urlscan.io logo urlscan.io
SecurityTrails logo

ivona.ua Open in urlscan Pro
65.9.63.58  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ivona.ua/
Effective URL: https://ivona.ua/
Submission: On May 08 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 13 countries across 64 domains to perform 327 HTTP transactions. The main IP is 65.9.63.58, located in United States and belongs to AMAZON-02, US. The main domain is ivona.ua.
TLS certificate: Issued by Amazon on June 27th 2021. Valid for: a year.
This is the only time ivona.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 65.9.63.58 16509 (AMAZON-02)
1 91.198.36.26 43405 (DIGITAL-V...)
10 2a03:90c0:41:... 199524 (GCORE)
1 2a00:1450:400... 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 146.59.10.80 16276 (OVH)
11 78.159.118.240 28753 (LEASEWEB-...)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 185.187.81.41 43332 (IDSTRATEG...)
16 143.204.215.125 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 185.180.220.208 49981 (WORLDSTREAM)
8 91.198.36.35 43405 (DIGITAL-V...)
1 145.239.237.56 16276 (OVH)
1 11 185.132.133.134 49981 (WORLDSTREAM)
1 3 2a03:2880:f12... 32934 (FACEBOOK)
1 142.250.184.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 146.0.227.110 29066 (VELIANET-...)
1 2a00:1450:402... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2620:116:800d... 16509 (AMAZON-02)
1 167.71.9.19 14061 (DIGITALOC...)
6 6 3.124.9.195 16509 (AMAZON-02)
2 2 188.42.196.115 7979 (SERVERS-COM)
1 1 185.165.240.175 49981 (WORLDSTREAM)
1 1 212.8.250.83 49981 (WORLDSTREAM)
1 1 185.180.223.221 49981 (WORLDSTREAM)
1 1 212.8.250.228 49981 (WORLDSTREAM)
6 193.29.200.142 197203 (UMHAS)
2 194.247.175.38 196831 (BEMOBILE-AS)
16 104.16.199.73 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
6 142.250.185.130 15169 (GOOGLE)
1 193.29.200.162 197203 (UMHAS)
6 194.247.175.26 196831 (BEMOBILE-AS)
5 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
11 38 142.250.185.162 15169 (GOOGLE)
7 11 2.20.85.164 16625 (AKAMAI-AS)
4 6 185.33.221.90 29990 (ASN-APPNEX)
2 34.98.64.218 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
3 4 185.94.180.125 35220 (SPOTX-AMS)
3 3 3.122.49.139 16509 (AMAZON-02)
3 4 18.156.0.31 16509 (AMAZON-02)
37 2a00:1450:400... 15169 (GOOGLE)
2 2 104.92.72.137 16625 (AKAMAI-AS)
1 34.98.67.61 15169 (GOOGLE)
1 35.186.253.211 15169 (GOOGLE)
4 4 104.36.113.23 62713 (AS-PUBMATIC)
2 2 69.173.144.138 26667 (RUBICONPR...)
3 3 159.122.14.34 36351 (SOFTLAYER)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
2 2 3.121.17.132 16509 (AMAZON-02)
4 4 37.157.2.236 198622 (ADFORM)
2 2 76.223.111.18 16509 (AMAZON-02)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2 35.157.174.33 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 74.121.143.240 30419 (MEDIAMATH...)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 151.101.194.49 54113 (FASTLY)
2 2 72.251.249.13 29791 (VOXEL-DOT...)
1 2 51.89.9.253 16276 (OVH)
8 142.250.185.66 15169 (GOOGLE)
327 54
17    65.9.63.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-58.fra56.r.cloudfront.net
ivona.ua
1    91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua
i.holder.com.ua
10    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
37    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
www.googletagservices.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    146.59.10.80 (France)

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu
gaua.hit.gemius.pl
11    78.159.118.240 (Mindelheim, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com
cdn.umh.ua
z.cdn.umh.ua
5    2a00:1450:400e:810::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
www.google.co.uk
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zmctrack.net
loadercdn.net
16    143.204.215.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-125.fra53.r.cloudfront.net
i.ivona.ua
13    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.com
adservice.google.co.uk
2    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    185.180.220.208 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.mediawayss.com
8    91.198.36.35 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
h.holder.com.ua
1    145.239.237.56 (France)

