t_gd49VQY0-3lepn4PKUZXQgxHkg8bvqmwLaX20D0iK16UCybtaFB6TtWIZlWX4oFh9b0lwwpThbqS12jNNEmIRX_A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODg0OTI5NTUyODk1ODg2MjIyNQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAMqiySqybvEmq2ZqnPwn54&google_cver=1

Request Chain 268

https://a.tribalfusion.com/i.match?p=b6&u=CAESECRFzCZUB9D5Z7fjFpVLgfE&google_cver=1&google_push=AYg5qPKZgv7C2f3WeIaXvwLakA-qZkw28A-XoQunuWAetWhWm-VFCEu9Cbz3fM78JoNqxJhSan3lNxF9sE_dAiYBW8By1Lzxlu-9&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKZgv7C2f3WeIaXvwLakA-qZkw28A-XoQunuWAetWhWm-VFCEu9Cbz3fM78JoNqxJhSan3lNxF9sE_dAiYBW8By1Lzxlu-9%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECRFzCZUB9D5Z7fjFpVLgfE&google_cver=1&google_push=AYg5qPKZgv7C2f3WeIaXvwLakA-qZkw28A-XoQunuWAetWhWm-VFCEu9Cbz3fM78JoNqxJhSan3lNxF9sE_dAiYBW8By1Lzxlu-9&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKZgv7C2f3WeIaXvwLakA-qZkw28A-XoQunuWAetWhWm-VFCEu9Cbz3fM78JoNqxJhSan3lNxF9sE_dAiYBW8By1Lzxlu-9%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 269

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESENxw3c5HIfWZW64bqBkzztY&google_cver=1&google_push=AYg5qPLaLWo9dQ9WVvByCfRcwe950P6yiYJZEqQAUN_12E1jXv8dphfIJJoe0Brtq0ml9T-vGIfQn3KqNMDqKw8RepTFdwF1nZIzEw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENxw3c5HIfWZW64bqBkzztY&google_push=AYg5qPLaLWo9dQ9WVvByCfRcwe950P6yiYJZEqQAUN_12E1jXv8dphfIJJoe0Brtq0ml9T-vGIfQn3KqNMDqKw8RepTFdwF1nZIzEw

Request Chain 271

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBTxJ0fZ525t6lRGo_rogno&google_cver=1&google_push=AYg5qPLuNuk3gfB-5J62PwpYKzUm9u_tjRKj4RkO7cDLyYlLNtppI8u8j77yV3qc4FCeVqVVMi5o6xee1TA9giIxxeek5UosekFVZA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBTxJ0fZ525t6lRGo_rogno&google_cver=1&google_push=AYg5qPLuNuk3gfB-5J62PwpYKzUm9u_tjRKj4RkO7cDLyYlLNtppI8u8j77yV3qc4FCeVqVVMi5o6xee1TA9giIxxeek5UosekFVZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc4NDczNDQ0OTE4MDUyOTc3Ng&google_push=AYg5qPLuNuk3gfB-5J62PwpYKzUm9u_tjRKj4RkO7cDLyYlLNtppI8u8j77yV3qc4FCeVqVVMi5o6xee1TA9giIxxeek5UosekFVZA

Request Chain 273

https://cs.media.net/cksync?type=g&google_gid=CAESEB44wqX6GBgviCb2WNHLZ1c&google_cver=1&google_push=AYg5qPJVOzfLcx2CAoEgUJZah01ic422o9054yzneFj2P7pmBJQYrRBoGYkzsWohRiPAUzdylNlDyvaW_6FkNVdj4dYXXFsTAkHOgQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzMjU2MjY4NTAxMTYyOTAwMFYxMA%3d%3d&mn_hm=MjkzMjU2MjY4NTAxMTYyOTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJVOzfLcx2CAoEgUJZah01ic422o9054yzneFj2P7pmBJQYrRBoGYkzsWohRiPAUzdylNlDyvaW_6FkNVdj4dYXXFsTAkHOgQ&gdpr=&gdpr_consent=

Request Chain 278

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAc7K_TWVU1GmAYgdNwyV-A&google_cver=1&google_push=AYg5qPIeRagy-WGRQvEs62Gnds1xLN0tS9cD0g6oPeFYtRxsSQZ4oAQtCyKcgTGQM0O4xFiYlC3bUjSaFBwUTPWmHF1Uc6_SBw HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAc7K_TWVU1GmAYgdNwyV-A&google_cver=1&google_push=AYg5qPIeRagy-WGRQvEs62Gnds1xLN0tS9cD0g6oPeFYtRxsSQZ4oAQtCyKcgTGQM0O4xFiYlC3bUjSaFBwUTPWmHF1Uc6_SBw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aXRBSWl5OEIxTkdpQ001&google_gid=CAESEAc7K_TWVU1GmAYgdNwyV-A&google_cver=1&google_push=AYg5qPIeRagy-WGRQvEs62Gnds1xLN0tS9cD0g6oPeFYtRxsSQZ4oAQtCyKcgTGQM0O4xFiYlC3bUjSaFBwUTPWmHF1Uc6_SBw

Request Chain 279

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJIC6bJXN_FvvXw1qr2T99s&google_cver=1&google_push=AYg5qPJslzoXnbf0XOk_oeX70bDPEmiEtGs8gMZAkhD8hSa5cMuC9lV3f7ocaJd7tK7gR1l-3M-UJgfRAhALcbdS6eI_QJw5zw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPJslzoXnbf0XOk_oeX70bDPEmiEtGs8gMZAkhD8hSa5cMuC9lV3f7ocaJd7tK7gR1l-3M-UJgfRAhALcbdS6eI_QJw5zw

Request Chain 280

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKF1mLXsB98sEp8oCFctccQ&google_cver=1&google_push=AYg5qPKGxVXweHnCA9IBqdIH8vwVUjMOrldIW3SZaltpHQIj_v1RD1aOz5s747GPp2yGELURUdnbty2D5w6j3gG2HycROINt6DI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKGxVXweHnCA9IBqdIH8vwVUjMOrldIW3SZaltpHQIj_v1RD1aOz5s747GPp2yGELURUdnbty2D5w6j3gG2HycROINt6DI&google_hm=9smg8rt7TjGMtwus496yiWQ

Request Chain 282

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEeNQBLu0giGMJ7xaYz7Jiw&google_cver=1&google_push=AYg5qPIDHSqLXgRcSTjbBgFU-oKJC0Hrq_RkAa7I6qXujJelb0xVYUeskRl5FKfTVOiMqd3pjA-JYwA2uxLvopRbBcIgGg33myY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4Nzc4OTgyOTE0MDU3NjM5Nw%3D%3D&google_push=AYg5qPIDHSqLXgRcSTjbBgFU-oKJC0Hrq_RkAa7I6qXujJelb0xVYUeskRl5FKfTVOiMqd3pjA-JYwA2uxLvopRbBcIgGg33myY

Request Chain 283

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBBh79r5v8IXpREeiz2GPWI&google_cver=1&google_push=AYg5qPK3Irm8nWC0lAuMztZzGQKUCHc0BrXx3ERsRMDyxXaS4cXnD8kJoFl2733paBN1msxTMIXWZi5I0Jec165U2k5E4SxMblE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK3Irm8nWC0lAuMztZzGQKUCHc0BrXx3ERsRMDyxXaS4cXnD8kJoFl2733paBN1msxTMIXWZi5I0Jec165U2k5E4SxMblE&google_hm=Mzc1NTkxNTY0MjQyMjc1MTQyOA%3D%3D

Request Chain 284

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF2iM2efRSiOl_zY_rqTmQ8&google_cver=1&google_push=AYg5qPK9DyrF9u-7r7naseg5uBbu1hapJG_3WEpzDJADglznubHeJ74hH3bbVyeTVebxQSa0fzZQTkfmi6K4d0sLxfedBDCVGW0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPK9DyrF9u-7r7naseg5uBbu1hapJG_3WEpzDJADglznubHeJ74hH3bbVyeTVebxQSa0fzZQTkfmi6K4d0sLxfedBDCVGW0 HTTP 302
https://onetag-sys.com/sync/i,19/?google_error=5

Request Chain 306

https://rr3---sn-aigl6nsk.googlevideo.com/videoplayback?expire=1650283468&ei=TONcYqfmF4j61gKHiZjgCQ&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&mh=C8&mm=31&mn=sn-aigl6nsk&ms=au&mv=m&mvi=3&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1646312223580167&mt=1650254449&txp=5438434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgXb2luKbin3BiAKKnkL7dhkXk0TC-vPNiWg47UL1e3pgCIQClv_jVBCRSKG79olzCdbR2QT2IwROi_mw9FsQmr8BEEA==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALgJc7edwNqIZkjBkfcodlrLGVcD5kBdWxiMJakMjzuLAiEAwwZzyoYcmDc7pgrWkkZjMjScZ_OxVLlv6mICLgtRY5c=&cpn=gN1_IxstCOfFZw_y HTTP 302
https://rr4---sn-aigzrn7l.googlevideo.com/videoplayback?expire=1650283468&ei=TONcYqfmF4j61gKHiZjgCQ&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1646312223580167&txp=5438434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgXb2luKbin3BiAKKnkL7dhkXk0TC-vPNiWg47UL1e3pgCIQClv_jVBCRSKG79olzCdbR2QT2IwROi_mw9FsQmr8BEEA==&cpn=gN1_IxstCOfFZw_y&redirect_counter=1&rm=sn-aigezr7s&req_id=155a42924ad336e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=C8&mip=2001:ac8:21:e::8&mm=31&mn=sn-aigzrn7l&ms=au&mt=1650254457&mv=m&mvi=4&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALWizjfD5-q3J4vgZ6Txw-WdYjdgBYOj0bFJUH05AEvaAiEA_YJyudirL9PfcR-5undwzuXsRn4Rl7njOS0KcM471s4%3D

Request Chain 315

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIhxiF6zaktjNtpZsYF3LsUwDgebXVvDw5CB3hZeIHLTVz2AiFKOfx_GBD2S6rVR3b-pU1I1QK814xRLKkxiz_s0_-fxw&google_gid=CAESEBGqOmizTfZUzYcf9jQLL9U&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMzG85IGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBJaHhpRjZ6YWt0ak50cFpzWUYzTHNVd0RnZWJYVnZEdzVDQjNoWmVJSExUVnoyQWlGS09meF9HQkQyUzZyVlIzYi1wVTFJMVFLODE0eFJMS2t4aXpfczBfLWZ4dw HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaUM2QkFHNlJzMGpBcHJuZG5xR29yWUlhOWl1WWVEQ1RVcmJvN1g4NDZ2RQ==&google_push

Request Chain 316

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJq2TG8z7A-W-9q0a-goSEhWQLUUsj2F6LB1sARrY0EmgRkCJQ-LRnFZdGVORcB5EvScuA3cKpYLrNE3THUxro1_0lv0Q&google_gid=CAESEEFTqLM1PsCb97gh0RBQN3s&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJq2TG8z7A-W-9q0a-goSEhWQLUUsj2F6LB1sARrY0EmgRkCJQ-LRnFZdGVORcB5EvScuA3cKpYLrNE3THUxro1_0lv0Q&google_gid=CAESEEFTqLM1PsCb97gh0RBQN3s&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MTgwNDA0MjkwMDAxOTY5ODYzNTg5Nw%3D%3D&google_push=AYg5qPJq2TG8z7A-W-9q0a-goSEhWQLUUsj2F6LB1sARrY0EmgRkCJQ-LRnFZdGVORcB5EvScuA3cKpYLrNE3THUxro1_0lv0Q

Request Chain 317

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOSeMji0_oU5rg7y_kkl__g&google_cver=1&google_push=AYg5qPKX4b6Or9hgd8l4uQa8fAdfpvdqoThxElqcghcXKIuRhYHI2NS8CPQQAzSincEX8YoOKuNHMlePQoZz5dagBR6bnaPV_sI HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOSeMji0_oU5rg7y_kkl__g&google_cver=1&google_push=AYg5qPKX4b6Or9hgd8l4uQa8fAdfpvdqoThxElqcghcXKIuRhYHI2NS8CPQQAzSincEX8YoOKuNHMlePQoZz5dagBR6bnaPV_sI&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZVscLdV9TQyIcWR8k-A5PA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKX4b6Or9hgd8l4uQa8fAdfpvdqoThxElqcghcXKIuRhYHI2NS8CPQQAzSincEX8YoOKuNHMlePQoZz5dagBR6bnaPV_sI

Request Chain 318

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECQmxT60pO4D-adfPcPBgGo&google_cver=1&google_push=AYg5qPLG_WMb-l-9EA2qZd6nt_rhlCVB9g4ExQmv2NhCkg7g0eGs44nH9iHNabd-w6YhJEJsfNWR9MneFgmDH2ftp7_ObUIXu1k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI0NzBSWlUtMjUtNjJXUQ==&google_push=AYg5qPLG_WMb-l-9EA2qZd6nt_rhlCVB9g4ExQmv2NhCkg7g0eGs44nH9iHNabd-w6YhJEJsfNWR9MneFgmDH2ftp7_ObUIXu1k

Request Chain 319

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_cver=1&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1

342 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ivona.ua/
Redirect Chain

http://ivona.ua/
https://ivona.ua/

103 KB
24 KB

144ms
55ms

Document
text/html

13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e3b5f63fb8a06b56ba0947d7684a3520284fb5bf0ec15cc0d3bc9aad6ea6e203

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 280
cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 18 Apr 2022 04:01:15 GMT
server: nginx
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
x-amz-cf-id: VokhwVNK3TKz7E3jldSUdI67To1-WR85srvHuGmj7ah9X0CICjcd5g==
x-amz-cf-pop: FRA60-P3
x-cache: Hit from cloudfront

Redirect headers

Connection: keep-alive
Content-Length: 183
Content-Type: text/html
Date: Mon, 18 Apr 2022 04:04:25 GMT
Location: https://ivona.ua/
Server: CloudFront
Via: 1.1 5b6e22c950501920595c86fc25834582.cloudfront.net (CloudFront)
X-Amz-Cf-Id: xPHuSMpsULtEg0uCcSmr03rdkCjw5GIrvavYunT4rLQZ3KGjyH2AOQ==
X-Amz-Cf-Pop: FRA60-P3
X-Cache: Redirect from cloudfront

GET
H/1.1 200
OK holder.js Show response
i.holder.com.ua/t/ 9 KB
4 KB 209ms
69ms Script
application/x-javascript 91.198.36.26
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://i.holder.com.ua/t/holder.js
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: i1.i.ua
Software: nginx /
Resource Hash: 8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:25 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 14:14:15 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Expires: Tue, 18 Apr 2023 04:04:25 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 135ms
47ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c6a2f6b42d23d9aeeefddd0186a6fc7cd1a2eba7e7ae873f9f985861cec39dfd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Mon, 18 Apr 2022 04:04:25 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:15 GMT
server: nginx
etag: W/"6257e623-2c101"
x-cached-since: 2022-04-18T03:58:00+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Thu, 14 Apr 2022 09:26:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 162ms
56ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-206274582-1

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe666bf94dbb7d12bbaf6935bd435c05095be5a4ae23f3a1f49c743e7e08ad5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38579
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 18 Apr 2022 04:04:26 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
54 KB 163ms
64ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

983de1606026595037bcf735f1fd4a579925e977934a70590001858b4d2f5b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ivona.ua/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54270
x-xss-protection: 0
server: cafe
etag: 1865535298960604063
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 04:04:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 147ms
51ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0258e66eddc5ec291e7b9089c7c1897ae1b38c693f5627aaa3911f83d83d26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 03:40:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Apr 2022 04:04:25 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Apr 2022 04:04:25 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 56 KB
11 KB 151ms
53ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 880703
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10022
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-de0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7f3BUrCeNJSF329pOlMoyQqKHoWGilsv1RUd4%2B5fRIE3CAW2MDMAp9ABnMJcsfBcZ5XfOu64kLajIbxc7YJclF7XSSbCl8qg6YXlLlc%2BZCNscABvyD%2BG4%2Bf33t9GywaMFYq9zbKfTZnkEtoGinLHjYvN"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fda842e0ef201db-ZRH
expires: Sat, 08 Apr 2023 04:04:25 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
25 KB 188ms
64ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivona.ua/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 2899105
cdn-cachedat: 12/27/2021 07:28:05
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c93bb13724f1916e0ec0f105adc4675a
cf-ray: 6fda842e3810233d-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 v10
ivona.ua/css/style.css/ 77 KB
15 KB 51ms
50ms Stylesheet
text/css 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ivona.ua/css/style.css/v10
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2c87d3e2f818ba84a6d76a422499b997d743c05d936adfd84539290a8f0fec42

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Feb 2022 03:12:29 GMT
content-encoding: gzip
age: 5100722
x-cache: Hit from cloudfront
last-modified: Wed, 09 Feb 2022 11:22:20 GMT
server: nginx
etag: W/"6203a3ec-13503"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
access-control-allow-headers: *
x-amz-cf-id: AOyDdMgwQrlY_6y4ukXO4QE8ZqZzIyx7IpjoafUbTM30Qxtns4HnFg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v10
ivona.ua/a-custom/custom.css/ 970 B
830 B 51ms
51ms Stylesheet
text/css 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ivona.ua/a-custom/custom.css/v10
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 8c49566661e25a56098710ae7c23c306a8cd94bf3ac3614686aa7f9a3afb1c32

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 11:22:24 GMT
content-encoding: gzip
age: 5848813
x-cache: Hit from cloudfront
last-modified: Mon, 11 Oct 2021 09:24:29 GMT
server: nginx
etag: W/"616402cd-3ca"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
access-control-allow-headers: *
x-amz-cf-id: Yv6hRql44l7Vkp4xxlPZ8srGQJcwJ5XkH6-bVpNmBs3hHHAO4rnvng==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ 95 KB
30 KB 152ms
54ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:25 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 367070
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30360
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-17b8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BFIHPDf6ytIngpr2uU0m9E7R3h0htrTbcObYxeJe6rcETz%2B0gmsfl5j%2FYbBgtHI76IqRcnIJUbFj86oum94A9%2FbNvIt5lXOnDp9rbmYgft4ZYQsYbFIoKhpfPA7rlhU%2Br3ucEHHhg04vCRoTNyZYjfbc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fda842e0ef301db-ZRH
expires: Sat, 08 Apr 2023 04:04:25 GMT

GET
H2 200 630x283.png
ivona.ua/img/ 130 B
587 B 53ms
51ms Image
image/png 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivona.ua/img/630x283.png
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 7b4b07d23354c543dc43e161b5abe841f026ebaf1d53ac0cce0e3884b970f871

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 12 Sep 2021 07:16:07 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
age: 18823399
x-cache: Hit from cloudfront
content-length: 130
last-modified: Sat, 24 Jul 2021 16:19:44 GMT
server: nginx
etag: "60fc3da0-82"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: G1whmfbsZJoG4lNvS76AEuCnpzpGyju7hHSb0JukISFjqesOOAGe6Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 4x3.png
ivona.ua/img/ 96 B
540 B 52ms
50ms Image
image/png 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivona.ua/img/4x3.png
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: a10e7064bf6a788c67304be2dacba454fca986a3bac0d0de71c79fb6a54bd1bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 18:18:20 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
age: 5132772
x-cache: Hit from cloudfront
content-length: 96
last-modified: Sat, 24 Jul 2021 16:19:44 GMT
server: nginx
etag: "60fc3da0-60"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: sCLvRIc2uiw3PokUt0RL9ulnnPtcecTRfkayPgZ5cKfPlnvl16az2Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 109ms
59ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivona.ua/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 953838
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ypkzDM0EWfOOeMDEg2sTVXYxolxbpbkTqAhlbpbb9NIzreACdc3NOiR9YB2K2HfUdN1mrSxf%2F6%2FwkINA%2FxP2bSAFvFT3V%2FF%2ByzAtspkx73Bz1AxFhInHUhImpRqIbV1qNiRZZhhseNkj%2FiZovC57CHej"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fda842eed3023af-ZRH
expires: Sat, 08 Apr 2023 04:04:26 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 70ms
69ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivona.ua/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 3512781
cdn-cachedat: 2021-08-02 21:50:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: b15417b2c98f73e0910f14703189176f
cf-ray: 6fda842ec838233d-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 jquery.fancybox.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 67 KB
19 KB 57ms
53ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2186620
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19249
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e58-10a9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HVIyLtCV73TZYSqI7QpF4yIXMrtW9WFLAbYhhwUU7i5Ujf2QzSb8%2FvIJtXvayuBfOhhkr49Y8FZncY4TMzwxj9JEoArBu8i5vVHgzsegwUKhDsMZzBssc84E5YwZZcopzuRuc7iFC3LOmdtmobGNZIkV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fda842edf8301db-ZRH
expires: Sat, 08 Apr 2023 04:04:26 GMT

GET
H2 200 lazyload.js Show response
cdn.jsdelivr.net/npm/lazyload/ 6 KB
2 KB 184ms
56ms Script
application/javascript 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lazyload/lazyload.js

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 20700
x-jsd-version: 2.0.0-rc.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19133-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BLM%2FshJ7fQ9L7aRzPL48OCHXx2dQxCgVDACJWfRrcn4PRhTTyxdKj6hC5FaQlK1Tuj3K%2Bz8oyZe7befN1inrp2ZN3%2BsU%2B1mfUw%2F77BqoQTTtse0j36zPp6ekMnrE8Mi5ruKloDH0Pd06lr3pI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6fda842f9a500208-ZRH

GET
H2 200 v10 Show response
ivona.ua/js/theme-script.min.js/ 2 KB
1 KB 51ms
47ms Script
application/javascript 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ivona.ua/js/theme-script.min.js/v10
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 6056ffc424715134bc8cb5583ce0af5e2bb6c2eb772550a0519e1afd163eb4d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 11:22:25 GMT
content-encoding: gzip
age: 5848813
x-cache: Hit from cloudfront
last-modified: Wed, 09 Feb 2022 11:22:20 GMT
server: nginx
etag: W/"6203a3ec-693"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
access-control-allow-headers: *
x-amz-cf-id: n6a-krt9SOjGjWtJsCtVZ5MBTfpdG9VMrSJIFZlnYjWYnQ1IPuV05Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 v10 Show response
ivona.ua/js/banner-index.js/ 2 KB
806 B 52ms
48ms Script
application/javascript 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ivona.ua/js/banner-index.js/v10
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 24b8dee038e42eb0a35f5f2250385a6e7821a0410a4c55f4afaab79dad56b470

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 01:23:48 GMT
content-encoding: gzip
age: 2083277
x-cache: Hit from cloudfront
last-modified: Sat, 21 Aug 2021 13:24:17 GMT
server: nginx
etag: W/"6120fe81-725"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
access-control-allow-headers: *
x-amz-cf-id: EI9kSnar0Dzs4LaBqxEb5CFYCpqKdfmK9mT6QjEcanHj_1FwYnv4vw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 article-stat-v2.js Show response
ivona.ua/click/js/ 976 B
1 KB 168ms
164ms Script
application/javascript 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ivona.ua/click/js/article-stat-v2.js?8
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:05:56 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified: Mon, 29 Apr 2019 05:26:10 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: "5cc68af2-3d0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
x-cache: Miss from cloudfront
accept-ranges: bytes
access-control-allow-headers: *
content-length: 976
x-amz-cf-id: dz634FPpXq9kxHxR1O6fysC131-_SPwLlG173sQXTzjJiecLwXINSg==

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
929 B 58ms
55ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 990473
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 591
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Tn5neUlrkPJjczJfWu3Cxko%2FVgrAn3Y6SWHFOjqxCpGiwO6lkxu4fvKsOJ5gQyN6Fn6iXfKOjqOfwCM2iSTJwRnOfBKIrCPChgKoUSGsjAxyy8YZO1KEDxBOmibi8%2F587C1T5qnRckHR9c4mXetui5o"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fda842edf8501db-ZRH
expires: Sat, 08 Apr 2023 04:04:26 GMT

GET
H2 200 md5.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 4 KB
2 KB 56ms
53ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5183746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1339
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-eb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPfa4pJm6c0zWOnzW%2FACReHK%2BZoYAwvvGBMi6ckXp0bQ40fTtN6cHVlF414Y6W1TvfcMhfbjr7nVXfdQi%2BTD%2FvSP0vePya1Xbey%2BF9%2B%2BP1Xxx1A5XaH%2BxeB9rJLqpB9SF92g3xnY5C2bq%2BLevotoUOqY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fda842edf8601db-ZRH
expires: Sat, 08 Apr 2023 04:04:26 GMT

GET
H2 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 5 KB
2 KB 60ms
58ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21964800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1763
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-1483"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RIpwWlAqslo0Di4AIaofUWKoLxY7Axcn6%2FFR0uMEbbqPd7n6obRIZ4Htk4NGh20BgKpuVz7OOjLUNNiezmY6f8bz86cU9CnbwGsfxJhHnOvGnM2bj0j2de4tqZjgfmB7bgBnGUzk28B8jB8v2INXeIf3"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fda842edf8801db-ZRH
expires: Sat, 08 Apr 2023 04:04:26 GMT

GET
H2 200 common.js Show response
ivona.ua/click/js/ 3 KB
3 KB 161ms
158ms Script
application/javascript 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ivona.ua/click/js/common.js?1
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:05:56 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
last-modified: Mon, 06 Jan 2020 10:11:50 GMT
server: nginx
x-amz-cf-pop: FRA60-P3
etag: "5e1307e6-a00"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-credentials: true
x-cache: Miss from cloudfront
accept-ranges: bytes
access-control-allow-headers: *
content-length: 2560
x-amz-cf-id: S03e61d2-StwBV5sRBZmvZHiYttR4A6I6gUe7T9NrE4xChEw-ne0Mw==

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 43 KB
12 KB 210ms
69ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 42524ce07f6ab05f27342edc02440b28590a7fe433adae3133a7e6bef2482e41