ASN16276 (OVH, FR)
PTR: ip56.ip-145-239-237.eu
ls.hit.gemius.pl
11    185.132.133.134 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-132-133-134.hosted-by-worldstream.net
ad.mox.tv
ad.vidver.to
3    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:400e:811::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
3    146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
1    2a00:1450:4025:402::9d (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
2    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
1    167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
bgstats.mox.tv
6    3.124.9.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-9-195.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    185.165.240.175 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-175.hosted-by-worldstream.net
ad.outstream.today
1    212.8.250.83 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.adopx.net
1    185.180.223.221 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-221.hosted-by-worldstream.net
ad.invamia.com
1    212.8.250.228 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-250-228.hosted-by-worldstream.net
ad.vidverto.io
6    193.29.200.142 (Ukraine)

ASN197203 (UMHAS, UA)
exchange.informer.ua
2    194.247.175.38 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
source.mmi.bemobile.ua
16    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.idealmedia.io
c.idealmedia.io
cdn.idealmedia.io
servicer.idealmedia.io
s-img.idealmedia.io
cm.idealmedia.io
autocounter.idealmedia.io
5    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
6    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
securepubads.g.doubleclick.net
1    193.29.200.162 (Ukraine)

ASN197203 (UMHAS, UA)
kolobok.ua
6    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
sslpagestat.mmi.bemobile.ua
5    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
19    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
38    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
11    2.20.85.164 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-85-164.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
6    185.33.221.90 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
3    3.122.49.139 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-49-139.eu-central-1.compute.amazonaws.com
pixel.advertising.com
4    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
37    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    104.92.72.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    159.122.14.34 (United States)