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 12:02:11 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11707
expires: Mon, 18 Apr 2022 16:04:26 GMT

GET
H2 200 e.js Show response
cdn.umh.ua/libs/ 6 KB
3 KB 159ms
44ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.umh.ua/libs/e.js

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

nginx /

Resource Hash

4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block;
last-modified: Tue, 01 Mar 2022 15:54:34 GMT
server: nginx
etag: W/"621e41ba-16f4"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER
expires: Tue, 19 Apr 2022 04:04:26 GMT

GET
H2 200 logo.png
ivona.ua/img/ 1 KB
2 KB 50ms
50ms Image
image/png 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivona.ua/img/logo.png
Requested by: Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 2a5ffc4b5364d3c9b497b0358cec59b47658cdbb7455e840977d80dffcc4c37b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/css/style.css/v10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 11:26:19 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
age: 20190867
x-cache: Hit from cloudfront
content-length: 1326
last-modified: Sat, 24 Jul 2021 16:19:44 GMT
server: nginx
etag: "60fc3da0-52e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: -43LUgFE-ozxNsSklwcC8AWdKSQv4WsI2NUawwRgIz0K4lWDsHzawQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sitename.png
ivona.ua/img/ 1 KB
1 KB 51ms
50ms Image
image/png 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivona.ua/img/sitename.png
Requested by: Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: ca18a695aa649c8be202136c7e83fe201f90b7c3391d45fbe971689d9bb3ebcd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/css/style.css/v10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 20 Dec 2021 00:23:06 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
age: 10294739
x-cache: Hit from cloudfront
content-length: 1058
last-modified: Sat, 24 Jul 2021 16:19:44 GMT
server: nginx
etag: "60fc3da0-422"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: oZZURmxgN5ZPraqsyduMR5-rkHUaoLOMfixfjG5weRYyCqGJoxgpkA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/ 44 KB
45 KB 167ms
46ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 19:41:16 GMT
x-content-type-options: nosniff
age: 375790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45300
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 19:41:16 GMT

GET
H2 200 search_icon.png
ivona.ua/img/ 253 B
702 B 47ms
47ms Image
image/png 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivona.ua/img/search_icon.png
Requested by: Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 7a3e2211e9bf114d049bb17ffdab66a889f20a55770d462a3136b573e23c439c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/css/style.css/v10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 01:51:50 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
age: 3809555
x-cache: Hit from cloudfront
content-length: 253
last-modified: Sat, 24 Jul 2021 16:19:44 GMT
server: nginx
etag: "60fc3da0-fd"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: ON3MdZUPyUV7UwCkJLW1OG3FqEdua5fUv8VXgk5Eoc-gcvwxg4H63Q==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v16/ 29 KB
29 KB 280ms
162ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:21:18 GMT
x-content-type-options: nosniff
age: 373388
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29928
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:39 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 20:21:18 GMT

GET
H2 200 jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v16/ 28 KB
28 KB 300ms
185ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0aExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 19:49:25 GMT
x-content-type-options: nosniff
age: 375301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28444
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 19:49:25 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/45419/ Frame D9D8 738 B
533 B 51ms
50ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Mon, 18 Apr 2022 04:04:26 GMT
etag: W/"6257e634-2e2"
expires: Sat, 15 Apr 2023 09:16:40 GMT
last-modified: Thu, 14 Apr 2022 09:15:32 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:40+00:00
x-id: fr5-up-gc34

GET
H2 200 376cef9bc739cb759b1b.b.js Show response
cdn.admixer.net/scripts3/45419/ 23 KB
8 KB 58ms
58ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/376cef9bc739cb759b1b.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:23 GMT
server: nginx
etag: W/"6257e62b-5d41"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:40+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:40 GMT

GET
H2 200 8fa10895f61293c9aa16.b.js Show response
cdn.admixer.net/scripts3/45419/ 75 KB
19 KB 65ms
64ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/8fa10895f61293c9aa16.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:29 GMT
server: nginx
etag: W/"6257e631-12a41"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:40+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:40 GMT

GET
H2 200 jizaRExUiTo99u79D0yExdGM.woff2
fonts.gstatic.com/s/ptsans/v16/ 26 KB
26 KB 192ms
122ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0yExdGM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 01:31:36 GMT
x-content-type-options: nosniff
age: 268370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26460
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 15 Apr 2023 01:31:36 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 155ms
53ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e4360d4470e0fbb3663db81aa5d5709082a4c2b093824ca873476e84e060a59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: v/bY1EC+ibGwalSkYHQ5Nw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 18 Apr 2022 04:22:47 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: F+XOyP3JbvFjz5qlildN2X+LD7oDhD5Cd83QBa7H5usvkT/OEcTwLrcV0ZaxLb+7QhPaEbNTQIyqHUgwxITjjg==
x-fb-trip-id: 686109401
x-fb-content-md5: 4ff8c51ed3b4903f32fe886cc0c73f67
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 18 Apr 2022 04:04:26 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "7068feb654f875bfa3c9995ebbdc0526"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 arrows.png
ivona.ua/img/ 562 B
1011 B 61ms
61ms Image
image/png 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivona.ua/img/arrows.png
Requested by: Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e0aa33565d329e1218a6d190b0aa8c20e73d637429df09713949330e4632d7cd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/css/style.css/v10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 11:26:19 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
age: 20190867
x-cache: Hit from cloudfront
content-length: 562
last-modified: Sat, 24 Jul 2021 16:19:44 GMT
server: nginx
etag: "60fc3da0-232"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: dHUBHpVauVHxE4H_wLfR1ZIMTr5dwIFZoj0YUkbzsnuGqh8dD0LNEg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 74 KB
75 KB 71ms
71ms Font
application/octet-stream 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 342976
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75728
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-127d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dYF8dCVo%2FlNgKpHP2%2BLAn0mY9nPgoNGLV3B8p3S84DMJskP8Vrv1ANdiljD2qpUILysgNuceczebGnr5FJMXPL4CAgXkcKBUns45pIZb2KH9KJKLxfTHf66S5%2BQ56IWxwrrmvXmGmukFqzjKlcOwqtkG"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6fda842f3d6823af-ZRH
expires: Sat, 08 Apr 2023 04:04:26 GMT

GET
H2 200 bigmir_logo.svg
ivona.ua/img/ 3 KB
2 KB 55ms
54ms Image
image/svg+xml 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivona.ua/img/bigmir_logo.svg
Requested by: Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 33ba16e1b1d8a7bd9b5fd855dbe3db459460d39b818944c98fa56efc03d04070

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/css/style.css/v10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Oct 2021 15:48:31 GMT
content-encoding: gzip
age: 15855200
x-cache: Hit from cloudfront
last-modified: Sat, 24 Jul 2021 16:19:44 GMT
server: nginx
etag: W/"60fc3da0-d2d"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/svg+xml
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
cache-control: max-age=315360000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
access-control-allow-headers: *
x-amz-cf-id: _Td7T5lyiBpe_qEW9MBLU4-JpoPlcdz7fC25a6Kuc-xWACv6FLD6kg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 load Show response
z.cdn.umh.ua/ 42 B
367 B 69ms
55ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1817662902&div=zone_1817662902&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=693&pl=3&mi=4&me=8&hc=4&n=1650254666198&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=3052114203
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 7b8e36274e8930a38a94c85117c749376c2a1d7a219fe1558e2a58dd39e9e1dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 42
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 42 B
367 B 69ms
56ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=2096059570&div=zone_2096059570&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=693&pl=3&mi=4&me=8&hc=4&n=1650254666198&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=3052114203
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 258648f036b2724ed8b9868d5e04d05d6f76b6a9aed313da504c76e436a127c8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 42
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 42 B
367 B 68ms
55ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1604070069&div=zone_1604070069&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=693&pl=3&mi=4&me=8&hc=4&n=1650254666198&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=3052114203
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: e09b2dd8838df37e9abab83c276821dce1d4484bf03e0b2d6bdea6a454e8657d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 42
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 57 B
382 B 69ms
56ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=2068016217&div=zone_2068016217&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=693&pl=3&mi=4&me=8&hc=4&n=1650254666198&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=3052114203
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: b6ce302111de6cc0467e584ea54cd79e186e2c2d2872c1809ff7548ed750ce96

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 57
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 75 B
400 B 69ms
56ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1451965891&div=zone_1451965891&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=693&pl=3&mi=4&me=8&hc=4&n=1650254666198&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=3052114203
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 57390a59a4e6bc139c12e476c0811a97ba27438d8281070035d778f336ddb30c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 75
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 57 B
382 B 68ms
55ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1217097366&div=zone_1217097366&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=693&pl=3&mi=4&me=8&hc=4&n=1650254666198&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=3052114203
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: c30b014e3192d3d0d52b07e96b08e53ae72996798717bd8a46eeecfb353e7f16

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 57
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 42 B
169 B 69ms
66ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1320962835&div=zone_1320962835&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=693&pl=3&mi=4&me=8&hc=4&n=1650254666198&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=3052114203
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 813e00e93ee3876232674bfb1e27eebbeebc4a9494fbe02aff87c00aa6834ee9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/plain; charset=utf-8
content-length: 42
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 415 B
429 B 70ms
68ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1579786519&div=zone_1579786519&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=693&pl=3&mi=4&me=8&hc=4&n=1650254666198&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=3052114203
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 8fc1968b29dece9ab454a19447e2ba9565358032217a6b3b9fe2f8b25e0c209e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
server: nginx
content-type: text/plain; charset=utf-8
cache-control: no-cache, must-revalidate
content-length: 284
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 75 B
202 B 69ms
67ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1966145486&div=zone_1966145486&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=693&pl=3&mi=4&me=8&hc=4&n=1650254666198&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=3052114203
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 0c816db78c9677581e1a5944e4822496ff397e2fdba0df34a2f809b49562f3cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/plain; charset=utf-8
content-length: 75
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 75 B
202 B 68ms
67ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1424319715&div=zone_1424319715&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=693&pl=3&mi=4&me=8&hc=4&n=1650254666198&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=3052114203
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 1713a1dc09693d01f4724c48cfaab88da8b9a434a417bfc33be94f6e566fa731

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
cache-control: no-cache, must-revalidate
server: nginx
content-type: text/plain; charset=utf-8
content-length: 75
expires: -1

POST
H2 200 add-view Show response
ivona.ua/click/articles/stat/ 39 B
409 B 214ms
214ms XHR
application/json 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ivona.ua/click/articles/stat/add-view?cid=6&site=ivona&aid=5255288&0.789779660581938
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: 0ef469692abec60d2a111275b3c4edead952d7b7a2c23595fefd9a430e1362f8

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ivona.ua/
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 18 Apr 2022 04:05:57 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P3
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ivona.ua
access-control-allow-credentials: true
x-cache: Miss from cloudfront
access-control-allow-headers: *
x-amz-cf-id: tQ5KkdsYktCyXT23ubxuf9JDqwXo3DTmbP-Hc39CfNrDG-vcwL2YrQ==

GET
H3 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v16/ 46 KB
46 KB 108ms
44ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 19:41:16 GMT
x-content-type-options: nosniff
age: 375790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:46 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 19:41:16 GMT

POST
H2 200 z Show response
s.zmctrack.net/ Frame 7A6E 50 KB
23 KB 329ms
147ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 64364a07f35387503221e6c39d90179453387b9a75e584d25616c7926e60bc99

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23351
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 e2c27aac116394d5d331757e4ea23610-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
i.ivona.ua/i/62/78/52/3/6278523/image_main/ 90 KB
91 KB 223ms
81ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/62/78/52/3/6278523/image_main/e2c27aac116394d5d331757e4ea23610-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2a1e1f52548a2e43b08913b6cec3b24c961c453d7a0f6a8b7d779ac67f5dea70

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:28:02 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sun, 17 Apr 2022 15:16:08 GMT
server: AmazonS3
age: 45385
etag: "3fc0aba5ba2ed57a381d3da8827f9f0d"
x-cache: Hit from cloudfront
x-amz-version-id: .ZQMt_LBIQYKL7yLGejIdZS0IkZnJW1e
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 92465
x-amz-cf-id: DLHYfZ_mieT5bznG_kaU1bbyvM8Q-pgkDeWSeuDe5Do-2JCuKJ1cqQ==

GET
H2 200 e2c27aac116394d5d331757e4ea23610-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/78/52/3/6278523/image_main/ 6 KB
6 KB 221ms
82ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/62/78/52/3/6278523/image_main/e2c27aac116394d5d331757e4ea23610-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc372cb3315c38093d4fb758efdefb0b17da93b8c3e6aff37b0412e25b1978d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 15:28:02 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sun, 17 Apr 2022 15:16:13 GMT
server: AmazonS3
age: 45385
etag: "7429051ed29c7005d56f8bc8ab6856ef"
x-cache: Hit from cloudfront
x-amz-version-id: RQzy29n8qVMlKfAW5cZHORGyBxxS5v9U
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 5748
x-amz-cf-id: tsNEyjQJuHmU8sUq01Ilx1SeEk6oXlo2ntLexg_qfy_xB8zTGfNZ-A==

GET
H2 200 64bb4afe967f30b7546771668c958a15-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/54/46/62/2/5446622/ 6 KB
7 KB 210ms
82ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/54/46/62/2/5446622/64bb4afe967f30b7546771668c958a15-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a4c405ff5fff2bb4c29f2a07c151fc558d2642a2ea4f0e1f8996d52b3d6f77d0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 13:13:51 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sun, 17 Apr 2022 12:59:53 GMT
server: AmazonS3
age: 53436
etag: "a2786118836f4243dc5269f06488840f"
x-cache: Hit from cloudfront
x-amz-version-id: Biyes_kQIi5QCgFJxcfe5KY3vUMUpfhk
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 6374
x-amz-cf-id: _pCmH6Gaq5hMAow97inlweSxaTgk5bhuvz1qacFuJrHtklEBEbXG9g==

GET
H2 200 ac4e83a23beb2cc18516c119368d2608-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/78/79/3/6278793/image_main/ 46 KB
47 KB 258ms
145ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/62/78/79/3/6278793/image_main/ac4e83a23beb2cc18516c119368d2608-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 80efd32f8b297f80dbe405cee9f46eb6d176506ef4922e73c9baf929daeddbab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 12:02:34 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sun, 17 Apr 2022 11:54:55 GMT
server: AmazonS3
age: 57713
etag: "701b932b4eb97f5f1d723721280780c4"
x-cache: Hit from cloudfront
x-amz-version-id: i6SWXohegvaw42LgPxys5WpMoYmQ3te8
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 47579
x-amz-cf-id: K5kRUl-3GXPAC4xoBOHRRuWFMCyjt44zZfKFKqZih94wuqodYjT88g==

GET
H2 200 38a79173757bdfe1972e5d5e733fe674-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/78/81/8/6278818/image_main/ 8 KB
9 KB 195ms
82ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/62/78/81/8/6278818/image_main/38a79173757bdfe1972e5d5e733fe674-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5807259d4acdbba1abc0cb067199842b5626b5bc1f85191b6a8a91b30b72aece

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 12:55:27 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sun, 17 Apr 2022 12:40:50 GMT
server: AmazonS3
age: 54540
etag: "274af1593bc24d718dd249534f4f826a"
x-cache: Hit from cloudfront
x-amz-version-id: QmjSWo5nzsiTMdz_Co72aRg5VaXy_6y4
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 8443
x-amz-cf-id: OyKXM9vdm8vaHTOm4HovArJAN78DSCXFbzbP2lfWOFpekdrB6K-30w==

GET
H2 200 d33286f27d7e2ee87d2ae3a1f41c949a-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/78/75/3/6278753/image_main/ 26 KB
26 KB 171ms
61ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/62/78/75/3/6278753/image_main/d33286f27d7e2ee87d2ae3a1f41c949a-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 469ce0fb134196afb16e3e61a0c764c7cb172e54534f24cfced1243f3e0e21fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 11:29:15 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sun, 17 Apr 2022 11:13:05 GMT
server: AmazonS3
age: 59712
etag: "d4b6148e22bc41147102c9c9cfc0f909"
x-cache: Hit from cloudfront
x-amz-version-id: w_l1rtO2VvD7JjgBQhaBf5yvr6jql9sB
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 26400
x-amz-cf-id: kG6URU7K_tfDdlwWrT-k4k3Wh9Ro18MvilfK-8SeAU_RwLWJH_ogRg==

GET
H2 200 9ca668b6dcbfc62e811274985c746668-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/78/74/2/6278742/image_main/ 25 KB
25 KB 166ms
162ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/62/78/74/2/6278742/image_main/9ca668b6dcbfc62e811274985c746668-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9b64d9cf062e964395afda2e10a18dca25fc0c9a0b802234a1fd792227247123

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 09:51:36 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sun, 17 Apr 2022 09:38:55 GMT
server: AmazonS3
age: 65571
etag: "473b15c20223bfd3a75db05fd2cd412b"
x-cache: Hit from cloudfront
x-amz-version-id: kzfwi8lWA4KhwWdYENEOMUqGX.alQ2Dz
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 25642
x-amz-cf-id: Hf_YSEvD0nLvyrvpQDJAfayH2nFFznQ7EBf_SyOrMGzWbDmVqZEapw==

GET
H2 200 7f871216a84d53e31f068e53b9971fd9-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/78/41/7/6278417/image_main/ 31 KB
32 KB 178ms
174ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/62/78/41/7/6278417/image_main/7f871216a84d53e31f068e53b9971fd9-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c3b427d50487df3dc3b85f03a4e9f29494f93f1acd372105d04dfe85cbfefc42

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 13:44:01 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sat, 16 Apr 2022 13:39:50 GMT
server: AmazonS3
age: 138026
etag: "7084e942a9c05e80d3091fd66a30794b"
x-cache: Hit from cloudfront
x-amz-version-id: TDXwoxPZSH4OJGjvXfCxVzmnzN8KfR2j
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 32189
x-amz-cf-id: SKIDdSRYEskoRzpuWU3mdv49JdmP7Ti7i6x4oVdHr3zHJp3qYFaTLg==

GET
H2 200 13a06e23c63892928272565bb1b7e54b-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/78/43/7/6278437/image_main/ 13 KB
13 KB 188ms
184ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/62/78/43/7/6278437/image_main/13a06e23c63892928272565bb1b7e54b-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 99f31a67bea4405d64aebf1a28c9b2d1e9cd9ca48ddb4dc42b79a5aa30ac4899

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 13:37:45 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sat, 16 Apr 2022 13:32:57 GMT
server: AmazonS3
age: 138402
etag: "750cc3c7abbe00f23ca752a388b7623d"
x-cache: Hit from cloudfront
x-amz-version-id: DKxPAuoCNCK5ExytjKZsWfh0_uO1AS6J
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 13085
x-amz-cf-id: WPty_clSxQlkdn6XYRA3ygGYAOWd4BNL_W8HBUvH571Iek-TRfig6g==

GET
H2 200 61d4c04459af892b1437a42343267926-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/78/39/9/6278399/image_main/ 8 KB
8 KB 203ms
199ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/62/78/39/9/6278399/image_main/61d4c04459af892b1437a42343267926-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f8d24beb426ca5d38f48fee967f319524051d84c81dc1ec63d62cf9f7cdee535

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 11:15:59 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sat, 16 Apr 2022 11:07:35 GMT
server: AmazonS3
age: 146908
etag: "34d17d0b130196e116cb1069c84f38c3"
x-cache: Hit from cloudfront
x-amz-version-id: QolqQ3N_977taCOGNSrppf96B6XiuN_Z
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 7710
x-amz-cf-id: Yb0SjaUs7ohBmkva_mZbZ_vyxbMWiOOv8f9ReNbrmQ3Q-OrQE5SmCA==

GET
H2 200 8efa7729b715384f5ed471c47b0886b5-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/77/97/9/6277979/image_main/ 13 KB
14 KB 196ms
192ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/62/77/97/9/6277979/image_main/8efa7729b715384f5ed471c47b0886b5-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1420f826fbf0e0b4641e1667f2af60df85ca659b53e789a5f713c921fdfe6b6e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 14:15:54 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Fri, 15 Apr 2022 14:09:46 GMT
server: AmazonS3
age: 222512
etag: "3cec16d7097cea10baebf5715e28796c"
x-cache: Hit from cloudfront
x-amz-version-id: RA778qWdoZ2dO8nZ.LD7XBys.ajuM4g2
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 13426
x-amz-cf-id: uW3arO9dOYHVjrk0GvzXztPzIgj4XdEcWxuPmrPeT5ikkkRxA2LPxA==

GET
H2 200 f63f66e1ca1b2222079d97a9a921dd73-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/74/12/0/6274120/image_main/ 7 KB
8 KB 203ms
198ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/62/74/12/0/6274120/image_main/f63f66e1ca1b2222079d97a9a921dd73-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74b693992731a10cd5a2d84d4ac63dd940601bf12072c333932096021b15479c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 14:33:33 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sat, 09 Apr 2022 14:02:51 GMT
server: AmazonS3
age: 739854
etag: "23b57ef0c1db6d3350a001378bb0f7d8"
x-cache: Hit from cloudfront
x-amz-version-id: 2bXqBwOhoONT0pOx5SQ6PIcbKUafF69K
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 7362
x-amz-cf-id: iLuyPAcUuhng01ANuVJjxO3OBAroymiZ_8Riy3Sdr0zk8fvrLHFopw==

GET
H2 200 f15c50c14e6d433e12fcb420ae221ecf-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/73/06/0/6273060/image_main/ 18 KB
18 KB 199ms
195ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/62/73/06/0/6273060/image_main/f15c50c14e6d433e12fcb420ae221ecf-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b837d398b9983ce93fa18f3bdcdb7a53076ca66ca381d9d4b2281fb0621a6e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Apr 2022 15:23:31 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Thu, 07 Apr 2022 15:00:44 GMT
server: AmazonS3
age: 909656
etag: "4211374b1cebb4dbc59384be316c9121"
x-cache: Hit from cloudfront
x-amz-version-id: Rx2nhOUD.rSIHO3Vy4vZIuTg.zwsgl6c
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 18183
x-amz-cf-id: ujv_gkTW5o4qvGvkte1KK4vEqEK8yBilai6ZkiNZjkMM6Tbg4z32UA==

GET
H2 200 ea82f56931122cee54959f87cc1d90dc-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/54/10/03/3/5410033/image_main/ 6 KB
6 KB 190ms
186ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/54/10/03/3/5410033/image_main/ea82f56931122cee54959f87cc1d90dc-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 956d3f9a9f3d4cd1f8e6f2cc5f32a7b9490c311db8c9bdbbb2ec6f04d8e5b846

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 12:36:24 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sat, 16 Apr 2022 12:34:37 GMT
server: AmazonS3
age: 142083
etag: "35c440ec129905ebb8038af5864c2314"
x-cache: Hit from cloudfront
x-amz-version-id: 1M4mIFS6knTfRVF__2ybk0NgzKMZf37k
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 6236
x-amz-cf-id: 5Rvru4yLMD16E2FJaOPEAdMss2vwJDVEaEF9x1mSUQz2dvG-JwQwjQ==

GET
H2 200 f7f68a69d14c79274fa63e189bd1f8a0-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/53/80/65/3/5380653/ 6 KB
6 KB 191ms
186ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/53/80/65/3/5380653/f7f68a69d14c79274fa63e189bd1f8a0-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 97e2ee96747015cd8063467c6792ce5ea015422aeeeca17008b4d4d6a28ac16b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 09:35:03 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sat, 16 Apr 2022 09:31:03 GMT
server: AmazonS3
age: 152964
etag: "ec984fc8ce24bbe2c7335112cdf5e24c"
x-cache: Hit from cloudfront
x-amz-version-id: KACtmdIegdNenUXqSRtzG0TLqz3XS1Yr
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 6171
x-amz-cf-id: BqR8Gn9lETGiE3oG6DVIQlylwMKpdXB88kwgwGQ6a14K8nPgg1d6PA==

GET
H2 200 fdeaa07f0eed6cc2a972f996e3720aa3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/53/42/95/9/5342959/image_main/ 6 KB
7 KB 192ms
188ms Image
image/jpeg 52.222.214.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ivona.ua/i/53/42/95/9/5342959/image_main/fdeaa07f0eed6cc2a972f996e3720aa3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.214.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-12.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f12e71b07e0b3b8c2a14b42c1b9891b939d9c91be38c20c0afd8e61d64ab31ab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 08:21:41 GMT
via: 1.1 e45d812d65a0d0336b945e28b9381462.cloudfront.net (CloudFront)
last-modified: Sun, 10 Apr 2022 08:08:15 GMT
server: AmazonS3
age: 675766
etag: "c86367e60e201d4bf18f4396c0ed1c23"
x-cache: Hit from cloudfront
x-amz-version-id: mSjqxR5snz717_AOH_Ffg8M45yswPM2e
cache-control: public, max-age=315360000
x-amz-cf-pop: FRA56-P3
accept-ranges: bytes
content-type: image/jpeg
content-length: 6345
x-amz-cf-id: 2QvaUrs4XaXzduMXe_CXNZdaiMwV1377UpbrEaLZQrEkP5RkdOhALw==

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 289 KB
83 KB 105ms
44ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=1fa1b8e40f36861fe54b820ad865e912

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b26fd8a8ad162af32fe636959a7a97e2484358e0fc016c665a0d41b108bb9365

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ivona.ua/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 68i4Xvd1inZdHFjhVxpK0Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84497
x-fb-rlafr: 0
x-fb-debug: rSBVKqKsIVy/5bEDO0eWNlyYM390+wHhflUSEhTMi3ij2n6hdp5XAJK/Av9B1v1SJuVebxrW/I5bJpxNTt7WCg==
x-fb-content-md5: fcb60a7933a849f6bef2f05fc432e59d
x-frame-options: DENY
date: Mon, 18 Apr 2022 04:04:26 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8ba8a154867bc477273126ab6b426700"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 18 Apr 2023 04:02:47 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 277 B
391 B 87ms
87ms Script
application/x-javascript 146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=ivona.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: 11b45d8834108656ef46a3bf5959d80e72519cdefe52ae7738bae501f7024466