ASN36351 (SOFTLAYER, US)
PTR: 22.0e.7a9f.ip4.static.sl-reverse.com
um.simpli.fi
1    85.114.159.93 (Rheinfelden, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    3.121.17.132 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-17-132.eu-central-1.compute.amazonaws.com
ads.creative-serving.com
4    37.157.2.236 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    2a02:fa8:8806:13::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
2    35.157.174.33 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-174-33.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    74.121.143.240 (United States)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    51.89.9.253 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu
onetag-sys.com
8    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
googleads4.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
63 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 65
stats.g.doubleclick.net — Cisco Umbrella Rank: 175
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 245
cm.g.doubleclick.net — Cisco Umbrella Rank: 289
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 354
306 KB
56 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 119
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 171
447 KB
37 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 338
664 KB
33 ivona.ua
ivona.ua
i.ivona.ua
566 KB
16 idealmedia.io
jsc.idealmedia.io — Cisco Umbrella Rank: 81268
c.idealmedia.io — Cisco Umbrella Rank: 75005
cdn.idealmedia.io — Cisco Umbrella Rank: 126832
servicer.idealmedia.io — Cisco Umbrella Rank: 82936
s-img.idealmedia.io — Cisco Umbrella Rank: 75676
cm.idealmedia.io — Cisco Umbrella Rank: 18121
autocounter.idealmedia.io — Cisco Umbrella Rank: 91964
202 KB
13 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 34908
inv-nets.admixer.net — Cisco Umbrella Rank: 3293
198 KB
12 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 341
237 KB
11 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 901
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 821
10 KB
11 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 45205
bgstats.mox.tv — Cisco Umbrella Rank: 53539
96 KB
11 umh.ua
cdn.umh.ua — Cisco Umbrella Rank: 229562
z.cdn.umh.ua — Cisco Umbrella Rank: 262862
8 KB
9 holder.com.ua
i.holder.com.ua — Cisco Umbrella Rank: 262470
h.holder.com.ua — Cisco Umbrella Rank: 241180
9 KB
7 google.com
adservice.google.com — Cisco Umbrella Rank: 128
www.google.com — Cisco Umbrella Rank: 20
2 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 326
6 KB
6 informer.ua
exchange.informer.ua — Cisco Umbrella Rank: 727053
36 KB
6 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 405
4 KB
5 bemobile.ua
source.mmi.bemobile.ua — Cisco Umbrella Rank: 158595
sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 160109
25 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 227
175 KB
5 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 38850
ls.hit.gemius.pl — Cisco Umbrella Rank: 9907
16 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 950
2 KB
4 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 857
2 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 420
926 B
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 744
2 KB
4 gstatic.com
fonts.gstatic.com
148 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 1313
2 KB
3 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 716
1 KB
3 openx.net
us-u.openx.net — Cisco Umbrella Rank: 632
rtb.openx.net — Cisco Umbrella Rank: 2213
716 B
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 126628
4 KB
3 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 3762
www.google.co.uk — Cisco Umbrella Rank: 2633
1 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
327 B
3 mediawayss.com
ad.mediawayss.com — Cisco Umbrella Rank: 74131
611 B
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1119
485 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 881
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1369
s.tribalfusion.com — Cisco Umbrella Rank: 3856
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1443
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 590
955 B
2 creative-serving.com
ads.creative-serving.com — Cisco Umbrella Rank: 5471
1 KB
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 478
916 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 2703
1 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1353
344 B
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2385
1 KB
2 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 653
cms.quantserve.com — Cisco Umbrella Rank: 1596
735 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1250
43 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
20 KB
2 zmctrack.net
s.zmctrack.net — Cisco Umbrella Rank: 185252
24 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 195
85 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3175
40 KB
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 955
177 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 680
864 B
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 46870
609 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5029
104 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 2104
582 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1299
356 B
1 kolobok.ua
kolobok.ua
8 KB
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 78316
482 B
1 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 52254
546 B
1 invamia.com
ad.invamia.com — Cisco Umbrella Rank: 84528
561 B
1 adopx.net
ad.adopx.net — Cisco Umbrella Rank: 84210
577 B
1 outstream.today
ad.outstream.today — Cisco Umbrella Rank: 80366
591 B
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 410173
169 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 940
643 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 574
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 142
40 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
327 64
Domain Requested by
38 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
37 s0.2mdn.net ivona.ua
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
s0.2mdn.net
32 pagead2.googlesyndication.com ivona.ua
pagead2.googlesyndication.com
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
19 tpc.googlesyndication.com eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
17 ivona.ua 1 redirects ivona.ua
cdnjs.cloudflare.com
16 i.ivona.ua ivona.ua
12 cdnjs.cloudflare.com ivona.ua
cdnjs.cloudflare.com
s0.2mdn.net
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
10 ad.mox.tv 1 redirects z.cdn.umh.ua
ad.mox.tv
ivona.ua
10 googleads.g.doubleclick.net pagead2.googlesyndication.com
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
ivona.ua
10 z.cdn.umh.ua cdn.umh.ua
10 cdn.admixer.net ivona.ua
cdn.admixer.net
8 googleads4.g.doubleclick.net ivona.ua
8 h.holder.com.ua i.holder.com.ua
ivona.ua
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
6 exchange.informer.ua h.holder.com.ua
exchange.informer.ua
6 x.bidswitch.net 6 redirects
5 eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 www.google.com ivona.ua
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 www.googletagservices.com ad.mox.tv
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
4 c1.adform.net 4 redirects
4 image6.pubmatic.com 4 redirects
4 s-img.idealmedia.io ivona.ua
4 ups.analytics.yahoo.com 3 redirects googleads.g.doubleclick.net
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 jsc.idealmedia.io i.holder.com.ua
h.holder.com.ua
jsc.idealmedia.io
4 fonts.gstatic.com fonts.googleapis.com
4 gaua.hit.gemius.pl 1 redirects ivona.ua
gaua.hit.gemius.pl
3 um.simpli.fi 3 redirects
3 pixel.advertising.com 3 redirects
3 sslpagestat.mmi.bemobile.ua source.mmi.bemobile.ua
3 pa.tns-ua.com source.mmi.bemobile.ua
pa.tns-ua.com
ivona.ua
3 inv-nets.admixer.net cdn.admixer.net
ad.mox.tv
ivona.ua
3 www.facebook.com 1 redirects ivona.ua
connect.facebook.net
3 ad.mediawayss.com 1 redirects z.cdn.umh.ua
2 onetag-sys.com 1 redirects eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
2 ap.lijit.com 2 redirects
2 pm.w55c.net 2 redirects
2 eb2.3lift.com 2 redirects
2 ads.creative-serving.com 2 redirects
2 pixel.rubiconproject.com 2 redirects
2 e.dlx.addthis.com 2 redirects
2 cm.idealmedia.io jsc.idealmedia.io
2 servicer.idealmedia.io jsc.idealmedia.io
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 c.idealmedia.io jsc.idealmedia.io
2 source.mmi.bemobile.ua h.holder.com.ua
source.mmi.bemobile.ua
2 ads.betweendigital.com 2 redirects
2 unpkg.com ad.mox.tv
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.co.uk pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 s.zmctrack.net ivona.ua
2 connect.facebook.net ivona.ua
connect.facebook.net
2 stackpath.bootstrapcdn.com ivona.ua
1 autocounter.idealmedia.io ivona.ua
1 sync-tm.everesttech.net eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
1 s.tribalfusion.com eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 sync.mathtag.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 dclk-match.dotomi.com eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
1 dsp.adfarm1.adition.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 rtb.openx.net eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
1 odr.mookie1.com eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
1 cms.quantserve.com eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
1 cdn.idealmedia.io ivona.ua
1 kolobok.ua exchange.informer.ua
1 www.google.co.uk ivona.ua
1 ad.vidver.to ivona.ua
1 ad.vidverto.io 1 redirects
1 ad.invamia.com 1 redirects
1 ad.adopx.net 1 redirects
1 ad.outstream.today 1 redirects
1 bgstats.mox.tv ivona.ua
1 pixel.quantserve.com ivona.ua
1 stats.g.doubleclick.net www.google-analytics.com
1 loadercdn.net ivona.ua
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 cdn.umh.ua ivona.ua
1 cdn.jsdelivr.net ivona.ua
1 fonts.googleapis.com ivona.ua
1 www.googletagmanager.com ivona.ua
1 i.holder.com.ua ivona.ua
0 google2waycm.netmng.com Failed eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
327 89
Subject Issuer Validity Valid
ivona.ua
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
holder.com.ua
R3		 2022-04-09 -
2022-07-08		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2021-06-08 -
2022-06-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
cdn.umh.ua
R3		 2022-04-10 -
2022-07-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-02-14 -
2022-05-15		 3 months crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-20 -
2023-04-25		 a year crt.sh
ad.mediawayss.com
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
ad.mox.tv
R3		 2022-03-31 -
2022-06-29		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
loadercdn.net
R3		 2022-05-02 -
2022-07-31		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
bgstats.mox.tv
R3		 2022-03-30 -
2022-06-28		 3 months crt.sh
exchange.informer.ua
R3		 2022-03-10 -
2022-06-08		 3 months crt.sh
*.mmi.bemobile.ua
Sectigo RSA Domain Validation Secure Server CA		 2022-01-14 -
2023-02-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
kolobok.ua
R3		 2022-03-14 -
2022-06-12		 3 months crt.sh
juke.mmi.tns-ua.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-18 -
2022-07-11		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh