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 277
expires: Wed, 18 May 2022 04:04:26 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 7938 5 KB
3 KB 209ms
62ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: ca66094da8182b9bb9850d7bab10fe9dcd469d144c2b98e2b3c4ca756ec868d7

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2720
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 04:04:26 GMT
etag: PRIVATE7520710249
expires: Wed, 18 May 2022 04:04:26 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 150ms
43ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-206274582-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1776
date: Mon, 18 Apr 2022 03:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 18 Apr 2022 05:34:50 GMT

GET
H/1.1 200
OK s Show response
h.holder.com.ua/ 818 B
1 KB 226ms
76ms Script
text/javascript 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&b8654&c1&r6411232&dholder1604070069&hhttps%3A//ivona.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash: 0b06f6cb9c61c99519b20c63c69e1fdc109bbacbfe53978d17595a17d68d25f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 04:04:26 GMT
Server: nginx
P3P: policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=windows-1251
Keep-Alive: timeout=5
Content-Length: 818
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK s Show response
h.holder.com.ua/ 730 B
1 KB 227ms
77ms Script
text/javascript 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&b8655&c1&r6411232&dholder1817662902&hhttps%3A//ivona.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash: ca17a2e4788daf5b160cd7aa2106eab1ec797ba195daf95cecfa080d980101d1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 04:04:26 GMT
Server: nginx
P3P: policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=windows-1251
Keep-Alive: timeout=5
Content-Length: 730
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 400
Bad Request s
h.holder.com.ua/ 0
0 226ms
76ms Script
text/plain 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&bholder_320x100_4084&c1&r6411232&dholder1217097366&hhttps%3A//ivona.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:26 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204130101/ 303 KB
108 KB 120ms
70ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067099

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99c31611f47923f571d2efc7269de03ca3b64bcac3245af40c3f2feea6cba879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110839
x-xss-protection: 0
server: cafe
etag: 9559066551822757015
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 04:04:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/ Frame 08B9 10 KB
5 KB 143ms
40ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 25511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 20:59:15 GMT
etag: 14837630671339829333
expires: Sun, 01 May 2022 20:59:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK s Show response
h.holder.com.ua/ 735 B
1 KB 177ms
68ms Script
text/javascript 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&b8656&c1&r6411232&dholder2096059570&hhttps%3A//ivona.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash: cce4d91444c6a7259074d05d5b63261625d0bc1b82ff5a6069b5276fa62eef2d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 04:04:26 GMT
Server: nginx
P3P: policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=windows-1251
Keep-Alive: timeout=5
Content-Length: 735
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/45419/ Frame EA43 738 B
396 B 49ms
49ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Mon, 18 Apr 2022 04:04:26 GMT
etag: W/"6257e634-2e2"
expires: Sat, 15 Apr 2023 09:16:40 GMT
last-modified: Thu, 14 Apr 2022 09:15:32 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:40+00:00
x-id: fr5-up-gc34

GET
H/1.1 400
Bad Request s
h.holder.com.ua/ 0
0 170ms
68ms Script
text/plain 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&bholder_320x100_5759&c1&r6411232&dholder2068016217&hhttps%3A//ivona.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:26 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 14 KB
4 KB 144ms
44ms Script
application/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=1108796461127288.2&cpv=06f3c74f-bebb-5948-3ca1-7309a773ec4a&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22b7667323-9f34-28f8-c6fc-93dd84df35ba%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2263d28a43-2466-2b86-43f3-a808bd7d1db5%22%2C%22tagid%22%3A%22c15953fe-60cc-47f4-a7b2-8735f0b6c691%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1451965891%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

63462259028eab9cdb98d8bf6335cb5e2233ace097705e8f73ac018c09067b97

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:26 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 3718
X-Xss-Protection: 0

GET
H/1.1 204
No Content s Show response
h.holder.com.ua/ 0
126 B 113ms
69ms Script
text/plain 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&b2718&c1&r6411232&dholder1320962835&hhttps%3A//ivona.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:26 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/45419/ Frame ED58 738 B
396 B 44ms
44ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Mon, 18 Apr 2022 04:04:26 GMT
etag: W/"6257e634-2e2"
expires: Sat, 15 Apr 2023 09:16:40 GMT
last-modified: Thu, 14 Apr 2022 09:15:32 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:40+00:00
x-id: fr5-up-gc34

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/45419/ Frame 79BA 738 B
396 B 48ms
47ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Mon, 18 Apr 2022 04:04:26 GMT
etag: W/"6257e634-2e2"
expires: Sat, 15 Apr 2023 09:16:40 GMT
last-modified: Thu, 14 Apr 2022 09:15:32 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:40+00:00
x-id: fr5-up-gc34

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/45419/ Frame 9AB0 738 B
396 B 51ms
51ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Mon, 18 Apr 2022 04:04:26 GMT
etag: W/"6257e634-2e2"
expires: Sat, 15 Apr 2023 09:16:40 GMT
last-modified: Thu, 14 Apr 2022 09:15:32 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:40+00:00
x-id: fr5-up-gc34

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 137ms
40ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1797034293858937&ev=fb_page_view&dl=https%3A%2F%2Fivona.ua%2F&rl=&if=false&ts=1650254666543&sw=1600&sh=1200&at=

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Mon, 18 Apr 2022 04:04:26 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 9 KB
3 KB 139ms
44ms Script
application/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=5210164238377921&cpv=06f3c74f-bebb-5948-3ca1-7309a773ec4a&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%223fe7b7e8-8b1c-b00b-22a0-b72c43c8b9d4%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221ed8beff-a6fa-fdf7-87fa-987f881c3f52%22%2C%22tagid%22%3A%22e7702231-2e98-4fd2-8c48-2b474cab0363%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1424319715%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

7a8408472d965e4f5dbefe27d28b2b75ad1e81fa35e3cadb6cfdb9e1633c29e3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:26 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 3024
X-Xss-Protection: 0

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 222 B
675 B 135ms
42ms Script
application/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=9653211369220150&cpv=06f3c74f-bebb-5948-3ca1-7309a773ec4a&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%224ebcaf94-c078-aff9-1194-873eb4e560ca%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224c16a1d2-3a3e-c185-5453-b8443fd71ea3%22%2C%22tagid%22%3A%22d9675bdf-cf85-4051-92db-9ca047f83379%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1966145486%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

21787abcbda6d677de492dc8437c4bd4e19c62074ac141e1890a1372f3f2917f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:26 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 202
X-Xss-Protection: 0

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 10 KB
3 KB 125ms
43ms Script
application/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=4910011368358824&cpv=06f3c74f-bebb-5948-3ca1-7309a773ec4a&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22e0606051-58b0-1c9f-c65e-e2fdb44cd855%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222664d0a8-406f-d9a4-7c20-8c341113de5a%22%2C%22tagid%22%3A%2289ccbdfd-1266-46c2-a1de-466d0d5c1f57%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1579786519%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

ea676f45ac378e4a64fe1b06833b8b6d40367339f564512f5681f8dafd24b713

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:26 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 2855
X-Xss-Protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 98ms
48ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1358437930&t=pageview&_s=1&dl=https%3A%2F%2Fivona.ua%2F&ul=en-us&de=UTF-8&dt=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=95909409&gjid=2140588885&cid=70452389.1650254667&tid=UA-206274582-1&_gid=1099108021.1650254667&_r=1&gtm=2ou4d0&z=1526450741

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ivona.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1650254666581/
Redirect Chain

https://gaua.hit.gemius.pl/_1650254666581/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F...
https://gaua.hit.gemius.pl/__/_1650254666581/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua...

169 B
424 B

79ms
79ms

Script
application/x-javascript

146.59.10.80
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1650254666581/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=332&lsdata=x41nDsZ3jOlbZHmfylx_7DRyT77V6iWe4ktRK8Ua_R7..783va1Tb5pPhgAStkQ7cc2o3RfCTSUhEuitvC71JLJp8Hbz/TzfnLfa0BQxse/&fpdata=xXzGU9tH_fq2ZzuEhbtW_1611AZFxtwXKd6ideiG9TP.b7&vis=1&fpcap=
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Server: 146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS: ip80.ip-146-59-10.eu
Software: GHC /
Resource Hash: d83ee7f0a52e3a825805e0599622d9963dface743b1a4d6b31dff8cc030fd2e1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sun, 17 Apr 2022 04:04:26 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1650254666581/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=332&lsdata=x41nDsZ3jOlbZHmfylx_7DRyT77V6iWe4ktRK8Ua_R7..783va1Tb5pPhgAStkQ7cc2o3RfCTSUhEuitvC71JLJp8Hbz/TzfnLfa0BQxse/&fpdata=xXzGU9tH_fq2ZzuEhbtW_1611AZFxtwXKd6ideiG9TP.b7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sun, 17 Apr 2022 04:04:26 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 212 B
644 B 191ms
50ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ivona.ua&callback=_gfp_s_&client=ca-pub-3755662197386269

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204130101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067099

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

1632c04c1ca3e5a357176950c693ff601d689b3d8c93310d5e2cd4bdc2ec6f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 141ms
49ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=ivona.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 155ms
50ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ivona.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1791 0
19 B 129ms
80ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1650254666&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fivona.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650254666350&bpp=2&bdt=571&idt=309&shv=r20220413&mjsv=m202204130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=557144391490&frm=20&pv=2&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1358437930&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065545%2C31067099%2C31066184%2C31062930&oid=2&pvsid=2914074695639086&pem=933&tmod=1859757062&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=323

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 04:04:26 GMT
expires: Mon, 18 Apr 2022 04:04:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 /
loadercdn.net/ 0
170 B 232ms
70ms Image
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=5ae71bd12d1ff37b&d=ivona.ua
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 04:04:26 GMT
server: openresty

GET
H2 200 ivona.bigmir.net.1296107.js Show response
jsc.idealmedia.io/i/v/ 2 KB
1 KB 266ms
205ms Script
text/javascript 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.js
Requested by: Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b8654&c1&r6411232&dholder1604070069&hhttps%3A//ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba54c2c0ee422e605c0a01ab06fd224af56017507c345ee988b2d66658ba69d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: 9RVPKXGMSJK8PS2W
content-length: 747
x-amz-id-2: TP8G3eL2OimV4SfGKCiLdvLsKDcGZ842e+ODMv4EEI4mQ0z0N6zKchoKWbER0WGGkwlW36+cxIg=
last-modified: Fri, 08 Apr 2022 17:03:16 GMT
server: cloudflare
etag: "d55ff0e2835c6fab6cb303c8faa6e5d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 6fda84333b8335f5-MAN
expires: Mon, 18 Apr 2022 07:04:26 GMT

GET
H2 200 cmeter_an.js Show response
source.mmi.bemobile.ua/cm/ 10 KB
4 KB 244ms
77ms Script
application/javascript 194.247.175.38
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cmeter_an.js
Requested by: Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b8654&c1&r6411232&dholder1604070069&hhttps%3A//ivona.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:55:53 GMT
server: nginx/1.13.0
etag: W/"5dc27c89-2699"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:55:53 GMT

GET
H/1.1 200
OK s
h.holder.com.ua/ 3 B
371 B 69ms
69ms Image
application/x-www-form-urlencoded 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.holder.com.ua/s?tv&p1&b8654&r1906547203
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 04:04:26 GMT
Server: nginx
Content-Type: application/x-www-form-urlencoded; charset=windows-1251
Cache-Control: no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 3
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ivona.bigmir.net.1211636.js Show response
jsc.idealmedia.io/i/v/ 2 KB
941 B 287ms
228ms Script
text/javascript 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be705c134d98e7a215275e82ed9d928f4361b65143517f9809ae1c9e113eeb42

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: C0H68CBS2TWMNWGH
content-length: 746
x-amz-id-2: SdWGK51EpjRCQSi6Kkt/udBI27TQgq4SAuD6qNY0qNxPaJ9PcsPrc9I2meVykhdkJpBgiz18nO4=
last-modified: Fri, 15 Apr 2022 11:01:57 GMT
server: cloudflare
etag: "d245c3976e8b37aa0431b5a7963b9259"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 6fda84333b8635f5-MAN
expires: Mon, 18 Apr 2022 07:04:26 GMT

GET
H/1.1 200
OK s
h.holder.com.ua/ 3 B
371 B 68ms
68ms Image
application/x-www-form-urlencoded 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.holder.com.ua/s?tv&p1&b8655&r141130375
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 04:04:26 GMT
Server: nginx
Content-Type: application/x-www-form-urlencoded; charset=windows-1251
Cache-Control: no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 3
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
440 B 111ms
37ms XHR
text/plain 2a00:1450:400c:c0b::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-206274582-1&cid=70452389.1650254667&jid=95909409&gjid=2140588885&_gid=1099108021.1650254667&_u=YEBAAUAAAAAAAC~&z=816059541

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 18 Apr 2022 04:04:26 GMT
content-type: text/plain
access-control-allow-origin: https://ivona.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
exchange.informer.ua/informer/stat/ Frame D1A2 5 KB
1 KB 258ms
87ms Document
text/html 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Requested by: Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b8656&c1&r6411232&dholder2096059570&hhttps%3A//ivona.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.1.17
Resource Hash: c107604accd4905d9e115f348aa6456b9c94e79582040a3a43c9cf8403057eb8

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 18 Apr 2022 04:06:04 GMT
server: nginx/1.12.2
vary: Accept-Encoding
x-powered-by: PHP/7.1.17

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
330 B 147ms
36ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/45419/376cef9bc739cb759b1b.b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ivona.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
170 B 185ms
62ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/45419/376cef9bc739cb759b1b.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ivona.ua
date: Mon, 18 Apr 2022 04:04:26 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
ww251.smartadserver.com/prebid/ 0
330 B 112ms
37ms XHR
application/json 185.86.137.114
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww251.smartadserver.com/prebid/v1
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/45419/376cef9bc739cb759b1b.b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ivona.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
170 B 186ms
63ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/45419/376cef9bc739cb759b1b.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ivona.ua
date: Mon, 18 Apr 2022 04:04:26 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/45419/ 28 KB
11 KB 46ms
45ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:35 GMT
server: nginx
etag: W/"6257e637-702f"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:41+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:41 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/45419/ 42 KB
18 KB 51ms
50ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:36 GMT
server: nginx
etag: W/"6257e638-a793"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:41+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:41 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/45419/ 13 KB
5 KB 46ms
46ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:28 GMT
server: nginx
etag: W/"6257e630-326c"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:41+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:41 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/45419/ 11 KB
4 KB 53ms
52ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:27 GMT
server: nginx
etag: W/"6257e62f-2a79"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:41+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:41 GMT

GET
H2 200 362b590febf83073189a.b.js Show response
cdn.admixer.net/scripts3/45419/ 215 KB
74 KB 56ms
56ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/362b590febf83073189a.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 59fe052fa30275b48b087c29ee1e47022c320d5f4081d8e15015caee0f2a6283

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc34
date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:23 GMT
server: nginx
etag: W/"6257e62b-35ac7"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:41+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:41 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
170 B 182ms
62ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/45419/376cef9bc739cb759b1b.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ivona.ua
date: Mon, 18 Apr 2022 04:04:26 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
330 B 143ms
37ms XHR
application/json 185.86.138.121
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/45419/376cef9bc739cb759b1b.b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
vary: Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://ivona.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
170 B 181ms
62ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/45419/376cef9bc739cb759b1b.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://ivona.ua
date: Mon, 18 Apr 2022 04:04:26 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 mwayss_invocation.min.js Show response
ad.mox.tv/mox/ 29 KB
10 KB 114ms
35ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 16:48:38 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"61af9066-72a8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 18 Apr 2022 05:04:26 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 515ms
515ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=535a130aba0241c3a204d331e07a1f0a&zone=E7702231-2E98-4FD2-8C48-2B474CAB0363&device=28&rule=367981D1-53B6-4DD6-8A3E-50DB6709E57C&requestId=e8cfa062-9ae3-4425-a400-d041f55dc31e&hp=-370074540&page=ivona.ua%2F&ts=637858514666464490&ap=NDU%3D&asign=-1110084210&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=88eaa015-da15-4825-9f9a-a7a5a2268b75&ip=217.138.196.100&item=F8B2536D-904F-43FA-A7FF-34F8638AC44B&crid=F8B2536D-904F-43FA-A7FF-34F8638AC44B&profile=A882975B-8C3C-40D9-B188-89F4EF2DFCE1&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:27 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 42ms
42ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=535a130aba0241c3a204d331e07a1f0a&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=11ba2f3e-3de8-4c31-abc0-17a5c22f7a39&hp=-370074540&page=ivona.ua%2F&ts=637858514666058603&ap=MA%3D%3D&asign=208642934&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=e97eb085-34f3-4c12-a99a-ec17a9e628ad&ip=217.138.196.100&item=742F880D-0B09-4A22-9509-965113280D36&crid=742F880D-0B09-4A22-9509-965113280D36&size=350x240&profile=C27F7D27-35B0-471E-9AB7-5DD4D760EF40&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Apr 2022 04:04:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 149ms
58ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-206274582-1&cid=70452389.1650254667&jid=95909409&_u=YEBAAUAAAAAAAC~&z=437211818

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 147ms
57ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-206274582-1&cid=70452389.1650254667&jid=95909409&_u=YEBAAUAAAAAAAC~&z=437211818

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 42ms
41ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=535a130aba0241c3a204d331e07a1f0a&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=11ba2f3e-3de8-4c31-abc0-17a5c22f7a39&hp=-370074540&page=ivona.ua%2F&ts=637858514666058603&ap=MA%3D%3D&asign=208642934&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=e97eb085-34f3-4c12-a99a-ec17a9e628ad&ip=217.138.196.100&item=D0EEA9F9-C933-4D86-8C78-4628D65839DD&crid=D0EEA9F9-C933-4D86-8C78-4628D65839DD&size=350x240&profile=08C7770D-D6A5-444B-8C99-6C11B1376450&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Apr 2022 04:04:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 41ms
41ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=535a130aba0241c3a204d331e07a1f0a&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=0da5900b-71a4-4d19-a9b0-40b959a40dc2&hp=-370074540&page=ivona.ua%2F&ts=637858514666570365&ap=MA%3D%3D&asign=-60313622&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=88eaa015-da15-4825-9f9a-a7a5a2268b75&ip=217.138.196.100&item=9B1B0305-7D25-4D27-94D9-2AAB9CA411F2&crid=9B1B0305-7D25-4D27-94D9-2AAB9CA411F2&size=350x240&profile=A30ACB44-18F1-45CA-BA85-5B440B44C7DF&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Apr 2022 04:04:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 41ms
41ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=535a130aba0241c3a204d331e07a1f0a&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=11ba2f3e-3de8-4c31-abc0-17a5c22f7a39&hp=-370074540&page=ivona.ua%2F&ts=637858514666058603&ap=MA%3D%3D&asign=208642934&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=e97eb085-34f3-4c12-a99a-ec17a9e628ad&ip=217.138.196.100&item=C3C5CCA8-CF47-42BE-A945-6D3416B60CD6&crid=C3C5CCA8-CF47-42BE-A945-6D3416B60CD6&size=350x240&profile=5EEA8F57-F0AA-4422-A5D9-20C13E0F2FBF&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Apr 2022 04:04:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 42ms
41ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=535a130aba0241c3a204d331e07a1f0a&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=0da5900b-71a4-4d19-a9b0-40b959a40dc2&hp=-370074540&page=ivona.ua%2F&ts=637858514666570365&ap=MA%3D%3D&asign=-60313622&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=88eaa015-da15-4825-9f9a-a7a5a2268b75&ip=217.138.196.100&item=5E5EC4A4-287F-4613-8D3B-354B1602DCD2&crid=5E5EC4A4-287F-4613-8D3B-354B1602DCD2&size=350x240&profile=A01BDF0B-F125-40F1-9022-C7F2F7F7F847&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Apr 2022 04:04:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3AA7 154 KB
53 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

baf26f9d3541265aaae74be7296618ace46acd28d9b59ffe8d6a930c3656f6df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54065
x-xss-protection: 0
server: cafe
etag: 11489187373164072120
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 04:04:26 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 42ms
41ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=535a130aba0241c3a204d331e07a1f0a&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=0da5900b-71a4-4d19-a9b0-40b959a40dc2&hp=-370074540&page=ivona.ua%2F&ts=637858514666570365&ap=MA%3D%3D&asign=-60313622&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=88eaa015-da15-4825-9f9a-a7a5a2268b75&ip=217.138.196.100&item=8167273D-0350-4192-A2A7-6E2A0FB7CFFF&crid=8167273D-0350-4192-A2A7-6E2A0FB7CFFF&size=350x240&profile=36DBA250-021E-4192-BB34-F2EE916251DD&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Apr 2022 04:04:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 53ms
42ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=535a130aba0241c3a204d331e07a1f0a&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=0da5900b-71a4-4d19-a9b0-40b959a40dc2&hp=-370074540&page=ivona.ua%2F&ts=637858514666570365&ap=OA%3D%3D&asign=-342638624&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=88eaa015-da15-4825-9f9a-a7a5a2268b75&ip=217.138.196.100&item=08C00FAB-E6A6-4787-A1BA-A1848F9630CB&crid=08C00FAB-E6A6-4787-A1BA-A1848F9630CB&size=728x90&profile=C87AA202-A622-463B-98B8-FBABB05C7EEA&isopt=0&adv=N%2FA&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:26 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2 200 mwayss_invocation.min.js Show response
ad.mox.tv/mox/ 29 KB
10 KB 66ms
65ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 16:48:38 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"61af9066-72a8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 18 Apr 2022 05:04:26 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 50ms
41ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=535a130aba0241c3a204d331e07a1f0a&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=11ba2f3e-3de8-4c31-abc0-17a5c22f7a39&hp=-370074540&page=ivona.ua%2F&ts=637858514666058603&ap=MA%3D%3D&asign=208642934&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=e97eb085-34f3-4c12-a99a-ec17a9e628ad&ip=217.138.196.100&item=1EBE7643-AB97-4780-A4A5-EC43BEC73EA9&crid=1EBE7643-AB97-4780-A4A5-EC43BEC73EA9&size=350x240&profile=476857EE-5211-4F53-A2E9-6B14A06EFC2C&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Apr 2022 04:04:26 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 48ms
42ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=535a130aba0241c3a204d331e07a1f0a&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=11ba2f3e-3de8-4c31-abc0-17a5c22f7a39&hp=-370074540&page=ivona.ua%2F&ts=637858514666058603&ap=OA%3D%3D&asign=-73682068&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=e97eb085-34f3-4c12-a99a-ec17a9e628ad&ip=217.138.196.100&item=6F40F793-2197-419B-99FF-3A23ACB393CA&crid=6F40F793-2197-419B-99FF-3A23ACB393CA&size=300x600&profile=B774ED5B-868F-4830-AF4F-06A3722C07AE&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:26 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

POST
H2 200 z Show response
s.zmctrack.net/ Frame E4D2 102 B
446 B 70ms
70ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 747593508ba2843e380b73b39edefb9271ab650d44d599ce2e85ad09882525fe

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://ivona.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2 200 cm.js Show response
source.mmi.bemobile.ua/cm/ 52 KB
20 KB 157ms
157ms Script
application/javascript 194.247.175.38
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cmeter_an.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:26 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:55:53 GMT
server: nginx/1.13.0
etag: W/"5dc27c89-d0f6"
content-type: application/javascript; charset=utf-8
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:55:53 GMT

GET
H2 200 ivona.bigmir.net.1296107.es6.js Show response
jsc.idealmedia.io/i/v/ 230 KB
70 KB 207ms
207ms Script
text/javascript 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac170a93df8e032469e75c20c7b828e82a2357522a9d5c51f6545f8f5ef62cfd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: V2BDN3DWM57DV430
content-length: 71211
x-amz-id-2: uY4MK8rTQwnyq492ycVTYNax7epRIVM+pucVKOCNJG25XSYBJeV12XMKBEa3oA6/XYKnPI19qqE=
last-modified: Fri, 15 Apr 2022 12:00:26 GMT
server: cloudflare
etag: "3ca7c818f7f8914f44b0dd1064c11bfc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 6fda84348cf235f5-MAN
expires: Mon, 18 Apr 2022 07:04:27 GMT

GET
H2 200 logo_top.png
kolobok.ua/images/ Frame D1A2 8 KB
8 KB 266ms
92ms Image
image/png 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/logo_top.png
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:05:57 GMT
last-modified: Thu, 04 Feb 2021 12:11:24 GMT
server: nginx
etag: "601be46c-208f"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8335
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2a1ed4729785757907f915a041fc82d4.jpg
exchange.informer.ua/assets/thumbnails/2a/ Frame D1A2 7 KB
7 KB 83ms
82ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/2a/2a1ed4729785757907f915a041fc82d4.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: e715f2572f8e6c0826612bce0c5368a307dd0d2b3867e7b75561c3b5978d8a3d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:06:04 GMT
last-modified: Sat, 16 Apr 2022 21:00:20 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "625b2e64-1b87"
content-length: 7047
content-type: image/jpeg

GET
H2 200 4aa0778ccec60bfbd1c4d37b72751ea7.jpg
exchange.informer.ua/assets/thumbnails/4a/ Frame D1A2 7 KB
7 KB 159ms
158ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/4a/4aa0778ccec60bfbd1c4d37b72751ea7.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 428095c83df3d97ef872b3ff4a788ccecdd86fe201822a6d77b9fa6f47e8fb11

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:06:04 GMT
last-modified: Fri, 08 Apr 2022 10:00:05 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "625007a5-1b27"
content-length: 6951
content-type: image/jpeg

GET
H2 200 6a95e14dadd84672f44ce8d899755166.jpg
exchange.informer.ua/assets/thumbnails/6a/ Frame D1A2 3 KB
4 KB 159ms
159ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/6a/6a95e14dadd84672f44ce8d899755166.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: eff5a46b0697fc310613dff4c58c902f221187e0d0dcf5686a4179d8f38050a2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:06:04 GMT
last-modified: Wed, 13 Apr 2022 09:40:13 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62569a7d-db3"
content-length: 3507
content-type: image/jpeg

GET
H2 200 cd65d6f36308c361cf19cc654b009ff7.jpg
exchange.informer.ua/assets/thumbnails/cd/ Frame D1A2 7 KB
7 KB 162ms
161ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/cd/cd65d6f36308c361cf19cc654b009ff7.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 881f8b5d1940cc74ab6eec11b0d91e6497a89b38e61fc4ac3ebd4a6ca0f65709

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:06:04 GMT
last-modified: Sat, 09 Apr 2022 22:50:18 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62520daa-1b1d"
content-length: 6941
content-type: image/jpeg

GET
H2 200 ivona.bigmir.net.1211636.es6.js Show response
jsc.idealmedia.io/i/v/ 237 KB
72 KB 213ms
213ms Script
text/javascript 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c704dae6200b6246a5b8d65426b06d93b9f36b34d79dd3dc546a4b5bd579af5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: 9ZQ5SWZ7MZ3H5D4C
content-length: 73118
x-amz-id-2: 6rrCz7a1wKZCsH+HJ2Ymd7pS4o+KCNvnid7ndLi+2UPYLE/mFcaci4NicQCHirUPkGQGexNsA3o=
last-modified: Fri, 15 Apr 2022 11:01:57 GMT
server: cloudflare
etag: "50a8732fe9068dc5560451a7421610a4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
accept-ranges: bytes
cf-ray: 6fda8434ad1435f5-MAN
expires: Mon, 18 Apr 2022 07:04:27 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204060102/ Frame 3AA7 302 KB
108 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204060102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067063

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe37e01fba4cad1e6f1367b228502cb67dddc4e2b7a2017fd452774c6dbbad9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110297
x-xss-protection: 0
server: cafe
etag: 13835976753058366533
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 04:04:27 GMT

GET
H2 200 impress Show response
ad.mox.tv/delivery/ 18 KB
10 KB 85ms
85ms XHR
application/json 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=ivona.ua&top_url=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&url=https%3A%2F%2Fivona.ua%2F&referrer=&async=1&uid=6953075552
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 9ad4dedc4277d1d4496f4daad75ff26a658c1e12709735e038c13b144c364778

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://ivona.ua
date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 impress Show response
ad.mox.tv/delivery/ 19 KB
11 KB 78ms
78ms XHR
application/json 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=ivona.ua&top_url=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&url=https%3A%2F%2Fivona.ua%2F&referrer=&async=1&uid=2425225977
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 20113c987d357a00dd1c5058dfbfc3daede155eec76fa87d13c5f1d4b5d5b66d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://ivona.ua
date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 upwards.png
ivona.ua/img/ 2 KB
2 KB 43ms
43ms Image
image/png 13.32.99.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ivona.ua/img/upwards.png
Requested by: Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-49.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: c228cfe6b3ebb46f183eda1d08be68dfc80fd7680ce97ec6daef9b3d81f52b44

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/css/style.css/v10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Oct 2021 13:35:31 GMT
via: 1.1 7251dede1ac94066b27bcd33919b30c6.cloudfront.net (CloudFront)
age: 15517561
x-cache: Hit from cloudfront
content-length: 1602
last-modified: Sat, 24 Jul 2021 16:19:44 GMT
server: nginx
etag: "60fc3da0-642"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
x-amz-cf-pop: FRA60-P3
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: C1wSn4cBFLScZLypr0vbMpIgf4itzpmcDgLGE_JwkhNQ7lMwbLrP0g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 15 KB
5 KB 162ms
53ms Stylesheet
text/css 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13025673
fly-request-id: 01FMS77QYFR7T91A14VZPZC4YW
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6fda84361f230211-ZRH

GET
H2 200 achernar.min.js Show response
ad.mox.tv/js/achernar/ 11 KB
4 KB 37ms
35ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/achernar.min.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 14:47:09 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6213a5ed-2b1e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 18 Apr 2022 05:04:27 GMT

GET
H2 200 prebid.js Show response
ad.mox.tv/js/achernar/ 212 KB
66 KB 44ms
41ms Script
application/javascript 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/prebid.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: abda83b7b0fcad530a82341fef5a3b7acdfa13778c13debf5bddcc21beea49c5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 12:39:02 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6151bb66-34fc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Mon, 18 Apr 2022 05:04:27 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
28 KB 159ms
54ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

889aaa6bf2c55c0665fe59ab431de0ddbce524d959cfb6442147811c1550c0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28548
x-xss-protection: 0
server: sffe
etag: "1190 / 557 of 1000 / last-modified: 1650060514"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 18 Apr 2022 04:04:27 GMT

GET
H2 200 swiper-bundle.min.js Show response
unpkg.com/swiper@7.3.0/ 132 KB
38 KB 163ms
57ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13025715
fly-request-id: 01FMS76ETJSXZKGZGFZVHH4A5S
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6fda84361f250211-ZRH

GET
H2 200 mwayss_invocation.min.css
ad.mox.tv/mox/ 3 KB
850 B 79ms
78ms Stylesheet
text/css 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 35 B
373 B 156ms
58ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 magic.png
bgstats.mox.tv/ 0
66 B 126ms
41ms Image
image/png 167.71.9.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgstats.mox.tv/magic.png
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 0
content-type: image/png

GET

sync
ad.mediawayss.com/delivery/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=cc1ff3b1-3ad6-4f46-aa86-c44e5819b189&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=cc1ff3b1-3ad6-4f46-aa86-c44e5819b189&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=75984b21-7f3a-516c-8e54-296aec08ca21&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://ad.mox.tv/delivery/sync?userid=c00f2201-4599-4d11-b30a-e9ff988177ab
https://ad.mediawayss.com/delivery/sync?userid=c00f2201-4599-4d11-b30a-e9ff988177ab&inner_redirect=1&inner_uuid=fcfc0b69-06f4-4b81-8198-e12cf48c2c23&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...

0
0

GET

sync
ad.mediawayss.com/delivery/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=fcfc0b69-06f4-4b81-8198-e12cf48c2c23&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=fcfc0b69-06f4-4b81-8198-e12cf48c2c23&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=75984b21-7f3a-516c-8e54-296aec08ca21&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://ad.mox.tv/delivery/sync?userid=c00f2201-4599-4d11-b30a-e9ff988177ab
https://ad.mediawayss.com/delivery/sync?userid=c00f2201-4599-4d11-b30a-e9ff988177ab&inner_redirect=1&inner_uuid=fcfc0b69-06f4-4b81-8198-e12cf48c2c23&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...

0
0

GET
H2 200 cds.js Show response
pa.tns-ua.com/viewability/ 2 KB
3 KB 257ms
77ms Script
application/javascript 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cds.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
last-modified: Mon, 02 Jul 2018 17:26:57 GMT
server: nginx/1.13.0
accept-ranges: bytes
etag: "5b3a6061-9c3"
content-length: 2499
content-type: application/javascript; charset=utf-8

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 3AA7 12 B
53 B 124ms
66ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ivona.ua&callback=_gfp_s_&client=ca-pub-3755662197386269&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204060102/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067063

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame 3AA7 107 B
122 B 120ms
65ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=ivona.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3AA7 107 B
122 B 122ms
65ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ivona.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7654 114 KB
34 KB 376ms
375ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650254666987&bpp=3&bdt=100&idt=128&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&correlator=557144391490&frm=23&ife=5&pv=1&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1155762858&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C44760911%2C31067063%2C31067068%2C31066184&oid=2&pvsid=3100504603474102&pem=933&tmod=1300855319&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jy5hhy20ou&fsb=1&dtd=145

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

257513e8dd4b8ad396fff2551d82812fb3e5be5d8b0b8325de05e55199944c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34853
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 04:04:27 GMT
expires: Mon, 18 Apr 2022 04:04:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3AA7 14 KB
10 KB 112ms
55ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220413&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

665fdeef7efff89dd24f16990d0125f87ed98ccc3e009fd2f39c8bfb5f9b07bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10688
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3AA7 17 KB
7 KB 145ms
54ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Apr 2022 04:04:27 GMT

GET
H2 200 pubads_impl_2022041301.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
124 KB 135ms
42ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125956
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 08:34:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 17 Apr 2023 21:38:35 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 160 B
742 B 142ms
50ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ivona.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

36e8435564fbeaa59d7c1b052cc8297092a2fce7471d86976777f7027daef8a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106
x-xss-protection: 0
expires: Mon, 18 Apr 2022 04:04:27 GMT

GET
H2 200 cm.html Show response
pa.tns-ua.com/viewability/ Frame BC1A 3 KB
1 KB 78ms
77ms Document
text/html 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cm.html
Requested by: Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Mon, 18 Apr 2022 04:04:27 GMT
etag: W/"5b31038a-b5f"
last-modified: Mon, 25 Jun 2018 15:00:26 GMT
server: nginx/1.13.0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6F50 13 KB
5 KB 95ms
42ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 20265
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 22:26:42 GMT
expires: Mon, 17 Apr 2023 22:26:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9FB6 783 B
537 B 106ms
54ms Document
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

abbf1c140ffd3d0e2c17830766edcb857296d89c3853ad94509bc63363e26427

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1F5kRaAr/LX80ZW3Og1jOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-1F5kRaAr/LX80ZW3Og1jOQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 04:04:27 GMT
expires: Mon, 18 Apr 2022 04:04:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 1119ms
170ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 04:04:28 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 1118ms
169ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=5515751128A447568E0FAD661105790A&time=1650254667166&location=https%3A%2F%2Fivona.ua%2F&referrer=&is_flash=0&session_id=513505440&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=holder&param1=~cm_timer~&param2=0&param3=1200&param5=2&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 04:04:28 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
229 B 79ms
77ms Image
image/gif 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?uid=5515751128A447568E0FAD661105790A&time=1650254667462
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7654 8 KB
892 B 101ms
51ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650254666987&bpp=3&bdt=100&idt=128&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&correlator=557144391490&frm=23&ife=5&pv=1&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1155762858&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C44760911%2C31067063%2C31067068%2C31066184&oid=2&pvsid=3100504603474102&pem=933&tmod=1300855319&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jy5hhy20ou&fsb=1&dtd=145

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 03:19:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Apr 2022 04:04:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Apr 2022 04:04:27 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 7654 2 KB
904 B 42ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:18:45 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 7654 19 KB
8 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:44:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7654 0
0 88ms
88ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQKHuS-NcYsGwCozU3gOS84LgDqWgk5pp1bvx8uYPZBABIMbgi3lgu4aAgNAKoAH5uPnbA8gBCakCJuWz7ZHptT6oAwHIA8sEqgTjAU_QS_RzZmxvU0z5pMFYyhVMBtVQKUWADIOvP5CvMiVQNdcRQMzrXqUbmIspDuPH7pLnagjmJfQUB-l7uyxaIzwio8K7jiKCJLx6Z1344gF6AmHaXvy9T9QjABGeGW_Zb5x40T5A5A8sNKqruM03BN3ceGNAWLvCdeMZLlJLvGUueiQFYmEoQkCk4I8iTGQiP72uruiBHUNPP1g_Bd1np6MCWfk4Zk9rEcnMxiz2VMh9VWm-quxlGsMzvlNz8zCTK2i97A2ZFrcGqdVbP3V_2hyUTXMFwV_NxJHSBrN-rEud6sDlwATN56_v9QOSBQQIBBgBkgUECAUYBKAGLoAHuruoN6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJGqBNIICQiA4YBwEAEYH4AKAcgLAZgMifKmpu0DuBODBNgTDtAVAYAXAbIXHAoaCAASFHB1Yi0zNzU1NjYyMTk3Mzg2MjY5GAA&sigh=ntJ1DryFyPA&uach_m=[UACH]&template_id=515

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650254666987&bpp=3&bdt=100&idt=128&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&correlator=557144391490&frm=23&ife=5&pv=1&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1155762858&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C44760911%2C31067063%2C31067068%2C31066184&oid=2&pvsid=3100504603474102&pem=933&tmod=1300855319&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jy5hhy20ou&fsb=1&dtd=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 18 Apr 2022 04:04:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 7654 3 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 761
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:51:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7654 119 KB
36 KB 100ms
51ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Apr 2022 04:04:27 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 7654 15 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1723
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:35:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7654 0
0 50ms
49ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRrkN2WZJ96LUyyLnEZjK6Udn2hdVlW6wuBF9BV0OD_HXH7C_RbDT3ogTcY6dpInK2C6Fbi
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650254666987&bpp=3&bdt=100&idt=128&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&correlator=557144391490&frm=23&ife=5&pv=1&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1155762858&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C44760911%2C31067063%2C31067068%2C31066184&oid=2&pvsid=3100504603474102&pem=933&tmod=1300855319&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jy5hhy20ou&fsb=1&dtd=145
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame 7654 29 KB
12 KB 137ms
46ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 14:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133850
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:43:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 15 Jul 2022 14:53:37 GMT

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6F50 35 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:36:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9FB6 0
0 77ms
77ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220413&jk=3100504603474102&rc=
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 10990576957824796755
tpc.googlesyndication.com/simgad/ Frame 7654 2 KB
2 KB 43ms
43ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10990576957824796755?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fcd235e4611e6ea5cd85b6a2cedce78137f942e03d022735016ae87a408184d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 10:55:30 GMT
x-content-type-options: nosniff
age: 407337
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2192
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:30:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 13 Apr 2023 10:55:30 GMT

GET
DATA 200
OK truncated
/ Frame 7654 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7654 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
498 B 44ms
44ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 18 Apr 2022 04:04:27 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://ivona.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
498 B 42ms
42ms XHR
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 18 Apr 2022 04:04:27 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://ivona.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 51ms
51ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=ivona.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 52ms
52ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ivona.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 438 B
262 B 301ms
249ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2914074695639086&correlator=1755416322493521&eid=31067069%2C31067111%2C31066184%2C31062930&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_ivona.ua_banner_300x600_WW&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=2&adks=765282423&sfv=1-0-38&ecs=20220418&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&abxe=1&dt=1650254667653&lmt=1650254667&dlt=1650254665779&idt=1790&biw=1600&bih=1200&adxs=2330&adys=714&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1358437930&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

673efbdacb02011865ea945116af2b626a46e8ea087e816f216a1486086bea33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ivona.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 157 KB
41 KB 795ms
744ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2914074695639086&correlator=1755416322493521&eid=31067069%2C31067111%2C31066184%2C31062930&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.bigmir.net%2C300x600_ww&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=3&adks=3101626666&sfv=1-0-38&ecs=20220418&fsapi=false&sc=1&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&abxe=1&dt=1650254667659&lmt=1650254667&dlt=1650254665779&idt=1790&biw=1600&bih=1200&adxs=3830&adys=714&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1358437930&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

de73f81a91b67ab501d469a804340110d92013800de0e17ed0d7947d74e5c502

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42209
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ivona.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 452 B
264 B 480ms
430ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2914074695639086&correlator=1755416322493521&eid=31067069%2C31067111%2C31066184%2C31062930&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_ivona.ua_banner_300x600_WW&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=523559238&sfv=1-0-38&ecs=20220418&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&abxe=1&dt=1650254667663&lmt=1650254667&dlt=1650254665779&idt=1790&biw=1600&bih=1200&adxs=5330&adys=714&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1358437930&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

1c2e35982f192d278b426abff86259d15b134079bab71b3c995eb19718ab1e50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ivona.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 422 B
253 B 298ms
247ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2914074695639086&correlator=1755416322493521&eid=31067069%2C31067111%2C31066184%2C31062930&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.ua_300x600_WW_%2C300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=1079374786&sfv=1-0-38&ecs=20220418&fsapi=false&sc=1&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&abxe=1&dt=1650254667667&lmt=1650254667&dlt=1650254665779&idt=1790&biw=1600&bih=1200&adxs=6830&adys=714&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1358437930&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

b2c1df8b39d8393f0c4f9e838ba4f46cd8a06802e2beffa236bf47bb28748979

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 224
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ivona.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 157 KB
41 KB 535ms
484ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2914074695639086&correlator=1755416322493521&eid=31067069%2C31067111%2C31066184%2C31062930&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Civona.ua_300x600_WW&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=6&adks=3661719877&sfv=1-0-38&ecs=20220418&fsapi=false&sc=1&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&abxe=1&dt=1650254667670&lmt=1650254667&dlt=1650254665779&idt=1790&biw=1600&bih=1200&adxs=8330&adys=714&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1358437930&ga_fc=true&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f49dc9bcc54f33a74dd26bae9a55bbb5b28638ad91e6a47ef97ba48aacdf6b75

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41842
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ivona.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 433 B
264 B 447ms
397ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2914074695639086&correlator=1755416322493521&eid=31067069%2C31067111%2C31066184%2C31062930&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_ivona.ua_S_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=7&adks=686443275&sfv=1-0-38&ecs=20220418&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&abxe=1&dt=1650254667672&lmt=1650254667&dlt=1650254665779&idt=1790&biw=1600&bih=1200&adxs=1050&adys=1208&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1358437930&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

41bc2c13ddefdf8722b2ab40d317c7ebe13bd50e31691364194c1857ab246436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ivona.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 447 B
269 B 304ms
254ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2914074695639086&correlator=1755416322493521&eid=31067069%2C31067111%2C31066184%2C31062930&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_ivona.ua_S_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=8&adks=1202709530&sfv=1-0-38&ecs=20220418&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&abxe=1&dt=1650254667674&lmt=1650254667&dlt=1650254665779&idt=1790&biw=1600&bih=1200&adxs=2250&adys=1208&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1358437930&ga_fc=true&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

8be1ba1bb11c56209a3a1a419bd05983876a6e982203bbdf78c7e335aeac92a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ivona.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 416 B
254 B 468ms
419ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2914074695639086&correlator=1755416322493521&eid=31067069%2C31067111%2C31066184%2C31062930&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.ua_S_ww_%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=9&adks=3793041325&sfv=1-0-38&ecs=20220418&fsapi=false&sc=1&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&abxe=1&dt=1650254667676&lmt=1650254667&dlt=1650254665779&idt=1790&biw=1600&bih=1200&adxs=3450&adys=1208&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1358437930&ga_fc=true&btvi=3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

36205b065d2d36980fa91b3df6afd5e3718856f7c9b69be8869bb913860075f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ivona.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 158 KB
41 KB 341ms
292ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2914074695639086&correlator=1755416322493521&eid=31067069%2C31067111%2C31066184%2C31062930&output=ldjh&gdfp_req=1&vrg=2022041301&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Civona.bigmir.net_S_WW_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=10&adks=2784017818&sfv=1-0-38&ecs=20220418&fsapi=false&sc=1&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&abxe=1&dt=1650254667678&lmt=1650254667&dlt=1650254665779&idt=1790&biw=1600&bih=1200&adxs=4650&adys=1208&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1358437930&ga_fc=true&btvi=4&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

73c35fb7bff15aa8fb2239f1d1852a794d8c55ee3ae156a6748cd9941bbf100e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42264
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ivona.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8AC0 6 KB
4 KB 184ms
51ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 04:04:27 GMT
expires: Tue, 18 Apr 2023 04:04:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7654 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 752609114e40f726036b2b759bb097d8ad05e4c45a3b7e24750bb526c660f48b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 7654 28 KB
28 KB 45ms
45ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 451065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:46:42 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 47ms
47ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=89ccbdfd-1266-46c2-a1de-466d0d5c1f57

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Apr 2022 04:04:27 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 48ms
47ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=d9675bdf-cf85-4051-92db-9ca047f83379

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Apr 2022 04:04:27 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 49ms
49ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=e7702231-2e98-4fd2-8c48-2b474cab0363

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Apr 2022 04:04:27 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6F50 0
9 B 41ms
41ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yY3Q3g
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 / Show response
c.idealmedia.io/pv/ 0
43 B 62ms
47ms Script
text/plain 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.idealmedia.io/pv/?pv=5&cbuster=1650254667848112318369&uniqId=14563&childs=1296181&lct=1649980800&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=625ce34c-17b14&pageView=1&pvid=1803ad7e048acbf4b93&site=466737&implVersion=11&dpr=1
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6fda843a3aea35f5-MAN
content-length: 0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"

GET
H3 200 l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js Show response
pagead2.googlesyndication.com/bg/ Frame E229 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/l2o4cWLNalU19nN7vA12WZhb1qS4KDqIWPmZT-glBuk.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:36:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13574
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:36:31 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 42ms
42ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=c15953fe-60cc-47f4-a7b2-8735f0b6c691

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 18 Apr 2022 04:04:27 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 im_logo_mini_43x20.svg
cdn.idealmedia.io/images/ 1 KB
912 B 39ms
30ms Image
image/svg+xml 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.idealmedia.io/images/im_logo_mini_43x20.svg
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:27 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 04 May 2020 12:16:51 GMT
server: cloudflare
age: 2244
etag: W/"ff394e3a03921d25c2f03e03046bf506"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6fda843a8b4935f5-MAN
x-amz-request-id: 49NHSTXQKN47GJKX
x-amz-id-2: i4DAPk4d3CBM+04NfgGLTt66ZpokoV4v5+VsrGkZDCE9KM+BxwuQkUOidzf76JluRMlN4VHZmLA=
expires: Mon, 18 Apr 2022 08:04:27 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 43ms
43ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:27 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 43ms
42ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:27 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2 200 1 Show response
servicer.idealmedia.io/1296107/ 1 KB
929 B 72ms
62ms Script
application/x-javascript 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.idealmedia.io/1296107/1?pv=5&cbuster=165025466800148284921&uniqId=14563&childs=1296181&lct=1649980800&niet=4g&nisd=false&jsv=es6&w=300&h=100&cols=1&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=625ce34c-17b14&pageView=1&pvid=1803ad7e048acbf4b93&implVersion=11&dpr=1
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 854d7eb29ef705818b893e5e462d4f488bca1b4b21af4247356f4fef69e64939

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 6fda843b2bd235f5-MAN

GET
H2 200 1 Show response
servicer.idealmedia.io/1211636/ 3 KB
2 KB 73ms
64ms Script
application/x-javascript 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.idealmedia.io/1211636/1?w=300&h=211&wrongImageSize=1&cols=1&pv=5&cbuster=1650254668003648744865&uniqId=15326&lct=1649980800&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=625ce34c-17b14&pageView=0&pvid=1803ad7e048acbf4b93&implVersion=11&dpr=1
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b025d7c3a9e1778476b51f4b5f35c966a6309e5e7d5009fdbdd899efcf27d7c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 6fda843b2bcf35f5-MAN

GET
H3 200 container.html Show response
a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F763 6 KB
3 KB 90ms
41ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 04:04:27 GMT
expires: Tue, 18 Apr 2023 04:04:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 46ms
46ms Image
text/html 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=c2UwSjJlQ000ZUp3M2RzRktYRTJLZ3Y4NlUrV290L3BlK3p3VkRvRnZKbDJpSE9hSW9oVmhIRFBqUFFYTmhwSFZIZWNGVGFYdGd0VDVQOHF4N3RaUGdyRzI5YjdNQ2s5WUZhekxOMmo4dUlWOU4vL2ZjSEU1RDgvaFJLOTQ3SXl6cWxXdFgvb0g4bzhPWmh4RjZINm1Ta3pTREJmVGVWT3lPWUFFM0dJckZBUTNUYlBQUVFTa0ppcFR4MHBEcGdZclpEVnlBK0VWL3VGM21MWHJyd05teDh5d2RCYUFZdGJKVlRRMEU5LzRneHJZb2lPVmdOeGg4eC9jbE9vZmhlVTYxa1BlZCt2UVg0elFWRUUyZ0g0Nmc9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 04:04:28 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTQwLHlfODQ1L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA0L...
s-img.idealmedia.io/g/12734898/492x328/-/ 4 KB
4 KB 96ms
32ms Image
image/webp 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/g/12734898/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF8xMTQwLHlfODQ1L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA0LzcxMjEyMy8wMTNkZjkxOWI3ZjkxODdjNDgzZDcxYTAzYjM2NWRhNi5qcGc.webp?v=1650254668-u9ppTaFeMWhR5SRCJvojLeoLvW4-nup-jQk3aTYyP8I
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 781f8efd80f3771b82323061b0c48a6a516efaeb1305881ff3601a5fa3c1024e

Request headers

Referer: https://ivona.ua/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
cf-cache-status: HIT
last-modified: Sun, 17 Apr 2022 10:50:26 GMT
x-mg-request-uuid: 51a596ff-2c1a-4a90-8be3-0a006aa3bca5
age: 61078
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6fda843c182c35d7-MAN
content-length: 3862
server: cloudflare
expires: Mon, 18 Apr 2022 11:06:30 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTA5MTUzLzhkNTg3MTQzYjYzNjY0YmFmNjljYjczNWZjMzUyY2YxLmpwZWc.webp
s-img.idealmedia.io/n/10069582/492x328/0x0x622x414/ 16 KB
16 KB 94ms
33ms Image
image/webp 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/n/10069582/492x328/0x0x622x414/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTA5MTUzLzhkNTg3MTQzYjYzNjY0YmFmNjljYjczNWZjMzUyY2YxLmpwZWc.webp?v=1650254668-9H2Hocv6y6s4Ahlndckr07WXLf6JvWTXzjCBGEGi5Ig
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2d8df5d1e57c625a957971d571a7dbccff3ac747d4797e6c1830b630141cdc7