This page contains 35 frames:

Primary Page: https://ivona.ua/
Frame ID: 97F6E90BFD52DEC63AF392DDF735BF0F
Requests: 149 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: CF072E32D3113A4842B25AC067A67350
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Frame ID: 5DE786B414946CA39B137B3A3C48E3F9
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 88C144178F4330A2176F9F84B37DFE0C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Frame ID: 8FAA0B71ED5E75E663FE90388F58E56E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Frame ID: 2E4923C01DF5C6BBAE801FB222BD54AF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1651982716&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fivona.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651982716717&bpp=2&bdt=588&idt=244&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6831742848696&frm=20&pv=2&ga_vid=697972760.1651982717&ga_sid=1651982717&ga_hid=1751639858&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067426%2C31067419%2C31064019&oid=2&pvsid=3789903359041081&pem=928&tmod=1477635949&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=261
Frame ID: DE5CD730A5B77C3EC9B19A347C205768
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=kolobok
Frame ID: 3791C1C961BA2B3E0056CE011F2B4619
Requests: 7 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: DBDD8B34D3C0960E56BB83ED9B84DE93
Requests: 1 HTTP requests in this frame

Frame: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D74C104828008666668B98AEC76A7194
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: AE0936A78351DCEC2D20CCCF19042BA3
Requests: 1 HTTP requests in this frame

Frame: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: BA67496A001907E9DACA9D45DF98A809
Requests: 13 HTTP requests in this frame

Frame: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C6601863722282741A76DDFDFDE7186B
Requests: 15 HTTP requests in this frame

Frame: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D6B869C5FD867568729C7A9790CC17A2
Requests: 14 HTTP requests in this frame