Request headers

Referer: https://ivona.ua/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
cf-cache-status: HIT
last-modified: Thu, 24 Mar 2022 17:20:19 GMT
x-mg-request-uuid: 4097b01f-2f29-458e-9dca-4661ad226902
age: 50286
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6fda843c182e35d7-MAN
content-length: 16178
server: cloudflare
expires: Mon, 18 Apr 2022 12:00:24 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNDI1OTc3L2U3MjY3M2M0ZDE5Njc5NzIxZTgyYmEwYjYyZWFhZmU4LmpwZWc.webp
s-img.idealmedia.io/n/10061444/492x328/130x0x852x568/ 6 KB
7 KB 93ms
32ms Image
image/webp 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/n/10061444/492x328/130x0x852x568/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNDI1OTc3L2U3MjY3M2M0ZDE5Njc5NzIxZTgyYmEwYjYyZWFhZmU4LmpwZWc.webp?v=1650254668-h5atBRp5IZExVAFdVSY3vKkQTfN9Pw1J1NXiqzJ-pzM
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a3548844d6ef8052c0ba5224cce751e398e05d6bd972aa13da90628aa9bb9cc

Request headers

Referer: https://ivona.ua/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
cf-cache-status: HIT
last-modified: Tue, 15 Mar 2022 15:00:15 GMT
x-mg-request-uuid: cc5f4aa0-f405-4388-8f81-a83a6d4edec9
age: 27544
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6fda843c182f35d7-MAN
content-length: 6496
server: cloudflare
expires: Mon, 18 Apr 2022 10:17:05 GMT

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNTk3Ny8zODJmYjUxNjE2ZDIwMWZmNTU2NmY0ZThiYjJlMzdhMC5qcGVn.webp
s-img.idealmedia.io/n/10057706/492x328/0x2x732x488/ 19 KB
19 KB 103ms
43ms Image
image/webp 104.16.221.74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.idealmedia.io/n/10057706/492x328/0x2x732x488/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNTk3Ny8zODJmYjUxNjE2ZDIwMWZmNTU2NmY0ZThiYjJlMzdhMC5qcGVn.webp?v=1650254668-rwHu27f7Rt-ob7f01K1KpYvNrqV-7_CjLOXk_z9bibE
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d9adc49a8dbe0cd2a8ab8f95c28809d66d4098fe6e8e1836bd07680260fa7a5

Request headers

Referer: https://ivona.ua/
Origin: https://ivona.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
cf-cache-status: HIT
last-modified: Wed, 09 Mar 2022 14:00:39 GMT
x-mg-request-uuid: 39a03ad5-b05e-4124-8b13-d880355eaaef
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 6fda843c183035d7-MAN
content-length: 19522
server: cloudflare
expires: Mon, 18 Apr 2022 14:42:45 GMT

GET
H2 200 i.js Show response
cm.idealmedia.io/ 0
133 B 65ms
55ms Script
application/javascript 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.idealmedia.io/i.js?&cbuster=1650254668124116563851
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Apr 2022 04:04:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 6fda843bec8035f5-MAN
content-length: 0

GET
H2 200 i-noref.js Show response
cm.idealmedia.io/ Frame E611 0
40 B 55ms
54ms Script
application/javascript 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.idealmedia.io/i-noref.js?cbuster=1650254668140336641952
Requested by: Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
cf-cache-status: MISS
last-modified: Mon, 18 Apr 2022 04:04:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: bytes
cf-ray: 6fda843bfc8735f5-MAN
content-length: 0

GET
H2 200 counter.php
autocounter.idealmedia.io/autocreative/ 0
50 B 272ms
263ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autocounter.idealmedia.io/autocreative/counter.php?id=466737&pid=49813&referer=&cxurl=https://ivona.ua/&undefinedh2=f4mNXHc2P8vJX4X5YKO1Vw8Jp_1RKQSmrLX5h6o9TLc*&cbuster=1650254668179417729990
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6fda843c4cd635f5-MAN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/gif

GET
H3 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame F763 9 KB
4 KB 90ms
41ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 05:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 13:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 05:51:12 GMT

GET
H3 200 fca94b193e7af05659a5faeacaa310f3.js Show response
www.gstatic.com/mysidia/ Frame F763 131 KB
49 KB 92ms
44ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17a3183d5f9e5b96da5405fdbd9012f31508b75c2a3475ef0251cf81e6a6f19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 05:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49827
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:43:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 05:41:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame F763 8 KB
892 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 03:19:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Apr 2022 04:04:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Apr 2022 04:04:28 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame F763 2 KB
904 B 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:18:45 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame F763 19 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:44:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame F763 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:51:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F763 119 KB
36 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Apr 2022 04:04:28 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame F763 15 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:35:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F763 0
0 55ms
54ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQXZGHGMFUnKALxFTFFHDFdzipB3rCB2Co62kQz9kFYTRw2Of8Kxj3WlPqkMgiqFx-wLTucP_6X9FmrZVx8tO6g0mr14g
Requested by: Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame F763 29 KB
12 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 14:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:43:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 15 Jul 2022 14:53:37 GMT

GET
H3 200 container.html Show response
a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7D41 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 04:04:27 GMT
expires: Tue, 18 Apr 2023 04:04:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 42ms
42ms Image
text/html 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=ZTRSMXRPcFNIcHo0bEU3ZHI0aHFJbk5LS0lHVzhTam5Lbmk1MDB6Y2dra2dWMTBGTDZxYnZ3ZHg0cDhvVlh0S0hoM3M3Q2Nrbk9qaHBPVndKMitCUFd1d1VKN2dtYWhmSjUxS1FLbDNWWUhQYi9jV3hTKzJXWTB3ck5yOFo5TXJHekc1NlZ2ZU52YWJNN2lSaFd5TmlDZXZuRHgvMncrN1VzVjBwaDRJa2d5ZTVXb2orR2tndjloektBbERvSjh1VlY5NlE5ajJCa3VpRktsK3YxRVhZaWExTjBOYnBnbFBCNit5dnpnSGhVRUtGcWpkcmJYaEdMWWpQQ0drZjJLLw%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 04:04:28 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 2632792060241851965
tpc.googlesyndication.com/simgad/ Frame F763 555 KB
556 KB 42ms
42ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2632792060241851965

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aa721c1cc532a687290427cad8fb4cab406df06aac334e58912acca92f8bd3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 08:16:20 GMT
x-content-type-options: nosniff
age: 244088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 568775
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 16:57:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Apr 2023 08:16:20 GMT

GET
H3 200 10990576957824796755
tpc.googlesyndication.com/simgad/ Frame F763 2 KB
2 KB 41ms
40ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10990576957824796755?w=100&h=100

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fcd235e4611e6ea5cd85b6a2cedce78137f942e03d022735016ae87a408184d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 10:55:30 GMT
x-content-type-options: nosniff
age: 407338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2192
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:30:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 13 Apr 2023 10:55:30 GMT

GET
H2 200 data=NpaMQ0cIGfQdYa1Ki8pL-ey_2sQDCx62hzVxeN4iigXvtMwSHIzUq5VC3Ex6Umdy0beEy5Ckhsz79m0q0lCM7E0
mts0.google.com/vt/ Frame F763 18 KB
19 KB 289ms
169ms Image
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=NpaMQ0cIGfQdYa1Ki8pL-ey_2sQDCx62hzVxeN4iigXvtMwSHIzUq5VC3Ex6Umdy0beEy5Ckhsz79m0q0lCM7E0

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

02071803a40c9923ea02d85ac63660d1858495edfdcae26d6fdda1340e51d75e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=115
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18874
x-xss-protection: 0
x-server-version-bin: CggIBBCV+OaSBg==
server: scaffolding on HTTPServer2
etag: 044f3e270996aae09
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Mon, 18 Apr 2022 05:04:28 GMT

GET
DATA 200
OK truncated
/ Frame F763 301 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame F763 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 7D41 9 KB
4 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 05:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 13:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 05:51:12 GMT

GET
H3 200 fca94b193e7af05659a5faeacaa310f3.js Show response
www.gstatic.com/mysidia/ Frame 7D41 131 KB
49 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17a3183d5f9e5b96da5405fdbd9012f31508b75c2a3475ef0251cf81e6a6f19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 05:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49827
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:43:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 05:41:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7D41 8 KB
892 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 03:19:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Apr 2022 04:04:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Apr 2022 04:04:28 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 7D41 2 KB
904 B 46ms
45ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:18:45 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 7D41 19 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:44:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 7D41 3 KB
1 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:51:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7D41 119 KB
36 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Apr 2022 04:04:28 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 7D41 15 KB
6 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:35:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7D41 0
0 50ms
49ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUcPKlbn0hZQ6ZYXqu4peQXOIpcfUGnJxlcp6CscZIa5PXH92L-eQljUQXURGCPlkB9Uw-3TGEY3enHs26-SoQtmjf_A
Requested by: Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame 7D41 29 KB
12 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 14:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:43:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 15 Jul 2022 14:53:37 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F763 0
45 B 905ms
278ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l2470ri3&c=1399602691105&slotId=699801345552.5&qqid=CNL9jNrdnPcCFZS4dwodASUF_g&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F763 0
0 85ms
85ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEBYoS-NcYpKsMJTx3gOBypTwD6Wgk5pp5InFyZoQZBABIJvciSJgu4aAgNAKoAH5uPnbA8gBCakCJuWz7ZHptT7gAgCoAwHIA8sEqgSLAk_QES9cs1Ng_4FYbWdDv4TZFm_etNt7f26ETTZWLMnn4qJiqngs2RF1IerDFFzGcAhMbvLrfke7sTaEUrki0aO7lld7rOoLs6R29GItGjMvSWC3wRNw2aERfJP4IjafEYhGmPoGg2LDuAGQsQTcsGZYgXp-w4v85tCr-lPYweHiZfqHpgp9mxWrKpN6JZE2rv1P-o6kxLUzPGXw5HCbqTeBNwvZi8v_wyLSMqT0LTU2CXHQqDckUfNxMzqShOJ75MUPx7JN5zhvNDAFq66sbt4MwTX3Hx1oWt-bh0ksJteEePiWPUzgRY99XNdBrYedcgIqZCuKnzxzgBH2djzYcBj1BnMOX7OajlILUsAEve6v7_UD4AQBkgUECAQYAZIFBAgFGASgBi6AB7q7qDeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCArQTSCAkIgOGAEBABGB2ACgPICwGYDInypqbtA7gToQTYEw7QFQGAFwGyFx4KHAgAEhRwdWItODI0MTA0OTQ5NzYwODk5Nxjz8RY&sigh=_bWxEMcAGwY&uach_m=[UACH]&template_id=545
Requested by: Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B2AB 1 KB
749 B 41ms
41ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 52696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Mon, 18 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F763 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a407c9079ed9cddfae29c6658a2e759a00de45168f719281001a5c9fc8ab6e81

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

206
Partial Content

videoplayback
rr3---sn-aigl6nsk.googlevideo.com/ Frame F763
Redirect Chain

https://rr4---sn-aigzrn7l.googlevideo.com/videoplayback?expire=1650283467&ei=S-NcYtOBOYyO1gLinoDwBg&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&mh=C8&mm=31&mn=sn-ai...
https://rr3---sn-aigl6nsk.googlevideo.com/videoplayback?expire=1650283467&ei=S-NcYtOBOYyO1gLinoDwBg&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ct...

2 MB
2 MB

107ms
33ms

Media
video/mp4

2a00:1450:4009:6::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr3---sn-aigl6nsk.googlevideo.com/videoplayback?expire=1650283467&ei=S-NcYtOBOYyO1gLinoDwBg&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1646312223580167&txp=5438434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAOZW-YRPg7ZENa2_e66EO7ugsiujYSHYQu7-FjVJF2yTAiEA2EuGhO_Eeaa_fl1GKOlJDI4ynx6OJvi6_P1El-Vwfgo=&cpn=cco-4s9Cuq-sHGYj&redirect_counter=1&rm=sn-aigesd7z&req_id=43b62074541836e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=C8&mip=2001:ac8:21:e::8&mm=31&mn=sn-aigl6nsk&ms=au&mt=1650254457&mv=m&mvi=3&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANC1fWTsLavqblIVlxYm9Qdq1ICkg8O-vutTtWbes4-oAiEA5hlbpGFMGq5PbVQCs5Y80U0KEVJnPB_-IVFr5SB9kyk%3D

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

2a00:1450:4009:6::8 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8bb7757ec04aff2711bde198d256780d2423ed775f144a9acd5b27358d19fdbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Mar 2022 12:57:03 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1844998/1844999
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1844999
Expires: Mon, 18 Apr 2022 04:04:28 GMT

Redirect headers

Date: Mon, 18 Apr 2022 04:04:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://rr3---sn-aigl6nsk.googlevideo.com/videoplayback?expire=1650283467&ei=S-NcYtOBOYyO1gLinoDwBg&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1646312223580167&txp=5438434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAOZW-YRPg7ZENa2_e66EO7ugsiujYSHYQu7-FjVJF2yTAiEA2EuGhO_Eeaa_fl1GKOlJDI4ynx6OJvi6_P1El-Vwfgo=&cpn=cco-4s9Cuq-sHGYj&redirect_counter=1&rm=sn-aigesd7z&req_id=43b62074541836e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=C8&mip=2001:ac8:21:e::8&mm=31&mn=sn-aigl6nsk&ms=au&mt=1650254457&mv=m&mvi=3&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhANC1fWTsLavqblIVlxYm9Qdq1ICkg8O-vutTtWbes4-oAiEA5hlbpGFMGq5PbVQCs5Y80U0KEVJnPB_-IVFr5SB9kyk%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Mon, 18 Apr 2022 04:04:28 GMT

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame F763 28 KB
28 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 451066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:46:42 GMT

GET
H3 200 2632792060241851965
tpc.googlesyndication.com/simgad/ Frame 7D41 555 KB
556 KB 48ms
48ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2632792060241851965

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9aa721c1cc532a687290427cad8fb4cab406df06aac334e58912acca92f8bd3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 08:16:20 GMT
x-content-type-options: nosniff
age: 244088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 568775
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 16:57:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Apr 2023 08:16:20 GMT

GET
H3 200 10990576957824796755
tpc.googlesyndication.com/simgad/ Frame 7D41 2 KB
2 KB 51ms
51ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10990576957824796755?w=100&h=100

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fcd235e4611e6ea5cd85b6a2cedce78137f942e03d022735016ae87a408184d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 10:55:30 GMT
x-content-type-options: nosniff
age: 407338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2192
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:30:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 13 Apr 2023 10:55:30 GMT

GET
H2 200 data=UO99Im0pdV9UDhLVdg0m9TxfamifxMVqcDkkhxrzXZ1rTOEQpasOwwrR-ilsePrWMLYDHW8v2H8mOAPI0_ARyrgS
mts0.google.com/vt/ Frame 7D41 89 KB
89 KB 260ms
260ms Image
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=UO99Im0pdV9UDhLVdg0m9TxfamifxMVqcDkkhxrzXZ1rTOEQpasOwwrR-ilsePrWMLYDHW8v2H8mOAPI0_ARyrgS

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

75b6e51b9932704f771a6b92774b6c7d44c1588508898cfb50975fc64a6cbb0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=220
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91274
x-xss-protection: 0
x-server-version-bin: CggIBBCV+OaSBg==
server: scaffolding on HTTPServer2
etag: 0a7c5cfe4ba706fa0
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Mon, 18 Apr 2022 05:04:28 GMT

GET
DATA 200
OK truncated
/ Frame 7D41 301 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7D41 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 7D41 0
45 B 1117ms
544ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l2470rju&c=5307962377578&slotId=2653981188789&qqid=CPTjl9rdnPcCFY22dwodufkEUg&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7D41 0
0 84ms
84ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEw_6S-NcYrSSO43t3gO585OQBaWgk5pp9ILFyZoQZBABIJvciSJgu4aAgNAKoAH5uPnbA8gBCakCJuWz7ZHptT7gAgCoAwHIA8sEqgSIAk_QYoRjTHottYtCUw9IgH9LJ9mTtGYP-F05-SxXosyL-INan76mDoKERmBFI1cPoHZDzZxUDGMfgCwl8DniFu9YTw5Hh-hdRc805WGNPE2WOEj1ewt-AfPzq7TsgM_wN0WQxn0mEnjLNA22VHnYq52BXDAo4JMOjoprNmPg1oyeGVEf-ytckn5jbRhIVPODq9OYNrQ7a-LRWMmEyA4Wfj4IKta5c7LpG1ZymDvIhwVV2hXWUne53R2WiTwHR5RjLEwKpprYzofKbjU8Qtpj2cF63bGPCXej5eZuR06RWKKm-k1vBoB5j9EYjONzJ3c7rnD9_rzdN-RfaXKazinLdTYhK5djaPK7VcAEve6v7_UD4AQBkgUECAQYAZIFBAgFGASgBi6AB7q7qDeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDbgQTSCAkIgOGAEBABGB2ACgPICwGYDInypqbtA7gToQTYEw7QFQGAFwGyFx4KHAgAEhRwdWItODI0MTA0OTQ5NzYwODk5Nxjz8RY&sigh=45QT-t28dRo&uach_m=[UACH]&template_id=545
Requested by: Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DC08 1 KB
749 B 42ms
42ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 52696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Mon, 18 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

206
Partial Content

videoplayback
rr4---sn-aigzrn7l.googlevideo.com/ Frame 7D41
Redirect Chain

https://rr3---sn-aigl6nsk.googlevideo.com/videoplayback?expire=1650283468&ei=TONcYsLrB87TgAfrw6ywCw&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&mh=C8&mm=31&mn=sn-ai...
https://rr4---sn-aigzrn7l.googlevideo.com/videoplayback?expire=1650283468&ei=TONcYsLrB87TgAfrw6ywCw&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ct...

2 MB
2 MB

94ms
33ms

Media
video/mp4

2a00:1450:401f::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-aigzrn7l.googlevideo.com/videoplayback?expire=1650283468&ei=TONcYsLrB87TgAfrw6ywCw&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1646312223580167&txp=5438434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAKCT1Wq7ZcioXJqJS2sZGsyoKfUzoxzxF-hGqLkj8L-LAiEA9DYHZLUMM9o8nbhWwvLS_sLVojjUi58KD834_7FBnp0=&cpn=z0KTYnCbL0VWJSsT&redirect_counter=1&rm=sn-aigezr7s&req_id=837b7e593a7936e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=C8&mip=2001:ac8:21:e::8&mm=31&mn=sn-aigzrn7l&ms=au&mt=1650254457&mv=m&mvi=4&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPXKo8sQR8RKNHz6qk5yFuM0Q9bwEyy1YI0SIhnMnZoAAiEArBKbBPFC77M6jWyrZjk7B2n963J5AvY190pFPWIvOIA%3D

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

2a00:1450:401f::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8bb7757ec04aff2711bde198d256780d2423ed775f144a9acd5b27358d19fdbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 03 Mar 2022 12:57:03 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1844998/1844999
Cache-Control: private, max-age=28500
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1844999
Expires: Mon, 18 Apr 2022 04:04:28 GMT

Redirect headers

Date: Mon, 18 Apr 2022 04:04:28 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: text/html
Location: https://rr4---sn-aigzrn7l.googlevideo.com/videoplayback?expire=1650283468&ei=TONcYsLrB87TgAfrw6ywCw&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1646312223580167&txp=5438434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRgIhAKCT1Wq7ZcioXJqJS2sZGsyoKfUzoxzxF-hGqLkj8L-LAiEA9DYHZLUMM9o8nbhWwvLS_sLVojjUi58KD834_7FBnp0=&cpn=z0KTYnCbL0VWJSsT&redirect_counter=1&rm=sn-aigezr7s&req_id=837b7e593a7936e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=C8&mip=2001:ac8:21:e::8&mm=31&mn=sn-aigzrn7l&ms=au&mt=1650254457&mv=m&mvi=4&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhAPXKo8sQR8RKNHz6qk5yFuM0Q9bwEyy1YI0SIhnMnZoAAiEArBKbBPFC77M6jWyrZjk7B2n963J5AvY190pFPWIvOIA%3D
Cache-Control: private, max-age=900
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Content-Length: 0
Expires: Mon, 18 Apr 2022 04:04:28 GMT

GET
DATA 200
OK truncated
/ Frame 7D41 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7fc0c29a18283e62c5a75247824d3076893464e58a9df1b7fe97d3a73cb7c0f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3AA7 0
0 81ms
80ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220413&jk=3100504603474102&bg=!BgWlBUHNAAZvJBiFTyQ7ACkAdvg8WgZZNG39K787NGUTtduFbuARN9cfQky0l2sQz5WdBWYwoZ6idgIAAACEUgAAAAFoAQcKAJOb1o2-Wi8Cj2xE23n13lQzUVT8_tfkr6ZUSsjOMRW4WXl9wJUv80h1ue91-1U99KVILdMsv0wjWwGOgRh4fQpF0KaMESOBc7x3XHdwGE1UPj-tyNqMEGC9snM1_etUkI4pKrernMezMXf1IW2YGF0-LYWoVXBrAyuHPDhBGdnrSulEiO7Ea8T7sRyK8zLwVQbttFiZArHyu9XmJoJmJ7aBEBv_ISDjBnIUexV26VjPApoiv0teLgbhBfE0ZQXeYd1i5RjXfuV-jKSbDl7rMuNaqe3AfmzFhXU_jIRc8Vuth2Lxi-ix4ugTSyRXAAsOm_vsKcbox8ww2h55oqWWcwHi2msCfKTIUeNUGDqyUBeqcLyQBbMaLixu6x9Q6VuHIqk8xhoHPevCfF5trku7kvuxmHH8uxHVh74vHStggpc1W5AYoKml6rPUpBGkdyL1KOq2k3u1Fr8S6FMi7Q9E007iGpBdPcDiScJm5wREESpmk-1P_V62DiRCCD5VmT8IprDCsFo2h9JVLTv-zmuD4zWnwmx6eCnZ7ws6sgSlhJS9cx5mVe1yNTxvFvd9Qnyujo9u_U3ZFPNfGNuMMmAjQHoWSXYD6afghx6JLH_0ZGNbq47fgiJBRhZ93b-ad20Cfkta6sfQXuKPvcvpe9W3-DTdf7K9kuFDQoVKd0dnV49gvhas5wqRJDfxi2HoXbY_fyq9CH_jNNUiTlcEW9fjQwq6_ueJWmoYgf6Xz3BNwg3vrUb26IheXek4Iatj21yQryHzONW9bJFY1h2khSg9REP8hyqsv64B6PQL5I_iG2FLWDWJh9qaOsZ5hw8WfocSqiUVFjvMUmRuhj1IObE3LHeE7F9302_EloWpuKc4k64OQ61_Vm6F4kY7QoSjNKk2w7MN61cZ100CEI52oBwfh-diKfEOTa7M6W-SXBCupwDf7QXy83QKsoyXYReJtQqG5vH4JEhSzfTpIl0xvhV9orz6pou07Nb52SWXuwD6BL4WF7AlsWhTewpVDNlgugL_4eTMr4fNebM9Lh4TAUOlPiPl1jlAxuLEG_gUezYKB0IO9dgjTndTrvksMlKY_7c4eXeN9XTY3QZq3nIn4nzqaOXvPTTl5-ueww
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame F763 0
318 B 809ms
277ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l2470rig&c=1399602691105&slotId=699801345552.5&qqid=CNL9jNrdnPcCFZS4dwodASUF_g&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F583c04eba622323b1bc7d6fda2f57e1e.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F763 0
45 B 810ms
278ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~l2470rl2&c=1399602691105&slotId=699801345552.5&qqid=CNL9jNrdnPcCFZS4dwodASUF_g&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffca94b193e7af05659a5faeacaa310f3.js%253Ftag%253Dvideo_location%252Fweb_och&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame F763 0
45 B 1077ms
545ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~l2470rl3&c=1399602691105&slotId=699801345552.5&qqid=CNL9jNrdnPcCFZS4dwodASUF_g&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffb084ba56019ecef1e967c41e75d05fd.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame B2AB
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAMqiySqybvEmq2ZqnPwn54&google_cver=1&google_push=AYg5qPINTrg0t_gd49VQY0-3lepn4PKUZXQgxHkg8bvqmwLaX20D0iK16UCybtaFB6TtWIZlWX4oFh9b0lwwpThbqS12jNNEmIRX_A
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODg0OTI5NTUyODk1ODg2MjIyNQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAMqiySqybvEmq2ZqnPwn54&google_cver=1

43 B
398 B

170ms
112ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAMqiySqybvEmq2ZqnPwn54&google_cver=1
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAMqiySqybvEmq2ZqnPwn54&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame B2AB
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECRFzCZUB9D5Z7fjFpVLgfE&google_cver=1&google_push=AYg5qPKZgv7C2f3WeIaXvwLakA-qZkw28A-XoQunuWAetWhWm-VFCEu9Cbz3fM78JoNqxJhSan3lNxF9sE_dAiYBW8By1Lzxlu-9&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECRFzCZUB9D5Z7fjFpVLgfE&google_cver=1&google_push=AYg5qPKZgv7C2f3WeIaXvwLakA-qZkw28A-XoQunuWAetWhWm-VFCEu9Cbz3fM78JoNqxJhSan3lNxF9sE_dAiYBW8By1Lzxlu-...

43 B
440 B

231ms
231ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECRFzCZUB9D5Z7fjFpVLgfE&google_cver=1&google_push=AYg5qPKZgv7C2f3WeIaXvwLakA-qZkw28A-XoQunuWAetWhWm-VFCEu9Cbz3fM78JoNqxJhSan3lNxF9sE_dAiYBW8By1Lzxlu-9&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKZgv7C2f3WeIaXvwLakA-qZkw28A-XoQunuWAetWhWm-VFCEu9Cbz3fM78JoNqxJhSan3lNxF9sE_dAiYBW8By1Lzxlu-9%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6fda844078c601db-ZRH
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 2290
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6fda843eafd201db-ZRH
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECRFzCZUB9D5Z7fjFpVLgfE&google_cver=1&google_push=AYg5qPKZgv7C2f3WeIaXvwLakA-qZkw28A-XoQunuWAetWhWm-VFCEu9Cbz3fM78JoNqxJhSan3lNxF9sE_dAiYBW8By1Lzxlu-9&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKZgv7C2f3WeIaXvwLakA-qZkw28A-XoQunuWAetWhWm-VFCEu9Cbz3fM78JoNqxJhSan3lNxF9sE_dAiYBW8By1Lzxlu-9%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B2AB
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENxw3c5HIfWZW64bqBkzztY&google_push=AYg5qPLaLWo9dQ9WVvByCfRcwe950P6yiYJZEqQAUN_12E1jXv8dphfIJJ...

170 B
188 B

120ms
95ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENxw3c5HIfWZW64bqBkzztY&google_push=AYg5qPLaLWo9dQ9WVvByCfRcwe950P6yiYJZEqQAUN_12E1jXv8dphfIJJoe0Brtq0ml9T-vGIfQn3KqNMDqKw8RepTFdwF1nZIzEw

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1650254669.553349,VS0,VE79
x-served-by: cache-lcy19233-LCY
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESENxw3c5HIfWZW64bqBkzztY&google_push=AYg5qPLaLWo9dQ9WVvByCfRcwe950P6yiYJZEqQAUN_12E1jXv8dphfIJJoe0Brtq0ml9T-vGIfQn3KqNMDqKw8RepTFdwF1nZIzEw
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame B2AB 70 B
265 B 129ms
40ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESELu5L5m_SNey2MZqp7hG8s0&google_cver=1&google_push=AYg5qPIcPNd-4MDhTvFab8w0XbwrEBXLkZFFbLWVhYUv-dE1nLYQY_B9wZ40syimOVALOE_zJp4pWuSBHczBN0Aa7q9W8GaEr7io
Requested by: Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B2AB
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBTxJ0fZ525t6lRGo_rogno&google_cver=1&google_push=AYg5qPLuNuk3gfB-5J62PwpYKzUm9u_tjRKj4RkO7cDLyYlLNtppI8u8j77yV3qc4FCeVqVVMi5o6xee...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBTxJ0fZ525t6lRGo_rogno&google_cver=1&google_push=AYg5qPLuNuk3gfB-5J62PwpYKzUm9u_tjRKj4RkO7cDLyYlLNtppI8u8j77yV3qc4FCeVqVVMi5...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc4NDczNDQ0OTE4MDUyOTc3Ng&google_push=AYg5qPLuNuk3gfB-5J62PwpYKzUm9u_tjRKj4RkO7cDLyYlLNtppI8u8j77yV3qc4FCeVqVVMi5o6x...

170 B
188 B

92ms
91ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc4NDczNDQ0OTE4MDUyOTc3Ng&google_push=AYg5qPLuNuk3gfB-5J62PwpYKzUm9u_tjRKj4RkO7cDLyYlLNtppI8u8j77yV3qc4FCeVqVVMi5o6xee1TA9giIxxeek5UosekFVZA

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc4NDczNDQ0OTE4MDUyOTc3Ng&google_push=AYg5qPLuNuk3gfB-5J62PwpYKzUm9u_tjRKj4RkO7cDLyYlLNtppI8u8j77yV3qc4FCeVqVVMi5o6xee1TA9giIxxeek5UosekFVZA
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame B2AB 0
474 B 164ms
34ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPKLr0un-LvKi3dzStFOhenTQUJGxwxcViCa4pDy2hAPy7_JScNgFHuWoFf-PNKezIuPSgcqSk3LixS3qZXFlHDj62VhZPq82g%26google_hm%3D%5BUID%5D&google_gid=CAESEFUhTgqZPvPYkXhgI4NYyk4&google_cver=1

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 04:04:28 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B2AB
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEB44wqX6GBgviCb2WNHLZ1c&google_cver=1&google_push=AYg5qPJVOzfLcx2CAoEgUJZah01ic422o9054yzneFj2P7pmBJQYrRBoGYkzsWohRiPAUzdylNlDyvaW_6FkNVdj4dYXXFsTA...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzMjU2MjY4NTAxMTYyOTAwMFYxMA%3d%3d&mn_hm=MjkzMjU2MjY4NTAxMTYyOTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJVOzfLcx2CAoEgUJZah01ic42...

170 B
188 B

97ms
94ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzMjU2MjY4NTAxMTYyOTAwMFYxMA%3d%3d&mn_hm=MjkzMjU2MjY4NTAxMTYyOTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJVOzfLcx2CAoEgUJZah01ic422o9054yzneFj2P7pmBJQYrRBoGYkzsWohRiPAUzdylNlDyvaW_6FkNVdj4dYXXFsTAkHOgQ&gdpr=&gdpr_consent=

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 04:04:28 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkzMjU2MjY4NTAxMTYyOTAwMFYxMA%3d%3d&mn_hm=MjkzMjU2MjY4NTAxMTYyOTAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPJVOzfLcx2CAoEgUJZah01ic422o9054yzneFj2P7pmBJQYrRBoGYkzsWohRiPAUzdylNlDyvaW_6FkNVdj4dYXXFsTAkHOgQ&gdpr=&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html
Content-Length: 154
X-MNET-HL2: E
Expires: Mon, 18 Apr 2022 04:04:28 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B2AB 0
232 B 147ms
48ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRxJ54KiZvFXaLqx2SYXI-uZOvwIKAfwXcfuBiycYPLDXw94pUCTMsSRWLjd3MF1RfSz5m

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 204 csi
csi.gstatic.com/ Frame 7D41 0
45 B 1068ms
546ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l2470rjy&c=5307962377578&slotId=2653981188789&qqid=CPTjl9rdnPcCFY22dwodufkEUg&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F583c04eba622323b1bc7d6fda2f57e1e.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7D41 0
45 B 801ms
279ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~l2470rld&c=5307962377578&slotId=2653981188789&qqid=CPTjl9rdnPcCFY22dwodufkEUg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffca94b193e7af05659a5faeacaa310f3.js%253Ftag%253Dvideo_location%252Fweb_och&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7D41 0
45 B 800ms
279ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~l2470rle&c=5307962377578&slotId=2653981188789&qqid=CPTjl9rdnPcCFY22dwodufkEUg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffb084ba56019ecef1e967c41e75d05fd.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC08
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAc7K_TWVU1GmAYgdNwyV-A&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEAc7K_TWVU1GmAYgdNwyV-A&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aXRBSWl5OEIxTkdpQ001&google_gid=CAESEAc7K_TWVU1GmAYgdNwyV-A&google_cver=1&google_push=AYg5qPIeRagy-WGRQvEs62Gnds1xLN0tS9cD0g6oPeFYtRx...

170 B
188 B

55ms
54ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aXRBSWl5OEIxTkdpQ001&google_gid=CAESEAc7K_TWVU1GmAYgdNwyV-A&google_cver=1&google_push=AYg5qPIeRagy-WGRQvEs62Gnds1xLN0tS9cD0g6oPeFYtRxsSQZ4oAQtCyKcgTGQM0O4xFiYlC3bUjSaFBwUTPWmHF1Uc6_SBw

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 04:04:28 GMT
Server: PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-04fd973f611872bb0@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aXRBSWl5OEIxTkdpQ001&google_gid=CAESEAc7K_TWVU1GmAYgdNwyV-A&google_cver=1&google_push=AYg5qPIeRagy-WGRQvEs62Gnds1xLN0tS9cD0g6oPeFYtRxsSQZ4oAQtCyKcgTGQM0O4xFiYlC3bUjSaFBwUTPWmHF1Uc6_SBw
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC08
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEJIC6bJXN_FvvXw1qr2T99s&google_cver=1&google_push=AYg5qPJslzoXnbf0XOk_oeX70bDPEmiEtGs8gMZAkhD8hSa5cMuC9lV3f7ocaJd7tK7gR1l-3M-UJ...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPJslzoXnbf0XOk_oeX70bDPEmiEtGs8gMZAkhD8hSa5cMuC9lV3f7ocaJd7tK7gR1l-3M-UJgfRAhALcbdS6eI_QJw5zw

170 B
188 B

55ms
54ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPJslzoXnbf0XOk_oeX70bDPEmiEtGs8gMZAkhD8hSa5cMuC9lV3f7ocaJd7tK7gR1l-3M-UJgfRAhALcbdS6eI_QJw5zw

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 18 Apr 2022 04:04:27 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 55AFF927B8EA4CC38F96DE2870B819E8 Ref B: LON21EDGE2206 Ref C: 2022-04-18T04:04:28Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AYg5qPJslzoXnbf0XOk_oeX70bDPEmiEtGs8gMZAkhD8hSa5cMuC9lV3f7ocaJd7tK7gR1l-3M-UJgfRAhALcbdS6eI_QJw5zw
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXc5dtP3ehjhBFoKek1og==

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame DC08
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEKF1mLXsB98sEp8oCFctccQ&google_cver=1&google_push=AYg5qPKGxVXweHnCA9IBqdIH8vwVUjMOrldIW3SZaltpHQIj_v1RD1aOz5s747GPp2yGELURUdnbty2D5w6...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKGxVXweHnCA9IBqdIH8vwVUjMOrldIW3SZaltpHQIj_v1RD1aOz5s747GPp2yGELURUdnbty2D5w6j3gG2HycROINt6DI&google_hm=9smg8rt7TjGMtwus496yiWQ

170 B
329 B

57ms
57ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKGxVXweHnCA9IBqdIH8vwVUjMOrldIW3SZaltpHQIj_v1RD1aOz5s747GPp2yGELURUdnbty2D5w6j3gG2HycROINt6DI&google_hm=9smg8rt7TjGMtwus496yiWQ

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPKGxVXweHnCA9IBqdIH8vwVUjMOrldIW3SZaltpHQIj_v1RD1aOz5s747GPp2yGELURUdnbty2D5w6j3gG2HycROINt6DI&google_hm=9smg8rt7TjGMtwus496yiWQ
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame DC08 0
173 B 111ms
41ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEO8DJJYMHjYy5kG7sPfFRiE&google_cver=1&google_push=AYg5qPIYdYZYZQdMLgEGrL7kiMgEj118cfJ4NX50xqHezqkH5brzgSGwvj-EfIG8R32JLVPPx7zQ8O4DNZHnWNcpP9Y19qFKYyY
Requested by: Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC08
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEEeNQBLu0giGMJ7xaYz7Jiw&google_cver=1&google_push=AYg5qPIDHSqLXgRcSTjbBgFU-oKJC0Hrq_RkAa7I6qXujJelb0xVYUeskRl5FKfTVOiMqd3pjA-JYwA2uxLvop...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4Nzc4OTgyOTE0MDU3NjM5Nw%3D%3D&google_push=AYg5qPIDHSqLXgRcSTjbBgFU-oKJC0Hrq_RkAa7I6qXujJelb0xVYUeskRl5FKfTVOiMqd3pjA-JYwA2uxLvopRbBc...

170 B
188 B

145ms
95ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4Nzc4OTgyOTE0MDU3NjM5Nw%3D%3D&google_push=AYg5qPIDHSqLXgRcSTjbBgFU-oKJC0Hrq_RkAa7I6qXujJelb0xVYUeskRl5FKfTVOiMqd3pjA-JYwA2uxLvopRbBcIgGg33myY

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA4Nzc4OTgyOTE0MDU3NjM5Nw%3D%3D&google_push=AYg5qPIDHSqLXgRcSTjbBgFU-oKJC0Hrq_RkAa7I6qXujJelb0xVYUeskRl5FKfTVOiMqd3pjA-JYwA2uxLvopRbBcIgGg33myY
Date: Mon, 18 Apr 2022 04:04:28 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DC08
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBBh79r5v8IXpREeiz2GPWI&google_cver=1&google_push=AYg5qPK3Irm8nWC0lAuMztZzGQKUCHc0BrXx3ERsRMDyxXaS4cXnD8kJoFl2733paBN1msxTMIXWZi5I0Jec165U2k5E4Sx...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK3Irm8nWC0lAuMztZzGQKUCHc0BrXx3ERsRMDyxXaS4cXnD8kJoFl2733paBN1msxTMIXWZi5I0Jec165U2k5E4SxMblE&google_hm=Mzc1NTkxNTY0MjQyMjc1MTQ...

170 B
188 B

133ms
94ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK3Irm8nWC0lAuMztZzGQKUCHc0BrXx3ERsRMDyxXaS4cXnD8kJoFl2733paBN1msxTMIXWZi5I0Jec165U2k5E4SxMblE&google_hm=Mzc1NTkxNTY0MjQyMjc1MTQyOA%3D%3D

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 18 Apr 2022 04:04:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPK3Irm8nWC0lAuMztZzGQKUCHc0BrXx3ERsRMDyxXaS4cXnD8kJoFl2733paBN1msxTMIXWZi5I0Jec165U2k5E4SxMblE&google_hm=Mzc1NTkxNTY0MjQyMjc1MTQyOA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

204

/
onetag-sys.com/sync/i,19/ Frame DC08
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEF2iM2efRSiOl_zY_rqTmQ8&google_cver=1&google_push=AYg5qPK9DyrF9u-7r7naseg5uBbu1hapJG_3WEpzDJADglznubHeJ74hH3bbVyeTVebxQSa0fzZQTkfmi6K...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPK9DyrF9u-7r7naseg5uBbu1hapJG_3WEpzDJADglznubHeJ74hH3bbVyeTVebxQSa0fzZQTkfmi6K4d0sLxfedBDCVGW0
https://onetag-sys.com/sync/i,19/?google_error=5

0
148 B

48ms
47ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,19/?google_error=5

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/sync/i,19/?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame DC08 0
40 B 130ms
48ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IV9f5SWswN4d1NCtVm-4cFg1NylC8ha_Q7KFtslsyvEoXJYZmjziAeF_EBzEnzs9i0TYAfDQ

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 7D41 28 KB
28 KB 43ms
41ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 451066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:46:42 GMT

GET
H3 200 container.html Show response
a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7F0E 6 KB
3 KB 47ms
47ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041301.js?cb=31067111

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ivona.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 04:04:27 GMT
expires: Tue, 18 Apr 2023 04:04:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 55ms
54ms Image
text/html 185.132.133.134
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=RERpMXZxbkp6b3F0TWswMTh6bDBJNU9uQkY1QVYxK2xYRzVmSUpWOTd2azdhOEh3SDNxaTBVRHpraUtSQk1RSzlJSm1LcERKSExRdWNQWVFuakZhRDZJbmVJbC9ONHA1VU1Wb1RJSVdKbkdYVWErd0tQUmc4bUxLK0JhOEM1ZWFMVWZaUGFvZ2pIZEZxZDlmOWZPNXNGVjVOdTBENSt4cXV1ZnFQYnNFdWtDU256dnBRbHFjMEYyK3hzd24rZnJvSlo1blpmTXFlT1lhR1dMRCt0MzhJc09mYUJ0cXBrNVBUN0hya2lZNCt5YTVNdVB4YXJDNDV3SGtTNWRIbjI0SA%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: ivona.ua
URL: https://ivona.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-132-133-134.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 04:04:28 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 7F0E 9 KB
4 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 05:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 13:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 05:51:12 GMT

GET
H3 200 fca94b193e7af05659a5faeacaa310f3.js Show response
www.gstatic.com/mysidia/ Frame 7F0E 131 KB
49 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17a3183d5f9e5b96da5405fdbd9012f31508b75c2a3475ef0251cf81e6a6f19a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 05:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339766
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49827
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:43:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 13 Jul 2022 05:41:42 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 7F0E 8 KB
892 B 53ms
53ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 03:22:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 18 Apr 2022 04:04:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 18 Apr 2022 04:04:28 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 7F0E 2 KB
904 B 43ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2743
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:18:45 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame 7F0E 19 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:44:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:44:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 7F0E 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 762
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:51:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F0E 119 KB
36 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Apr 2022 04:04:28 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 7F0E 15 KB
6 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 03:35:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 03:35:44 GMT

GET
H3 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame 7F0E 29 KB
12 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 16 Apr 2022 14:53:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133851
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Wed, 13 Apr 2022 00:43:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 15 Jul 2022 14:53:37 GMT

GET
H3 200 15737207707488305464
tpc.googlesyndication.com/simgad/ Frame 7F0E 563 KB
563 KB 47ms
46ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15737207707488305464

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0befd7031bbadb5e73cee0418fbe559113d1e319daaf64a9e86126fa630bfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 15 Apr 2022 07:39:40 GMT
x-content-type-options: nosniff
age: 246288
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 576853
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 16:57:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 15 Apr 2023 07:39:40 GMT

GET
H3 200 10990576957824796755
tpc.googlesyndication.com/simgad/ Frame 7F0E 2 KB
2 KB 46ms
44ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10990576957824796755?w=100&h=100

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fcd235e4611e6ea5cd85b6a2cedce78137f942e03d022735016ae87a408184d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 10:55:30 GMT
x-content-type-options: nosniff
age: 407338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2192
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:30:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 13 Apr 2023 10:55:30 GMT

GET
H3 200 data=ZRDOmt9VxtAv4gHpjnnO45ukBQCJQnp9vaNbITdYZIclvJBXO_12boeHJlA32zssqA_MzbhKc6GEWp8XOv9WkETA
mts0.google.com/vt/ Frame 7F0E 42 KB
42 KB 297ms
226ms Image
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=ZRDOmt9VxtAv4gHpjnnO45ukBQCJQnp9vaNbITdYZIclvJBXO_12boeHJlA32zssqA_MzbhKc6GEWp8XOv9WkETA

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

4440ecad63f74d44c2d9a603a233bd55352c6b2aa567dcc3691c3029901123ca

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=132
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42890
x-xss-protection: 0
x-server-version-bin: CggIBBCV+OaSBg==
server: scaffolding on HTTPServer2
etag: 0e002e1417619653e
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Mon, 18 Apr 2022 05:04:28 GMT

GET
DATA 200
OK truncated
/ Frame 7F0E 301 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 7F0E 418 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 7F0E 0
45 B 876ms
545ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l2470rqj&c=1096782462690&slotId=548391231345&qqid=CKmxodrdnPcCFQ-pdwoddiwLBg&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ulc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7F0E 0
0 121ms
121ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEXV-TONcYqnbB4_S3gP22KwwpaCTmmns_sTJmhBkEAEggpa3dmC7hoCA0AqgAfm4-dsDyAEJqQIm5bPtkem1PuACAKgDAcgDywSqBP4BT9C7G96qfTaFf7HoVUNGmSeHc7qW4gHAiQrWyqGbUe23Tj9qFicfJoeGafejCtbPFMsEavK2kbLdq12ltf35OJnJqWe2f9gFUtfMLLvFTUwscoOCdhsyx8Chf4AciN7S1bY4lJGxnpb7EoTNTEOJrr2QdAI61nMMMiPddD4XePC06HibJ1F4eK1DQzdq75f6eqxu_kS5Eg19cYftGVUCpAOEtfrhkyKjBE0r2dpqqYu9OpM40nVmfnwCHNnkczB0QE6ejRQFA_GfIf5Xo5vm7KE1qFhytnbB2HTk7WaJ9jqM39JakOOMtdpjWVuWJ3LuJvksSim5m0JH1Cjpv-7ABL3ur-_1A-AEAZIFBAgEGAGSBQQIBRgEoAYugAe6u6g3qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQk8YD0ggJCIDhgBAQARgdgAoByAsBmAyJ8qam7QO4E6EE2BMO0BUBgBcBshceChwIABIUcHViLTg2MTAwNTA2MTQ2NDUyNjMY7b5x&sigh=57L9E8lXzlQ&uach_m=[UACH]&template_id=545
Requested by: Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 07A6 1 KB
749 B 80ms
79ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 52696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Mon, 18 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

206

videoplayback
rr4---sn-aigzrn7l.googlevideo.com/ Frame 7F0E
Redirect Chain

https://rr3---sn-aigl6nsk.googlevideo.com/videoplayback?expire=1650283468&ei=TONcYqfmF4j61gKHiZjgCQ&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&mh=C8&mm=31&mn=sn-ai...
https://rr4---sn-aigzrn7l.googlevideo.com/videoplayback?expire=1650283468&ei=TONcYqfmF4j61gKHiZjgCQ&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ct...

2 MB
2 MB

167ms
87ms

Media
video/mp4

2a00:1450:401f::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr4---sn-aigzrn7l.googlevideo.com/videoplayback?expire=1650283468&ei=TONcYqfmF4j61gKHiZjgCQ&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1646312223580167&txp=5438434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgXb2luKbin3BiAKKnkL7dhkXk0TC-vPNiWg47UL1e3pgCIQClv_jVBCRSKG79olzCdbR2QT2IwROi_mw9FsQmr8BEEA==&cpn=gN1_IxstCOfFZw_y&redirect_counter=1&rm=sn-aigezr7s&req_id=155a42924ad336e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=C8&mip=2001:ac8:21:e::8&mm=31&mn=sn-aigzrn7l&ms=au&mt=1650254457&mv=m&mvi=4&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALWizjfD5-q3J4vgZ6Txw-WdYjdgBYOj0bFJUH05AEvaAiEA_YJyudirL9PfcR-5undwzuXsRn4Rl7njOS0KcM471s4%3D

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:401f::9 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

8bb7757ec04aff2711bde198d256780d2423ed775f144a9acd5b27358d19fdbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Mar 2022 12:57:03 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-1844998/1844999
client-protocol: quic
cache-control: private, max-age=28500
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1844999
expires: Mon, 18 Apr 2022 04:04:28 GMT

Redirect headers

date: Mon, 18 Apr 2022 04:04:28 GMT
x-content-type-options: nosniff
last-modified: Wed, 02 May 2007 10:26:10 GMT
server: gvs 1.0
vary: Origin
content-type: text/html
location: https://rr4---sn-aigzrn7l.googlevideo.com/videoplayback?expire=1650283468&ei=TONcYqfmF4j61gKHiZjgCQ&ip=217.138.196.100&id=85a5694f350c8bc0&itag=18&source=youtube&requiressl=yes&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=20.062&lmt=1646312223580167&txp=5438434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRQIgXb2luKbin3BiAKKnkL7dhkXk0TC-vPNiWg47UL1e3pgCIQClv_jVBCRSKG79olzCdbR2QT2IwROi_mw9FsQmr8BEEA==&cpn=gN1_IxstCOfFZw_y&redirect_counter=1&rm=sn-aigezr7s&req_id=155a42924ad336e2&cms_redirect=yes&cmsv=e&ipbypass=yes&mh=C8&mip=2001:ac8:21:e::8&mm=31&mn=sn-aigzrn7l&ms=au&mt=1650254457&mv=m&mvi=4&pl=48&lsparams=ipbypass,mh,mip,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRgIhALWizjfD5-q3J4vgZ6Txw-WdYjdgBYOj0bFJUH05AEvaAiEA_YJyudirL9PfcR-5undwzuXsRn4Rl7njOS0KcM471s4%3D
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
content-length: 0
expires: Mon, 18 Apr 2022 04:04:28 GMT

GET
DATA 200
OK truncated
/ Frame 7F0E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 933c693f9c03782733231fbc99562e01d13b26aef7e9942b0a8e5d361d4b2297

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 7F0E 28 KB
28 KB 80ms
80ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 22:46:42 GMT
x-content-type-options: nosniff
age: 451066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Apr 2023 22:46:42 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7F0E 0
45 B 567ms
277ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l2470rqo&c=1096782462690&slotId=548391231345&qqid=CKmxodrdnPcCFQ-pdwoddiwLBg&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F583c04eba622323b1bc7d6fda2f57e1e.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7F0E 0
45 B 835ms
546ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~l2470rrt&c=1096782462690&slotId=548391231345&qqid=CKmxodrdnPcCFQ-pdwoddiwLBg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffca94b193e7af05659a5faeacaa310f3.js%253Ftag%253Dvideo_location%252Fweb_och&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7F0E 0
45 B 835ms
546ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~l2470rru&c=1096782462690&slotId=548391231345&qqid=CKmxodrdnPcCFQ-pdwoddiwLBg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffb084ba56019ecef1e967c41e75d05fd.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame F763 42 B
64 B 68ms
67ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CfPd_S-NcYpKsMJTx3gOBypTwD6Wgk5pp5InFyZoQZBABIJvciSJgu4aAgNAKoAH5uPnbA8gBCakCJuWz7ZHptT7gAgCoAwHIA8sEqgSOAk_QES9cs1Ng_4FYbWdDv4TZFm_etNt7f26ETTZWLMnn4qJiqngs2RF1IerDFFzGcAhMbvLrfke7sTaEUrki0aO7lld7rOoLs6R29GItGjMvSWC3wRNw2aERfJP4IjafEYhGmPoGg2LDuAGQsQTcsGZYgXp-w4v85tCr-lPYweHiZfqHpgp9mxWrKpN6JZE2rv1P-o6kxLUzPGXw5HCbqTeBNwvZi8v_wyLSMqT0LTU2CXHQqDckUfNxMzqShOJ75MUPx7JN5zhvNDAFq66sbt4MwTX3Hx1oWt-bh0ksJteEePjUP21ynnDYGhjkgW4eY-aBejeAIzZdmKII7S080brjKmvXhQ7cQXePMJKPFMAEve6v7_UD4AQBoAYugAe6u6g3qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdsQkLhhJeXEWYloAKA4oKgwJodHRwczovL2NsaWNrc2VydmUuZGFydHNlYXJjaC5uZXQvbGluay9jbGljaz8mZHNfYV9jaWQ9MTE3NjA5MDUwJmRzX2FfY2FpZD0xNjU2ODY0MjU0NCZkc19hX2FnaWQ9MTM0NzE5NzMxNTE3JmRzX2FfZmlpZD0mZHNfYV9saWQ9JmRzX2FfZXh0aWQ9JiZkc19lX2FkaWQ9NTkxNTYxODEwNzE1JmRzX2VfbWF0Y2h0eXBlPWNvbnRlbnQmZHNfZV9kZXZpY2U9YyZkc19lX25ldHdvcms9ZCYmZHNfdXJsX3Y9MiZkc19kZXN0X3VybD17dW5lc2NhcGVkbHB1cmx9mAsByAsB4AsBgAwBmAyJ8qam7QO4DAG4E6EE2BMO0BUB-BYBgBcB&sigh=rtJeMsV-ngk&cid=CAQSOwCNIrLMgeoUWFZtW2jarN2rZwALu8R7mZ6YXMfPApKxX-aQXKWeM0tV8848jkjXHVQCqXiSmLolk7sH&label=adresume

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9AAD 35 KB
13 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 06:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 06:28:17 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 07A6 35 B
362 B 49ms
44ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEN-knugpfwP6GRwKe-PgjPA&google_cver=1&google_push=AYg5qPL6As1jfmRETOzFyyJB2F4ZlxRXPcdv6AX5TYaXXrUCtHJm4_SZLGLpo76xaGUSefC6FlbOMGSjyeWvqIVqSIHJZvxwjg

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07A6
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPIhxiF6zaktjNtpZsYF3LsUwDgebXVvDw5CB3hZeIHLTVz2AiFKOfx_GBD2S6rVR3b-pU1I1QK814xRLKkxiz_s0_-fxw&google_gid=CAESEBGqOmizTfZUzYcf9jQLL9U&googl...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMzG85IGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBJaHhpRjZ6YWt0ak50cFpzWUYzTHNVd0RnZWJYVnZEdzVDQjNoWmVJSExUVnoyQWlGS09meF9HQkQyUzZyVlIzYi1wVTFJMVFLODE0eFJMS2...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaUM2QkFHNlJzMGpBcHJuZG5xR29yWUlhOWl1WWVEQ1RVcmJvN1g4NDZ2RQ==&google_push

170 B
188 B

77ms
77ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaUM2QkFHNlJzMGpBcHJuZG5xR29yWUlhOWl1WWVEQ1RVcmJvN1g4NDZ2RQ==&google_push

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 18 Apr 2022 04:04:28 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwaUM2QkFHNlJzMGpBcHJuZG5xR29yWUlhOWl1WWVEQ1RVcmJvN1g4NDZ2RQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07A6
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJq2TG8...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJq2TG8...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MTgwNDA0MjkwMDAxOTY5ODYzNTg5Nw%3D%3D&google_push=AYg5qPJq2TG8z7A-W-9q0a-goSEhWQLUUsj2F6LB1sARrY0EmgRkCJQ-LRnFZdGVORcB5E...