Frame: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2A0893E4BDAD386DE804EF7452928E7A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNUNnz5vPPhiszybUCB3xi8O4rKmvP1d8uoI192RzVTxYeswGjxVl-486b2ESfs5OheQuCYpGtMmkiQ5f5CPhu7YWk0ls2RuBL_nvyk-1UZupO78kJMC1gRAUqS78REoRjKuQ_S702PqpDKWN5xkHhZAABvLpS9ugH7AE4CC13vmsNgKaAs
Frame ID: B9CD1AA06D0086289A7ECDBF576358F2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNUkUoRmB7_VkSqYpJ3TNVkrxRENhhBbj11WS-PV2nLbiF4WtjZoDUXwLaeWEpnK2zcm2LggiABZkpqSQcck3ewOCiwaCXlw2iPuHEnt97OmxNsPSJ76a9L9MaMFzsktU8laUpLNpNbOCQdPOQnGJocqdaOTWUt8j21Ku3H4QbHcx6gWgTyBdy-wfJJF0CPB6gKxMkxT
Frame ID: B5C12DC6B43B5BE23D2CCE0C15892A9C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNVoaJwE18Td2raZXNJiglyc7Q1XxbmpY7x3JAUCXIM_1iyzenpfqe9v1DyY0_3iuTQ3KLbLpcLa6EruDFsH9tzIrT9Q5Aj55Sf7C_tev2SBg1JOV20n6FSSEmErJbh-1bLgZ6d_v0PXrpY_mafl4oz7U8cVnfEBLDQ7CmSBM9UEmevMvNE
Frame ID: F1955675BB99D697AC6581B2431D231E
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj7tczIATAB&v=APEucNXEA1wgL_mZwHolWOS5T_RIsLqcNCxM1VkyMYK1_GNWqDdgq9K751CAjR2dtPpv1Kn3lxWMAmD_mmD7XpADDP05ZCk82_x32oae0tUPq303TZhOaGr-5R7NsxHLdVe4sV09Fd1fnbnf6rnBUP1Ve67DVw26GiNBi1aVwWMI2p_naTlDSik
Frame ID: FB9739BF8FFFD5B5A236767C405F50EA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9AED06D0121427EA22D3E52AED6DB1AB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 13A45FDCAD900A61AAA18C2B1F13785E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 69E64733B5ECBB6B05B721180E2D4CE6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: EAF84336982A195200F4B971EE00A9B2
Requests: 9 HTTP requests in this frame

Frame: https://cm.idealmedia.io/i-noref.js?cbuster=1651982718580700532697
Frame ID: 640062F84EF4DA31C14CA042FCFC1945
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E2A6516360FBF1ED00A87B842787E0A6
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5AEEC83FF9B1788AAFC4BF26BE46F519
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C6BCD446B8A06FF67391A7CF42ABF0AF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 650AF0B54C409D39ADADC8B8405DE865
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Frame ID: D0BD1C898AF8BBD82C0A089AF5DDB9D9
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
Frame ID: 6DBBEBB190336816BAE1BB63604C2E00
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Frame ID: 08370E7D9DC218C32651D2D50DDB6CFB
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Frame ID: 383C7E104932DE05AE003D379353A665
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df39f64e77786%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff22e64b88645e04%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline
Frame ID: F1703D6732C781CF91EA8E017581A1AB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CFAD2E5D7CBBFF1BF296BD6C887CB0F1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3B1D06BDA953E7E76373F5A9F221F8CA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Женский журнал IVONA

Page URL History Show full URLs

  1. http://ivona.ua/ HTTP 301
    https://ivona.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

327
Requests

88 %
HTTPS

31 %
IPv6

64
Domains

89
Subdomains

54
IPs

13
Countries

3411 kB
Transfer

7377 kB
Size

101
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ivona.ua/ HTTP 301
    https://ivona.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91
  • https://gaua.hit.gemius.pl/_1651982717051/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=275&lsdata=kDe6OsMo_LhOoBrvvJLepoM.jWY3LOQwe23yBYbdTpD.778EhQeTa7P7WnV5X9.erOEbwoBkoRKpNpWUdNEqNatIm0Xh/L.ThOjHIuFQUi/&fpdata=y.1lO3Vjr1RjfExku_A_e7glZTs6Pq4Uu_1iuKRw_Gv.27&vis=1&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1651982717051/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=275&lsdata=kDe6OsMo_LhOoBrvvJLepoM.jWY3LOQwe23yBYbdTpD.778EhQeTa7P7WnV5X9.erOEbwoBkoRKpNpWUdNEqNatIm0Xh/L.ThOjHIuFQUi/&fpdata=y.1lO3Vjr1RjfExku_A_e7glZTs6Pq4Uu_1iuKRw_Gv.27&vis=1&fpcap=
Request Chain 100
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=70cd728a-cbef-4ac2-9ace-32bba2377b1d&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=70cd728a-cbef-4ac2-9ace-32bba2377b1d&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=d43ed2f2-42b2-5280-ba6a-3b0bd81d7a76&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.mox.tv/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb HTTP 302
  • https://ad.mediawayss.com/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8= HTTP 302
  • https://ad.outstream.today/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw== HTTP 302
  • https://ad.adopx.net/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
  • https://ad.invamia.com/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
  • https://ad.vidverto.io/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=YWQudmlkdmVyLnRv HTTP 302
  • https://ad.vidver.to/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1&C=1
Request Chain 179
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YndBfsrfggpviMHbQYFmZgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1
Request Chain 180
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzlDvSX90rfVvOcq4DhfMI&google_cver=1
Request Chain 181
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwMzg5NjY1ODcyOTc4NzU5MQ%3D%3D
Request Chain 182
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1&C=1
Request Chain 183
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YndBfsrfggpviMHbQYFmbAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1
Request Chain 184
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzlDvSX90rfVvOcq4DhfMI&google_cver=1
Request Chain 185
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwMzg5NjY1ODcyOTc4NzU5MQ%3D%3D
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEENwLT_uymNr41_DDqkj6c4&google_cver=1
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEFIR0BUL6mrhaWK6t_iBANY&google_cver=1
Request Chain 190
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELg9cpxQumFES1JYDhg8OVA&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELg9cpxQumFES1JYDhg8OVA&google_cver=1&__user_check__=1&sync_id=129daeb6-ce84-11ec-9bdb-18c6427b0306
Request Chain 191
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=1294fe14-ce84-11ec-ac65-141922060206 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTI5NGZkZDktY2U4NC0xMWVjLWFjNjUtMTQxOTIyMDYwMjA2
Request Chain 192
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESED5I5AUkqeK2jD-xxGzOOt8&_origin=1&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED5I5AUkqeK2jD-xxGzOOt8&_origin=1&google_cver=1&apid=UP12873b28-ce84-11ec-a783-0283112e4064 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED5I5AUkqeK2jD-xxGzOOt8&_origin=1&google_cver=1&apid=UP12873b28-ce84-11ec-a783-0283112e4064&verify=true
Request Chain 193
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP12873b28-ce84-11ec-a783-0283112e4064 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP12873b28-ce84-11ec-a783-0283112e4064&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAxMjg3M2IyOC1jZTg0LTExZWMtYTc4My0wMjgzMTEyZTQwNjQ%3D
Request Chain 227
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL0A2Q6ABSVUv_FLkbCfdhF1k6KD-dras6PGKS6A6MrXRluBGvG-PBaNi8C7qj6UGP-EzGNI75L6H10zgISZp-JqjRk2Rb1&google_gid=CAESEDuWXp1m8E4Cp0CWomrzcrc&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL0A2Q6ABSVUv_FLkbCfdhF1k6KD-dras6PGKS6A6MrXRluBGvG-PBaNi8C7qj6UGP-EzGNI75L6H10zgISZp-JqjRk2Rb1&google_gid=CAESEDuWXp1m8E4Cp0CWomrzcrc&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MDgwNDA1MTkwMDAxNjM1NDc3NDE1OA%3D%3D&google_push=AYg5qPL0A2Q6ABSVUv_FLkbCfdhF1k6KD-dras6PGKS6A6MrXRluBGvG-PBaNi8C7qj6UGP-EzGNI75L6H10zgISZp-JqjRk2Rb1
Request Chain 230
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEA25N-0vqupF3Z5wO7ozRC0&google_cver=1&google_push=AYg5qPKHWgpv3WNVXbHBvdLQOMVpDhD817tS2yPKjMGXdbv9WcKtJKClwiq04rTuwWKSqejqbdHTet0KWh8v2HRb0RShZkXx4A4x HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEA25N-0vqupF3Z5wO7ozRC0&google_cver=1&google_push=AYg5qPKHWgpv3WNVXbHBvdLQOMVpDhD817tS2yPKjMGXdbv9WcKtJKClwiq04rTuwWKSqejqbdHTet0KWh8v2HRb0RShZkXx4A4x&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mdsYk9f4QB6NqLPWBYf68A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKHWgpv3WNVXbHBvdLQOMVpDhD817tS2yPKjMGXdbv9WcKtJKClwiq04rTuwWKSqejqbdHTet0KWh8v2HRb0RShZkXx4A4x