170 B
188 B

51ms
51ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MTgwNDA0MjkwMDAxOTY5ODYzNTg5Nw%3D%3D&google_push=AYg5qPJq2TG8z7A-W-9q0a-goSEhWQLUUsj2F6LB1sARrY0EmgRkCJQ-LRnFZdGVORcB5EvScuA3cKpYLrNE3THUxro1_0lv0Q

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MTgwNDA0MjkwMDAxOTY5ODYzNTg5Nw%3D%3D&google_push=AYg5qPJq2TG8z7A-W-9q0a-goSEhWQLUUsj2F6LB1sARrY0EmgRkCJQ-LRnFZdGVORcB5EvScuA3cKpYLrNE3THUxro1_0lv0Q
pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Mon, 18 Apr 2022 04:04:29 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07A6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZVscLdV9TQyIcWR8k-A5PA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

52ms
51ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZVscLdV9TQyIcWR8k-A5PA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKX4b6Or9hgd8l4uQa8fAdfpvdqoThxElqcghcXKIuRhYHI2NS8CPQQAzSincEX8YoOKuNHMlePQoZz5dagBR6bnaPV_sI

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZVscLdV9TQyIcWR8k-A5PA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKX4b6Or9hgd8l4uQa8fAdfpvdqoThxElqcghcXKIuRhYHI2NS8CPQQAzSincEX8YoOKuNHMlePQoZz5dagBR6bnaPV_sI
date: Mon, 18 Apr 2022 04:04:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 07A6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECQmxT60pO4D-adfPcPBgGo&google_cver=1&google_push=AYg5qPLG_WMb-l-9EA2qZd6nt_rhlCVB9g4ExQmv2NhCkg7g0eGs44nH9iHNabd-w6YhJEJsfNW...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI0NzBSWlUtMjUtNjJXUQ==&google_push=AYg5qPLG_WMb-l-9EA2qZd6nt_rhlCVB9g4ExQmv2NhCkg7g0eGs44nH9iHNabd-w6YhJEJsfNWR9MneFgmDH2ftp7_ObUIXu1k

170 B
188 B

70ms
70ms

Image
image/png

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI0NzBSWlUtMjUtNjJXUQ==&google_push=AYg5qPLG_WMb-l-9EA2qZd6nt_rhlCVB9g4ExQmv2NhCkg7g0eGs44nH9iHNabd-w6YhJEJsfNWR9MneFgmDH2ftp7_ObUIXu1k

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDI0NzBSWlUtMjUtNjJXUQ==&google_push=AYg5qPLG_WMb-l-9EA2qZd6nt_rhlCVB9g4ExQmv2NhCkg7g0eGs44nH9iHNabd-w6YhJEJsfNWR9MneFgmDH2ftp7_ObUIXu1k
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 07A6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdk...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 07A6 43 B
296 B 467ms
36ms Image
image/gif 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBPqoJ8nZiys97dNu6JAl3w&google_cver=1&google_push=AYg5qPJwHdEB9MwjXqqzNeR3eTPR21lFTAJNDO-zTwkRRxGP-Bz1-horLX1UU_ROoherZgq1KTMAGVFARsfq0bCvC2LE-2pSIZs
Requested by: Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 07A6 0
12 B 54ms
53ms Image
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LeRvLGX_8l0MI8Vc6exhB7YRJX65BhSt23pldvaNRlC8zlZCYGecHujosyxDULo-PL6rJU

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 04:04:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7D41 42 B
64 B 110ms
110ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=Cg3YdS-NcYrSSO43t3gO585OQBaWgk5pp9ILFyZoQZBABIJvciSJgu4aAgNAKoAH5uPnbA8gBCakCJuWz7ZHptT7gAgCoAwHIA8sEqgSLAk_QYoRjTHottYtCUw9IgH9LJ9mTtGYP-F05-SxXosyL-INan76mDoKERmBFI1cPoHZDzZxUDGMfgCwl8DniFu9YTw5Hh-hdRc805WGNPE2WOEj1ewt-AfPzq7TsgM_wN0WQxn0mEnjLNA22VHnYq52BXDAo4JMOjoprNmPg1oyeGVEf-ytckn5jbRhIVPODq9OYNrQ7a-LRWMmEyA4Wfj4IKta5c7LpG1ZymDvIhwVV2hXWUne53R2WiTwHR5RjLEwKpprYzofKbjU8Qtpj2cF63bGPCXej5eZuR06RWKLk-Gz93X_cyR69oArwNpOQsGz3QrbzL1eh8mN-b4vdWS748Solp9c_GRwzxMAEve6v7_UD4AQBoAYugAe6u6g3qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgdsQkLhhJeXEWYloAKA4oKgwJodHRwczovL2NsaWNrc2VydmUuZGFydHNlYXJjaC5uZXQvbGluay9jbGljaz8mZHNfYV9jaWQ9MTE3NjA5MDUwJmRzX2FfY2FpZD0xNjU2ODY0MjU0NCZkc19hX2FnaWQ9MTM0NzE5NzMxNTE3JmRzX2FfZmlpZD0mZHNfYV9saWQ9JmRzX2FfZXh0aWQ9JiZkc19lX2FkaWQ9NTkxNTYxODEwNjg1JmRzX2VfbWF0Y2h0eXBlPWNvbnRlbnQmZHNfZV9kZXZpY2U9YyZkc19lX25ldHdvcms9ZCYmZHNfdXJsX3Y9MiZkc19kZXN0X3VybD17dW5lc2NhcGVkbHB1cmx9mAsByAsB4AsBgAwBmAyJ8qam7QO4DAG4E6EE2BMO0BUB-BYBgBcB&sigh=U4q_2eSRs3A&cid=CAQSOwCNIrLMU2lHV3WBxbSTgLlTmdfG4VAx2ZTifyHT_mx91R6FumGg74bEDygb3C7CzOuRB0Jcq5DAkYJ5&label=adresume

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame C87A 35 KB
13 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 06:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 06:28:17 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7D41 42 B
64 B 111ms
111ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7D41 0
54 B 394ms
280ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~l2470rle&c=5307962377578&slotId=2653981188789&qqid=CPTjl9rdnPcCFY22dwodufkEUg&dm=20062&event_name=first_play&asset_bytes=21503&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.l2470rwo
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7D41 0
45 B 393ms
279ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~l2470rwp&c=5307962377578&slotId=2653981188789&qqid=CPTjl9rdnPcCFY22dwodufkEUg&dm=20062&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F583c04eba622323b1bc7d6fda2f57e1e.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7D41 0
45 B 547ms
546ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=7~l2470rwp&c=5307962377578&slotId=2653981188789&qqid=CPTjl9rdnPcCFY22dwodufkEUg&dm=20062&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffca94b193e7af05659a5faeacaa310f3.js%253Ftag%253Dvideo_location%252Fweb_och&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7D41 0
45 B 548ms
547ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=8~l2470rwp&c=5307962377578&slotId=2653981188789&qqid=CPTjl9rdnPcCFY22dwodufkEUg&dm=20062&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffb084ba56019ecef1e967c41e75d05fd.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7D41 0
45 B 547ms
547ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=9~l2470rwp&c=5307962377578&slotId=2653981188789&qqid=CPTjl9rdnPcCFY22dwodufkEUg&dm=20062&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fmts0.google.com%252Fvt%252Fdata%253DUO99Im0pdV9UDhLVdg0m9TxfamifxMVqcDkkhxrzXZ1rTOEQpasOwwrR-ilsePrWMLYDHW8v2H8mOAPI0_ARyrgS&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7D41 42 B
64 B 111ms
111ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7654 0
0 134ms
133ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiVcWS-NcYsGwCozU3gOS84LgDqWgk5pp1bvx8uYPZBABIMbgi3lgu4aAgNAKoAH5uPnbA8gBCakCJuWz7ZHptT6oAwGqBOMBT9BL9HNmbG9TTPmkwVjKFUwG1VApRYAMg68_kK8yJVA11xFAzOtepRuYiykO48fukudqCOYl9BQH6Xu7LFojPCKjwruOIoIkvHpnXfjiAXoCYdpe_L1P1CMAEZ4Zb9lvnHjRPkDkDyw0qqu4zTcE3dx4Y0BYu8J14xkuUku8ZS56JAViYShCQKTgjyJMZCI_va6u6IEdQ08_WD8F3WenowJZ-ThmT2sRyczGLPZUyH1Vab6q7GUawzO-U3PzMJMraL3sDZkWtwap1Vs_dX_aHJRNcwXBX83EkdIGs36sS53qwOXABM3nr-_1A5IFBAgEGAGSBQQIBRgEoAYugAe6u6g3qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQkaoE0ggJCIDhgHAQARgfgAoByAsBmAyJ8qam7QO4E4ME2BMO0BUBgBcBshccChoIABIUcHViLTM3NTU2NjIxOTczODYyNjkYAA&sigh=XFpSiAlZmJg&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650254666987&bpp=3&bdt=100&idt=128&shv=r20220413&mjsv=m202204060102&ptt=9&saldr=aa&cookie=ID%3D3c6afa7313573798-2251d22779cd0069%3AT%3D1650254666%3ART%3D1650254666%3AS%3DALNI_MYlKyUwyFLQkOIxGnP6xIcmEqDhfw&correlator=557144391490&frm=23&ife=5&pv=1&ga_vid=70452389.1650254667&ga_sid=1650254667&ga_hid=1155762858&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44761792%2C44760911%2C31067063%2C31067068%2C31066184&oid=2&pvsid=3100504603474102&pem=933&tmod=1300855319&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.7jy5hhy20ou&fsb=1&dtd=145
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 18 Apr 2022 04:04:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7654 42 B
64 B 140ms
140ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsutpQMF9hnsRN1FZHIbn3a1MEIlRxax_KiFXflpqtoMaJ6W05uD30St5Cy_V-L_u27QlOZw70JkDSRD9pn7Hc0ij8xNnhxbmsytRvbg3jQ8f5st9QfcF4B55SPztAYMH4IDVC4vQAs_izkgmkH7a_Mkd_jyPMJfcw&sai=AMfl-YRPQ11x4foGQrPcxQatePfNTmiV4J8kSv1yvrXuUDOq4-uvY6o4fJJ-YTMXugg87a0oDzThW1oXFhrSWZjfTBwrWNdxsXKMxCxJs5XMTrpUSMDmpKbbr5-cqTU&sig=Cg0ArKJSzB9J8bK3BVSVEAE&cid=CAAST-RoayuJqW211ObnTlpkDWz50DP9mbeKOCBawi4bo8Q268kHstRMnHDsMH_65nOutmzGmquymaelDQ9R8c4_3zfs9KCEQEavs3j_QkqHo9Q&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=739537396&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1650254667133&rpt=745&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame F763 42 B
64 B 96ms
95ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 73ms
72ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ivona.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 04:04:29 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7F0E 42 B
64 B 64ms
64ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CSJV9TONcYqnbB4_S3gP22KwwpaCTmmns_sTJmhBkEAEggpa3dmC7hoCA0AqgAfm4-dsDyAEJqQIm5bPtkem1PuACAKgDAcgDywSqBIECT9C7G96qfTaFf7HoVUNGmSeHc7qW4gHAiQrWyqGbUe23Tj9qFicfJoeGafejCtbPFMsEavK2kbLdq12ltf35OJnJqWe2f9gFUtfMLLvFTUwscoOCdhsyx8Chf4AciN7S1bY4lJGxnpb7EoTNTEOJrr2QdAI61nMMMiPddD4XePC06HibJ1F4eK1DQzdq75f6eqxu_kS5Eg19cYftGVUCpAOEtfrhkyKjBE0r2dpqqYu9OpM40nVmfnwCHNnkczB0QE6ejRQFA_GfIf5Xo5vm7KE1qFhy9HTgSq8bSCBGUxZlXMO-O_2Qv2Zpd0Ml2en_wliOXAWhQpj6kufMO4SptirABL3ur-_1A-AEAaAGLoAHuruoN6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHbEJC4YSXlxFmJaACgGKCoMCaHR0cHM6Ly9jbGlja3NlcnZlLmRhcnRzZWFyY2gubmV0L2xpbmsvY2xpY2s_JmRzX2FfY2lkPTExNzYwOTA1MCZkc19hX2NhaWQ9MTY1Njg2NDI1NDQmZHNfYV9hZ2lkPTEzNDcxOTczMTUxNyZkc19hX2ZpaWQ9JmRzX2FfbGlkPSZkc19hX2V4dGlkPSYmZHNfZV9hZGlkPTU5MTU2MTgxMDY2NCZkc19lX21hdGNodHlwZT1jb250ZW50JmRzX2VfZGV2aWNlPWMmZHNfZV9uZXR3b3JrPWQmJmRzX3VybF92PTImZHNfZGVzdF91cmw9e3VuZXNjYXBlZGxwdXJsfZgLAcgLAeALAYAMAZgMifKmpu0DuAwBuBOhBNgTDtAVAfgWAYAXAQ&sigh=MC2-_bvVerY&cid=CAQSOwCNIrLMiXaqsEgdptdmQNJCb_CkS3A_GSimDzWcNC5GzjI0TLPYcXSOJlC0aTAj-yZDG28ABB3iQVw8&label=adresume

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 65ED 35 KB
13 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
URL: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 06:28:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 06:28:17 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7F0E 42 B
64 B 51ms
51ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F763 0
0 129ms
79ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C_z1WS-NcYpKsMJTx3gOBypTwD6Wgk5pp5InFyZoQZBABIJvciSJgu4aAgNAKoAH5uPnbA8gBCakCJuWz7ZHptT7gAgCoAwGqBIsCT9ARL1yzU2D_gVhtZ0O_hNkWb96023t_boRNNlYsyefiomKqeCzZEXUh6sMUXMZwCExu8ut-R7uxNoRSuSLRo7uWV3us6guzpHb0Yi0aMy9JYLfBE3DZoRF8k_giNp8RiEaY-gaDYsO4AZCxBNywZliBen7Di_zm0Kv6U9jB4eJl-oemCn2bFasqk3olkTau_U_6jqTEtTM8ZfDkcJupN4E3C9mLy__DItIypPQtNTYJcdCoNyRR83EzOpKE4nvkxQ_Hsk3nOG80MAWrrqxu3gzBNfcfHWha35uHSSwm14R4-JY9TOBFj31c10Gth51yAipkK4qfPHOAEfZ2PNhwGPUGcw5fs5qOUgtSwAS97q_v9QPgBAGSBQQIBBgBkgUECAUYBKAGLoAHuruoN6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEICtBNIICQiA4YAQEAEYHYAKA8gLAZgMifKmpu0DuBOhBNgTDtAVAYAXAbIXHgocCAASFHB1Yi04MjQxMDQ5NDk3NjA4OTk3GPPxFg&sigh=k9ViKM8CIzk&vt=1&template_id=545&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F763 42 B
64 B 84ms
83ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstguc6yGU4M0NKkrOuDyEOTZTAoCgbn6UFYSLpYKfR_vdojWuWYbpYjz3IobPomshmWAE7Mtz5E-C8NJEae6j50f2jCSA-aC6KlskusonJIHce1Y8cEDHZPWeH39UU0pEfqizA6nSI9BI5LbLCl-ccc8CEq0jwU0Q&sai=AMfl-YQHpL51wjMtkuOqwTArfrk96Qzygqx2nE7go5_eBKipKhRgWPAgwZt5Ebx07rD579I0fEkzf-X3DJR09z_8Y3ybdaYzNQg_z_Mn5ZFGfYQyR2nhMyJgPbUxuc4&sig=Cg0ArKJSzOsT2S3jvYm8EAE&cid=CAASF-RoBEZerCGVLg1rjKDM_yTA9QXHiSJa&id=lidar2&mcvt=1000&p=950,0,1200,400&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=0.75&if=1&vu=1&app=0&itpl=22&adk=2784017818&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1650254668075&rpt=645&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame F763 0
17 B 547ms
273ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~l2470rl3&c=1399602691105&slotId=699801345552.5&qqid=CNL9jNrdnPcCFZS4dwodASUF_g&dm=20062&event_name=first_play&asset_bytes=50131&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.l2470ryx
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 7D41 0
17 B 400ms
273ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=a~l2470rwp&c=5307962377578&slotId=2653981188789&qqid=CPTjl9rdnPcCFY22dwodufkEUg&dm=20062&event_name=first_pause&asset_bytes=620230&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=13&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=4&video_played_seconds=0.04&video_muted=true&video_seconds_loaded=2.74&vqdf=0&vqtf=4&vqfr=109
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7F0E 0
0 79ms
79ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CHCjuTONcYqnbB4_S3gP22KwwpaCTmmns_sTJmhBkEAEggpa3dmC7hoCA0AqgAfm4-dsDyAEJqQIm5bPtkem1PuACAKgDAaoE_gFP0Lsb3qp9NoV_sehVQ0aZJ4dzupbiAcCJCtbKoZtR7bdOP2oWJx8mh4Zp96MK1s8UywRq8raRst2rXaW1_fk4mcmpZ7Z_2AVS18wsu8VNTCxyg4J2GzLHwKF_gByI3tLVtjiUkbGelvsShM1MQ4muvZB0AjrWcwwyI910Phd48LToeJsnUXh4rUNDN2rvl_p6rG7-RLkSDX1xh-0ZVQKkA4S1-uGTIqMETSvZ2mqpi706kzjSdWZ-fAIc2eRzMHRATp6NFAUD8Z8h_lejm-bsoTWoWHK2dsHYdOTtZon2Oozf0lqQ44y12mNZW5Yncu4m-SxKKbmbQkfUKOm_7sAEve6v7_UD4AQBkgUECAQYAZIFBAgFGASgBi6AB7q7qDeoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCTxgPSCAkIgOGAEBABGB2ACgHICwGYDInypqbtA7gToQTYEw7QFQGAFwGyFx4KHAgAEhRwdWItODYxMDA1MDYxNDY0NTI2MxjtvnE&sigh=DMd5NnmIScY&vt=1&template_id=545&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by: Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7F0E 42 B
64 B 84ms
83ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPkSQc7ref1iaEA3CzCTn8l_KKdDqEpaYmNUq2SjPyJIf85mrKDDAnn-XAuUYK0HAmjPbjDEnGIDrsKG8NUI8Do-0WH1lFWQMDX34x_kV-QE00GljmB7gAt79MGNquyYX5zyrd829-U8tWiwhpjpIqXkUoNS6KKA&sai=AMfl-YQF4pFTg7fKaeH29KydLc2Oxq85ISidlWU31BFwMXM0WVApgR_auslBGPl67AI49Egwyvxfs8DaF6Fb_SS3SyDN8_iQc0bX4zTXLTUXCdtmYUI-3eBkt7265qc&sig=Cg0ArKJSzNHtVTOdsZBvEAE&cid=CAASF-RoyfYrb2JFgMXcAS5k_0wIjr31gPeV&id=lidar2&mcvt=1007&p=814,890,1214,1370&mtos=0,0,1007,1007,1007&tos=0,0,1007,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=0.6&if=1&vu=1&app=0&itpl=22&adk=3101626666&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1650254668507&rpt=614&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 7F0E 0
17 B 274ms
273ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~l2470rru&c=1096782462690&slotId=548391231345&qqid=CKmxodrdnPcCFQ-pdwoddiwLBg&dm=20062&event_name=first_play&asset_bytes=21503&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.l2470saz
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 78ms
78ms XHR
application/json 194.247.175.25
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=5515751128A447568E0FAD661105790A&time=1650254672167&location=https%3A%2F%2Fivona.ua%2F&referrer=&is_flash=0&session_id=513505440&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=holder&param1=~cm_timer~&param2=5&param3=1200&param5=7&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.25 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://ivona.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 04:04:32 GMT
server: nginx/1.13.0
content-length: 36
content-type: application/json

POST
H3 204 csi
csi.gstatic.com/ Frame 7F0E 0
17 B 273ms
272ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~l2470sy5&c=1096782462690&slotId=548391231345&qqid=CKmxodrdnPcCFQ-pdwoddiwLBg&dm=20062&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F583c04eba622323b1bc7d6fda2f57e1e.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 7F0E 0
17 B 274ms
273ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=7~l2470vdv&c=1096782462690&slotId=548391231345&qqid=CKmxodrdnPcCFQ-pdwoddiwLBg&dm=20062&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffca94b193e7af05659a5faeacaa310f3.js%253Ftag%253Dvideo_location%252Fweb_och&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 7F0E 0
17 B 274ms
273ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=8~l2470vdv&c=1096782462690&slotId=548391231345&qqid=CKmxodrdnPcCFQ-pdwoddiwLBg&dm=20062&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffb084ba56019ecef1e967c41e75d05fd.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 7F0E 0
17 B 274ms
273ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=9~l2470vdw&c=1096782462690&slotId=548391231345&qqid=CKmxodrdnPcCFQ-pdwoddiwLBg&dm=20062&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fmts0.google.com%252Fvt%252Fdata%253DZRDOmt9VxtAv4gHpjnnO45ukBQCJQnp9vaNbITdYZIclvJBXO_12boeHJlA32zssqA_MzbhKc6GEWp8XOv9WkETA&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 7F0E 0
17 B 274ms
274ms Ping
image/gif 2404:6800:4008:c07::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=a~l2470vdw&c=1096782462690&slotId=548391231345&qqid=CKmxodrdnPcCFQ-pdwoddiwLBg&dm=20062&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Frr3---sn-aigl6nsk.googlevideo.com%252Fvideoplayback%253Fexpire%253D1650283468%2526ei%253DTONcYqfmF4j61gKHiZjgCQ%2526ip%253D217.138.196.100%2526id%253D85a5694f350c8bc0%2526itag%253D18%2526source%253Dyoutube%2526requiressl%253Dyes%2526mh%253DC8%2526mm%253D31%2526mn%253Dsn-aigl6nsk%2526ms%253Dau%2526mv%253Dm%2526mvi%253D3%2526pl%253D24%2526susc%253Dgvp%2526acao%253Dyes%2526ctier%253DL%2526mime%253Dvideo%252Fmp4%2526vprv%253D1%2526dur%253D20.062%2526lmt%253D1646312223580167%2526mt%253D1650254449%2526txp%253D5438434%2526sparams%253Dexpire%252Cei%252Cip%252Cid%252Citag%252Csource%252Crequiressl%252Csusc%252Cacao%252Cctier%252Cmime%252Cvprv%252Cdur%252Clmt%2526sig%253DAOq0QJ8wRQIgXb2luKbin3BiAKKnkL7dhkXk0TC-vPNiWg47UL1e3pgCIQClv_jVBCRSKG79olzCdbR2QT2IwROi_mw9FsQmr8BEEA%253D%253D%2526lsparams%253Dmh%252Cmm%252Cmn%252Cms%252Cmv%252Cmvi%252Cpl%2526lsig%253DAG3C_xAwRgIhALgJc7edwNqIZkjBkfcodlrLGVcD5kBdWxiMJakMjzuLAiEAwwZzyoYcmDc7pgrWkkZjMjScZ_OxVLlv6mICLgtRY5c%253D%2526cpn%253DgN1_IxstCOfFZw_y&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4008:c07::5e Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:33 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7F0E 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 7D41 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/fca94b193e7af05659a5faeacaa310f3.js?tag=video_location/web_och

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame F763 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: ivona.ua
URL: https://ivona.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 04:04:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ad.mediawayss.com
URL: https://ad.mediawayss.com/delivery/sync?userid=c00f2201-4599-4d11-b30a-e9ff988177ab&inner_redirect=1&inner_uuid=fcfc0b69-06f4-4b81-8198-e12cf48c2c23&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8=

Domain: ad.mediawayss.com
URL: https://ad.mediawayss.com/delivery/sync?userid=c00f2201-4599-4d11-b30a-e9ff988177ab&inner_redirect=1&inner_uuid=fcfc0b69-06f4-4b81-8198-e12cf48c2c23&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

103 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ivona.ua/	1969-12-31 23:59:59	Name: b Value: b
ivona.ua/	1969-12-31 23:59:59	Name: Value: store.test
.cdn.umh.ua/	1970-01-24 11:35:20	Name: AU Value: 80ebc9636f797c4f
.ivona.ua/	1970-01-20 11:53:02	Name: __gfp_64b Value: xXzGU9tH_fq2ZzuEhbtW_1611AZFxtwXKd6ideiG9TP.b7\|1650254666
.ivona.ua/	1970-01-20 19:55:26	Name: _ga Value: GA1.2.70452389.1650254667
.ivona.ua/	1970-01-20 02:25:41	Name: _gid Value: GA1.2.1099108021.1650254667
.ivona.ua/	1970-01-20 02:24:14	Name: _gat_gtag_UA_206274582_1 Value: 1
.hit.gemius.pl/	1970-01-20 02:34:19	Name: Gtest Value: KlxUkMGGQMQGq_5iDIGyYo9issGMXP8c25nSGJFBLqH5XBG.
.admixer.net/	1970-01-20 04:33:50	Name: am-uid Value: 535a130aba0241c3a204d331e07a1f0a
ivona.ua/	1970-01-25 07:39:25	Name: cbtYmTName Value: 6pHIg47I0Mjfi4/d24iO29iO24yM2d2IyJdA
.facebook.com/	1970-01-20 04:33:50	Name: fr Value: 0SrHrnyvJLOKmGOrT..BiXONK...1.0.BiXONK.
ivona.ua/	1970-01-20 02:34:19	Name: am-uid Value: 535a130aba0241c3a204d331e07a1f0a
.hit.gemius.pl/	1970-01-20 11:53:02	Name: Gdyn Value: KlGIMRGGQMQGq_5iDIGyYo9issGMXP8c25nSGJFBLqH5FRxSG7RrGS6GYgXBFlMQYH8W8jBGqSRxSG8.
loadercdn.net/	1970-01-23 18:00:14	Name: vui Value: 3c742d08a47b4f5b98a79ecf8e05a7b2
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_zone_imp[1025][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_zone_imp[1025][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15459][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15459][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[4847][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[4847][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15597][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15597][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[3877][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[3877][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[11767][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[11767][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[2282][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[2282][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15444][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15444][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[4418][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[4418][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15789][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15789][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[4942][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[4942][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15780][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15780][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[4912][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[4912][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-23 18:00:14	Name: moxuuid Value: fcfc0b69-06f4-4b81-8198-e12cf48c2c23
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_zone_imp[4730][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_zone_imp[4730][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15455][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15455][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15595][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15595][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15442][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15442][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15792][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15792][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15362][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_imp[15362][frequencyPeriodEnd] Value: 1650341067
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[1954][count] Value: 0
ad.mox.tv/	1970-01-20 02:25:41	Name: _mwayss_camp_imp[1954][frequencyPeriodEnd] Value: 1650341067
.quantserve.com/	1970-01-20 11:54:29	Name: mc Value: 625ce34b-322bc-1436b-8451d
.bidswitch.net/	1970-01-20 11:09:50	Name: c Value: 1650254667
.bidswitch.net/	1970-01-20 11:09:50	Name: tuuid_lu Value: 1650254667
.bidswitch.net/	1970-01-20 11:09:50	Name: tuuid Value: c00f2201-4599-4d11-b30a-e9ff988177ab
.doubleclick.net/	1970-01-20 11:45:50	Name: IDE Value: AHWqTUkMXow7YNkht0Xa62uzLSY09sz-Wr4zNLPA7THiLLY4Zt4Q3qONSA5c58VaCKg
.betweendigital.com/	1970-01-20 11:09:50	Name: dc Value: mow1
.betweendigital.com/	1970-01-20 11:09:50	Name: ss Value: 1
.betweendigital.com/	1970-01-20 11:09:50	Name: tuuid Value: 75984b21-7f3a-516c-8e54-296aec08ca21
.betweendigital.com/	1970-01-20 11:09:50	Name: ut Value: YlzjSwALnKh2HuhwmlXfUBCIauSHgCPGtkOS0w==
ad.mox.tv/	1970-01-20 11:09:50	Name: bdswtch_sync Value: c00f2201-4599-4d11-b30a-e9ff988177ab
.ivona.ua/	1970-01-20 11:45:50	Name: __gads Value: ID=3c6afa7313573798:T=1650254666:S=ALNI_MZFOl3vfSkE0bJ1KzBhl_ltBpu_aw
ivona.ua/	1969-12-31 23:59:59	Name: IdealmediaStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%22Xu.h8xAi5%22%7D%2C%22C1296107%22%3A%7B%22page%22%3A1%2C%22time%22%3A1650254668096%7D%2C%22C1211636%22%3A%7B%22page%22%3A1%2C%22time%22%3A1650254668099%7D%7D
.blismedia.com/	1970-01-20 11:09:54	Name: b Value: 625CE34CF32235526ED7482FBLIS
.ctnsnet.com/	1970-01-20 11:09:50	Name: cid_f6c9a0f2bb7b4e318cb70bace3deb289 Value: 1
.adform.net/	1970-01-20 03:07:26	Name: C Value: 1
.adfarm1.adition.com/	1970-01-20 04:33:50	Name: UserID1 Value: 7087789829140576397
.yahoo.com/	1970-01-20 11:10:12	Name: A3 Value: d=AQABBEzjXGICEDUyd0JZ8Sc1yG7JQA8Vok4FEgEBAQE0XmJmYgAAAAAA_eMAAA&S=AQAAAmNcsxSZGd7OfA_yMTHcYXI
.everesttech.net/	1970-01-20 11:09:50	Name: everest_g_v2 Value: g_surferid~YlzjTAACzdHM8gAZ
.media.net/	1970-01-20 11:09:50	Name: visitor-id Value: 2932562685011629000V10
.media.net/	1970-01-20 02:44:24	Name: data-g Value: CAESEB44wqX6GBgviCb2WNHLZ1c~~3
.turn.com/	1970-01-20 06:43:26	Name: uid Value: 8849295528958862225
.w55c.net/	1970-01-20 11:53:02	Name: wfivefivec Value: itAIiy8B1NGiCM5
.adform.net/	1970-01-20 03:50:38	Name: uid Value: 4784734449180529776
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 19:56:08	Name: bcookie Value: "v=2&131849f8-eaf0-407d-826c-1136384a3771"
.linkedin.com/	1970-01-20 19:39:11	Name: li_gc Value: MTswOzE2NTAyNTQ2Njg7MjswMjFkPUHQwHSX2UHRw1qUeIf/3bcmTROrf87dhLlkseLMSw==
.linkedin.com/	1970-01-20 02:25:41	Name: lidc Value: "b=TGST04:s=T:r=T:a=T:p=T:g=2697:u=1:x=1:i=1650254668:t=1650341068:v=2:sig=AQEZ43rlUzQSenHD_LQAjj-Bf1sKnWkT"
.w55c.net/	1970-01-20 03:07:26	Name: matchgoogle Value: 5
.quantserve.com/	1970-01-20 04:33:50	Name: d Value: EEoBCQH3JYEA
.rlcdn.com/	1970-01-20 11:09:50	Name: rlas3 Value: EDbdGJu9MMpBGa0LIZVkWpGUsFfDx3iQQwfQkG9YxNA=
.rlcdn.com/	1970-01-20 03:50:38	Name: pxrc Value: CMzG85IGEgUI6AcQABIGCOndKhAA
.tribalfusion.com/	1970-01-20 04:33:50	Name: ANON_ID Value: aonseFq0I1e9yNy6Qwm0ZdG4HF5N38GqtNYoqqtZbTSZbyiMLVDmZb2UDEgmJ61H8ngxBX1oUVQXp8YUJCxpeXI3
.pubmatic.com/	1970-01-20 02:25:41	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 04:33:50	Name: KADUSERCOOKIE Value: 655B1C2D-D57D-4D0C-8871-647C93E0393C
.innovid.com/	1970-01-20 04:33:50	Name: uuid Value: dd025345-432e-445a-baa5-6aac81507eda-20220418 00:04:29
.casalemedia.com/	1970-01-20 11:09:50	Name: CMID Value: YlzjTR5bUXjCmaEXchtyiQAA
.casalemedia.com/	1970-01-20 04:33:50	Name: CMPS Value: 706
.e.dlx.addthis.com/	1970-01-20 11:54:29	Name: na_tc Value: Y
.casalemedia.com/	1970-01-20 04:33:50	Name: CMPRO Value: 286
.casalemedia.com/	1970-01-20 02:25:41	Name: CMST Value: YlzjTWJc400A
.addthis.com/	1970-01-20 11:54:29	Name: na_id Value: 2022041804042900019698635897
.addthis.com/	1970-01-20 11:54:29	Name: na_tc Value: Y
.addthis.com/	1970-01-20 11:54:29	Name: uid Value: 625ce34ddbca2d63
.addthis.com/	1970-01-20 11:54:29	Name: ouid Value: 625ce34d0001e4683407520adfb8bfcff54a7a70c2543a65bd57
.dlx.addthis.com/	1970-01-20 03:07:26	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 03:07:26	Name: na_sr Value: 20220418
.dlx.addthis.com/	1970-01-20 02:24:14	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 03:07:26	Name: na_sc_e Value: 0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://h.holder.com.ua/s?ta&bholder_320x100_4084&c1&r6411232&dholder1217097366&hhttps%3A//ivona.ua/ Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://h.holder.com.ua/s?ta&bholder_320x100_5759&c1&r6411232&dholder2068016217&hhttps%3A//ivona.ua/ Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript	warning	URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YlzjTR5bUXjCmaEXchtyiQAAAR4AAAIB&google_gid=CAESEOI_O4frVOmMk_UONgF8LUc&google_push=AYg5qPJl812WjK_un_7UMhgB1LfPzY9tTya8FT-oCJBf7H7zcdkE6ierggQ5pBwqPa7ez5Dpz8AvsQSwwsDyf3EHxkTnVnIQ0b4&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a13483215e232a5dc4db0bd382762cfe.safeframe.googlesyndication.com
ad.mediawayss.com
ad.mox.tv
ad.turn.com
adservice.google.co.uk
adservice.google.com
ag.innovid.com
autocounter.idealmedia.io
bgstats.mox.tv
c.idealmedia.io
c1.adform.net
cdn.admixer.net
cdn.idealmedia.io
cdn.jsdelivr.net
cdn.umh.ua
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cms.quantserve.com
connect.facebook.net
cs.media.net
csi.gstatic.com
dsp.adfarm1.adition.com
e.dlx.addthis.com
exchange.informer.ua
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
gcm.ctnsnet.com
googleads.g.doubleclick.net
h.holder.com.ua
i.holder.com.ua
i.ivona.ua
id.rlcdn.com
image6.pubmatic.com
inv-nets.admixer.net
ivona.ua
jsc.idealmedia.io
kolobok.ua
loadercdn.net
ls.hit.gemius.pl
match.adsrvr.org
mts0.google.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prg.smartadserver.com
px.ads.linkedin.com
r.turn.com
rr3---sn-aigl6nsk.googlevideo.com
rr4---sn-aigzrn7l.googlevideo.com
s-img.idealmedia.io
s.tribalfusion.com
s.zmctrack.net
securepubads.g.doubleclick.net
servicer.idealmedia.io
source.mmi.bemobile.ua
sslpagestat.mmi.bemobile.ua
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
tpc.googlesyndication.com
tr.blismedia.com
unpkg.com
ww251.smartadserver.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.cdn.umh.ua
ad.mediawayss.com
cm.g.doubleclick.net
104.16.199.73
104.16.221.74
104.90.192.27
13.32.99.49
142.250.186.34
142.250.186.98
146.0.227.110
146.59.10.80
146.59.30.108
15.197.193.217
151.101.66.49
167.71.9.19
178.162.133.149
18.194.183.160
185.132.133.134
185.184.8.90
185.187.81.40
185.64.190.78
185.86.137.114
185.86.138.121
193.29.200.142
193.29.200.162
194.247.175.25
194.247.175.26
194.247.175.38
2.22.32.24
2001:678:cb4:bbbb::11
2404:6800:4008:c07::5e
2606:4700:4400::ac40:98f5
2606:4700::6810:5714
2606:4700::6810:7baf
2606:4700::6811:180e
2606:4700::6812:acf
2620:116:800d:21:3175:5196:e3fd:8c1d
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:808::2004
2a00:1450:4001:810::2001
2a00:1450:4001:812::200e
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4009:6::8
2a00:1450:400c:c0b::9b
2a00:1450:401f::9
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a03:90c0:41:2801::254
2a05:d018:d29:3602:7f38:53ec:3dfe:9e2b
2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2
34.96.105.8
35.186.193.173
35.244.174.68
37.157.6.246
51.75.86.98
52.222.214.12
69.173.144.165
78.159.118.240
85.114.159.93
91.198.36.26
91.198.36.35
02071803a40c9923ea02d85ac63660d1858495edfdcae26d6fdda1340e51d75e
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b06f6cb9c61c99519b20c63c69e1fdc109bbacbfe53978d17595a17d68d25f8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c816db78c9677581e1a5944e4822496ff397e2fdba0df34a2f809b49562f3cf
0d0befd7031bbadb5e73cee0418fbe559113d1e319daaf64a9e86126fa630bfc
0ef469692abec60d2a111275b3c4edead952d7b7a2c23595fefd9a430e1362f8
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11b45d8834108656ef46a3bf5959d80e72519cdefe52ae7738bae501f7024466
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1420f826fbf0e0b4641e1667f2af60df85ca659b53e789a5f713c921fdfe6b6e
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
1632c04c1ca3e5a357176950c693ff601d689b3d8c93310d5e2cd4bdc2ec6f63
1713a1dc09693d01f4724c48cfaab88da8b9a434a417bfc33be94f6e566fa731
17a3183d5f9e5b96da5405fdbd9012f31508b75c2a3475ef0251cf81e6a6f19a
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1b837d398b9983ce93fa18f3bdcdb7a53076ca66ca381d9d4b2281fb0621a6e6
1c2e35982f192d278b426abff86259d15b134079bab71b3c995eb19718ab1e50
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88
20113c987d357a00dd1c5058dfbfc3daede155eec76fa87d13c5f1d4b5d5b66d
21787abcbda6d677de492dc8437c4bd4e19c62074ac141e1890a1372f3f2917f
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
24b8dee038e42eb0a35f5f2250385a6e7821a0410a4c55f4afaab79dad56b470
257513e8dd4b8ad396fff2551d82812fb3e5be5d8b0b8325de05e55199944c72
258648f036b2724ed8b9868d5e04d05d6f76b6a9aed313da504c76e436a127c8
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2a1e1f52548a2e43b08913b6cec3b24c961c453d7a0f6a8b7d779ac67f5dea70
2a5ffc4b5364d3c9b497b0358cec59b47658cdbb7455e840977d80dffcc4c37b
2ba54c2c0ee422e605c0a01ab06fd224af56017507c345ee988b2d66658ba69d
2c704dae6200b6246a5b8d65426b06d93b9f36b34d79dd3dc546a4b5bd579af5
2c87d3e2f818ba84a6d76a422499b997d743c05d936adfd84539290a8f0fec42
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d
320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8
33ba16e1b1d8a7bd9b5fd855dbe3db459460d39b818944c98fa56efc03d04070
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
36205b065d2d36980fa91b3df6afd5e3718856f7c9b69be8869bb913860075f5
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
36e8435564fbeaa59d7c1b052cc8297092a2fce7471d86976777f7027daef8a5
3a3548844d6ef8052c0ba5224cce751e398e05d6bd972aa13da90628aa9bb9cc
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
41bc2c13ddefdf8722b2ab40d317c7ebe13bd50e31691364194c1857ab246436
42524ce07f6ab05f27342edc02440b28590a7fe433adae3133a7e6bef2482e41
428095c83df3d97ef872b3ff4a788ccecdd86fe201822a6d77b9fa6f47e8fb11
4440ecad63f74d44c2d9a603a233bd55352c6b2aa567dcc3691c3029901123ca
469ce0fb134196afb16e3e61a0c764c7cb172e54534f24cfced1243f3e0e21fd
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
4fcd235e4611e6ea5cd85b6a2cedce78137f942e03d022735016ae87a408184d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57390a59a4e6bc139c12e476c0811a97ba27438d8281070035d778f336ddb30c
5807259d4acdbba1abc0cb067199842b5626b5bc1f85191b6a8a91b30b72aece
59fe052fa30275b48b087c29ee1e47022c320d5f4081d8e15015caee0f2a6283
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
6056ffc424715134bc8cb5583ce0af5e2bb6c2eb772550a0519e1afd163eb4d6
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
63462259028eab9cdb98d8bf6335cb5e2233ace097705e8f73ac018c09067b97
638d2f5ba5cf501a58131a42efe30aa2c2154904b0654a517cce4baeef308022
64364a07f35387503221e6c39d90179453387b9a75e584d25616c7926e60bc99
65022d5f76d6e8ca21971c6b00bd7af6533c705aedfbae57a94d44a9f4839e3c
651fc5051db295a80ef0ec8faf17ab61562ea6e220be33a1a127263e3681a491
665fdeef7efff89dd24f16990d0125f87ed98ccc3e009fd2f39c8bfb5f9b07bf
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
673efbdacb02011865ea945116af2b626a46e8ea087e816f216a1486086bea33
6b025d7c3a9e1778476b51f4b5f35c966a6309e5e7d5009fdbdd899efcf27d7c
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6d9adc49a8dbe0cd2a8ab8f95c28809d66d4098fe6e8e1836bd07680260fa7a5
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
73c35fb7bff15aa8fb2239f1d1852a794d8c55ee3ae156a6748cd9941bbf100e
747593508ba2843e380b73b39edefb9271ab650d44d599ce2e85ad09882525fe
74b693992731a10cd5a2d84d4ac63dd940601bf12072c333932096021b15479c
752609114e40f726036b2b759bb097d8ad05e4c45a3b7e24750bb526c660f48b
75b6e51b9932704f771a6b92774b6c7d44c1588508898cfb50975fc64a6cbb0a
781f8efd80f3771b82323061b0c48a6a516efaeb1305881ff3601a5fa3c1024e
7a3e2211e9bf114d049bb17ffdab66a889f20a55770d462a3136b573e23c439c
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7a8408472d965e4f5dbefe27d28b2b75ad1e81fa35e3cadb6cfdb9e1633c29e3
7b4b07d23354c543dc43e161b5abe841f026ebaf1d53ac0cce0e3884b970f871
7b8e36274e8930a38a94c85117c749376c2a1d7a219fe1558e2a58dd39e9e1dd
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
80efd32f8b297f80dbe405cee9f46eb6d176506ef4922e73c9baf929daeddbab
813e00e93ee3876232674bfb1e27eebbeebc4a9494fbe02aff87c00aa6834ee9
854d7eb29ef705818b893e5e462d4f488bca1b4b21af4247356f4fef69e64939
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
881f8b5d1940cc74ab6eec11b0d91e6497a89b38e61fc4ac3ebd4a6ca0f65709
889aaa6bf2c55c0665fe59ab431de0ddbce524d959cfb6442147811c1550c0b1
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bb7757ec04aff2711bde198d256780d2423ed775f144a9acd5b27358d19fdbe
8be1ba1bb11c56209a3a1a419bd05983876a6e982203bbdf78c7e335aeac92a8
8c49566661e25a56098710ae7c23c306a8cd94bf3ac3614686aa7f9a3afb1c32
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a
8fc1968b29dece9ab454a19447e2ba9565358032217a6b3b9fe2f8b25e0c209e
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
933c693f9c03782733231fbc99562e01d13b26aef7e9942b0a8e5d361d4b2297
956d3f9a9f3d4cd1f8e6f2cc5f32a7b9490c311db8c9bdbbb2ec6f04d8e5b846
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac
976a387162cd6a5535f6737bbc0d7659985bd6a4b8283a8858f9994fe82506e9
97e2ee96747015cd8063467c6792ce5ea015422aeeeca17008b4d4d6a28ac16b
983de1606026595037bcf735f1fd4a579925e977934a70590001858b4d2f5b5d
98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2
99c31611f47923f571d2efc7269de03ca3b64bcac3245af40c3f2feea6cba879
99f31a67bea4405d64aebf1a28c9b2d1e9cd9ca48ddb4dc42b79a5aa30ac4899
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa721c1cc532a687290427cad8fb4cab406df06aac334e58912acca92f8bd3a
9ad4dedc4277d1d4496f4daad75ff26a658c1e12709735e038c13b144c364778
9b64d9cf062e964395afda2e10a18dca25fc0c9a0b802234a1fd792227247123
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9e4360d4470e0fbb3663db81aa5d5709082a4c2b093824ca873476e84e060a59
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10e7064bf6a788c67304be2dacba454fca986a3bac0d0de71c79fb6a54bd1bc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a407c9079ed9cddfae29c6658a2e759a00de45168f719281001a5c9fc8ab6e81
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c405ff5fff2bb4c29f2a07c151fc558d2642a2ea4f0e1f8996d52b3d6f77d0
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a7fc0c29a18283e62c5a75247824d3076893464e58a9df1b7fe97d3a73cb7c0f
abbf1c140ffd3d0e2c17830766edcb857296d89c3853ad94509bc63363e26427
abda83b7b0fcad530a82341fef5a3b7acdfa13778c13debf5bddcc21beea49c5
ac170a93df8e032469e75c20c7b828e82a2357522a9d5c51f6545f8f5ef62cfd
b26fd8a8ad162af32fe636959a7a97e2484358e0fc016c665a0d41b108bb9365
b2c1df8b39d8393f0c4f9e838ba4f46cd8a06802e2beffa236bf47bb28748979
b6ce302111de6cc0467e584ea54cd79e186e2c2d2872c1809ff7548ed750ce96
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
baf26f9d3541265aaae74be7296618ace46acd28d9b59ffe8d6a930c3656f6df
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be705c134d98e7a215275e82ed9d928f4361b65143517f9809ae1c9e113eeb42
c107604accd4905d9e115f348aa6456b9c94e79582040a3a43c9cf8403057eb8
c228cfe6b3ebb46f183eda1d08be68dfc80fd7680ce97ec6daef9b3d81f52b44
c30b014e3192d3d0d52b07e96b08e53ae72996798717bd8a46eeecfb353e7f16
c3b427d50487df3dc3b85f03a4e9f29494f93f1acd372105d04dfe85cbfefc42
c6a2f6b42d23d9aeeefddd0186a6fc7cd1a2eba7e7ae873f9f985861cec39dfd
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ca17a2e4788daf5b160cd7aa2106eab1ec797ba195daf95cecfa080d980101d1
ca18a695aa649c8be202136c7e83fe201f90b7c3391d45fbe971689d9bb3ebcd
ca66094da8182b9bb9850d7bab10fe9dcd469d144c2b98e2b3c4ca756ec868d7
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399
cce4d91444c6a7259074d05d5b63261625d0bc1b82ff5a6069b5276fa62eef2d
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d83ee7f0a52e3a825805e0599622d9963dface743b1a4d6b31dff8cc030fd2e1
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de73f81a91b67ab501d469a804340110d92013800de0e17ed0d7947d74e5c502
e0258e66eddc5ec291e7b9089c7c1897ae1b38c693f5627aaa3911f83d83d26e
e09b2dd8838df37e9abab83c276821dce1d4484bf03e0b2d6bdea6a454e8657d
e0aa33565d329e1218a6d190b0aa8c20e73d637429df09713949330e4632d7cd
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b5f63fb8a06b56ba0947d7684a3520284fb5bf0ec15cc0d3bc9aad6ea6e203
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e715f2572f8e6c0826612bce0c5368a307dd0d2b3867e7b75561c3b5978d8a3d
ea676f45ac378e4a64fe1b06833b8b6d40367339f564512f5681f8dafd24b713
ebd902c796e15c5ea443dff52f3581b7b0076a00fcf4acce32983a48d27d877f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
eff5a46b0697fc310613dff4c58c902f221187e0d0dcf5686a4179d8f38050a2
f12e71b07e0b3b8c2a14b42c1b9891b939d9c91be38c20c0afd8e61d64ab31ab
f2d8df5d1e57c625a957971d571a7dbccff3ac747d4797e6c1830b630141cdc7
f49dc9bcc54f33a74dd26bae9a55bbb5b28638ad91e6a47ef97ba48aacdf6b75
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f8d24beb426ca5d38f48fee967f319524051d84c81dc1ec63d62cf9f7cdee535
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fc372cb3315c38093d4fb758efdefb0b17da93b8c3e6aff37b0412e25b1978d2
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fe37e01fba4cad1e6f1367b228502cb67dddc4e2b7a2017fd452774c6dbbad9c
fe666bf94dbb7d12bbaf6935bd435c05095be5a4ae23f3a1f49c743e7e08ad5a

ivona.ua Open in urlscan Pro 13.32.99.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

342 Requests

94 %HTTPS

45 %IPv6

53 Domains

81 Subdomains

56 IPs

14 Countries

10090 kBTransfer

14250 kBSize

103 Cookies

18 Outgoing links

Page URL History

Redirected requests

342 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ivona.ua Open in urlscan Pro
13.32.99.49 Public Scan

Screenshot
Live screenshot

Full Image

342
Requests

94 %
HTTPS

45 %
IPv6

53
Domains

81
Subdomains

56
IPs

14
Countries

10090 kB
Transfer

14250 kB
Size

103
Cookies

342 HTTP transactions
13 data transactions