Request Chain 231
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDnA1yNQU5_pAfF3hxU8M_Q&google_cver=1&google_push=AYg5qPKlb5Q9PNPcoOoLsE0k2o2VBOAGys5mJ58etKlrLrGmiWxr3oFvD1YGHDNqGreQOPohmyYo_mIJkYM9XswWzbERhWDaNuUm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJXUlVWUEQtNy1NN0dX&google_push=AYg5qPKlb5Q9PNPcoOoLsE0k2o2VBOAGys5mJ58etKlrLrGmiWxr3oFvD1YGHDNqGreQOPohmyYo_mIJkYM9XswWzbERhWDaNuUm
Request Chain 232
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOOPSebpkh1sSRJA5EHDjl8&google_cver=1&google_push=AYg5qPJAwFqQ8W_YQn0QBGYbjxFTHwLLmdMOwSbkp_eSanhwGI9M0OX4lxd7GmnC1Vgs-RufyY_FutCumirU4OAs-xrZEFkDng4w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YndBfsrfggpviMHbQYFmZgAAB1IAAAAB&google_cver=1&google_push=AYg5qPJAwFqQ8W_YQn0QBGYbjxFTHwLLmdMOwSbkp_eSanhwGI9M0OX4lxd7GmnC1Vgs-RufyY_FutCumirU4OAs-xrZEFkDng4w&google_gid=CAESEOOPSebpkh1sSRJA5EHDjl8
Request Chain 237
  • https://um.simpli.fi/gp_match?google_gid=CAESEKQ-Dm-COQPwUPb-m79Pq4w&google_cver=1&google_push=AYg5qPL2lru5oXQIMLCLO43mwb3Uof_OQ0kmjhPfScw0Vt8n4O0SfeHURg9-ZnnIWbgxlH37xsXBkLkws8wFR9ZVu-ZGsakY8A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4795233297704EAFB9D7F94409BC51AE&google_push=AYg5qPL2lru5oXQIMLCLO43mwb3Uof_OQ0kmjhPfScw0Vt8n4O0SfeHURg9-ZnnIWbgxlH37xsXBkLkws8wFR9ZVu-ZGsakY8A
Request Chain 238
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHmW7ThEl2G8JLEaknM8jOk&google_cver=1&google_push=AYg5qPKBxZJTAxOm5IT3jnNMw3WvlVKHJyyGsd8iBI9x-QzZxFnaHVfnNJ9xUAb2mC_o60LjQHDKo9gg86YeKBWucEkehwPUzA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5NTIxMTc0NzM3ODEzMzEzOQ%3D%3D&google_push=AYg5qPKBxZJTAxOm5IT3jnNMw3WvlVKHJyyGsd8iBI9x-QzZxFnaHVfnNJ9xUAb2mC_o60LjQHDKo9gg86YeKBWucEkehwPUzA
Request Chain 239
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFS9GALllGOsbv-Hms6Gtr0&google_cver=1&google_push=AYg5qPLZ3eCdUxjoOv1WhLZ6NmcU5DcLRIu79qqBl0z5xeUDALBXefyFNcg8Adk93FoInpRt0GE8L_f14-98TYZKc7ZfcCkZ19Q HTTP 302
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=528bf83d-865f-4af7-a1fd-f247a8c667fb HTTP 302
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=528bf83d-865f-4af7-a1fd-f247a8c667fb HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=48b8b3b0-fb48-4fd6-86d3-b3826d87ab30&ssp=google&expires=30&user_group=5&bsw_param=528bf83d-865f-4af7-a1fd-f247a8c667fb HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK0XmCfdv3kA-QVx0w6eQ_ob7PvsS0TJB6jUpRLTmN4F1Rnkoc1I-WtIkZVAf7qvfCPGC4dk_Mcd-RceqgLwGqVA40wBgltRQ&google_hm=Uov4PYZfSveh_fJHqMZn-w==
Request Chain 241
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKILB07EsMF5FVaqOmS-UNM&google_cver=1&google_push=AYg5qPL9NGkd87_HbztFUlzBZxZOLmrJxpbujnG0Fk0Dp0chhfkmLtVSSj0YlvebME_I_uq9VTOP-GFUBMm5tTSSHl6r2BxzBqY HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKILB07EsMF5FVaqOmS-UNM&google_cver=1&google_push=AYg5qPL9NGkd87_HbztFUlzBZxZOLmrJxpbujnG0Fk0Dp0chhfkmLtVSSj0YlvebME_I_uq9VTOP-GFUBMm5tTSSHl6r2BxzBqY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY1NTAzNjY4MTM4ODgyNTAzOA&google_push=AYg5qPL9NGkd87_HbztFUlzBZxZOLmrJxpbujnG0Fk0Dp0chhfkmLtVSSj0YlvebME_I_uq9VTOP-GFUBMm5tTSSHl6r2BxzBqY
Request Chain 242
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEXV4s1auNxIdoBCYV0DgeE&google_cver=1&google_push=AYg5qPJLDpl8UYEMHpTfzagzxzkPFl73Op3abdjEVPFAjpvGQAlkCSum7_a-zxvAtKDzcETcOvw6T_qG_i0BniYpDVZm0qS37Fo HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPJLDpl8UYEMHpTfzagzxzkPFl73Op3abdjEVPFAjpvGQAlkCSum7_a-zxvAtKDzcETcOvw6T_qG_i0BniYpDVZm0qS37Fo&google_gid=CAESEEXV4s1auNxIdoBCYV0DgeE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjA3NTM2NjU3ODE2MzQyODE0MzAyNg%3D%3D&google_push=AYg5qPJLDpl8UYEMHpTfzagzxzkPFl73Op3abdjEVPFAjpvGQAlkCSum7_a-zxvAtKDzcETcOvw6T_qG_i0BniYpDVZm0qS37Fo
Request Chain 246
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKJoO3cgAZ7FpTG5iFoaNEE&google_cver=1&google_push=AYg5qPLWO0qWmbvVKffU4blQZRizwrQolM9u59ho_bcZhYZ-PUu0cjPsy0P_ZnPW1Ssiqz9iVfhpmcBrai40xNrXyvTxudp5NRtk HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKJoO3cgAZ7FpTG5iFoaNEE&google_cver=1&google_push=AYg5qPLWO0qWmbvVKffU4blQZRizwrQolM9u59ho_bcZhYZ-PUu0cjPsy0P_ZnPW1Ssiqz9iVfhpmcBrai40xNrXyvTxudp5NRtk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZzR4S0pvUVkxTk55YXk1&google_gid=CAESEKJoO3cgAZ7FpTG5iFoaNEE&google_cver=1&google_push=AYg5qPLWO0qWmbvVKffU4blQZRizwrQolM9u59ho_bcZhYZ-PUu0cjPsy0P_ZnPW1Ssiqz9iVfhpmcBrai40xNrXyvTxudp5NRtk
Request Chain 247
  • https://um.simpli.fi/gp_match?google_gid=CAESEGPRx83HtUaxvu9quln-6uA&google_cver=1&google_push=AYg5qPIokzV8CWNf6Tu2wWt3G6aUBtbqf8q4Z7Rea0t9XQ1B7iCRMHFZ6loqg1-Kb8HXZzBh5fwrh8WXFFmFpmjx5i3t-Hoe3IMnRQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AD62B334C4214F37BAFC13552BA0FA45&google_push=AYg5qPIokzV8CWNf6Tu2wWt3G6aUBtbqf8q4Z7Rea0t9XQ1B7iCRMHFZ6loqg1-Kb8HXZzBh5fwrh8WXFFmFpmjx5i3t-Hoe3IMnRQ
Request Chain 248
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENZ610xxbMjn_IUtsGW75u0&google_cver=1&google_push=AYg5qPK5dpjg1WdVCWeTah8D-hgWOXaLTZfU8Bcsujt8lncpW7AxPH5JanLtAfh06GuI2syyiNfbq5FXUc9NBq1opkOdmTkbHG_MDg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK5dpjg1WdVCWeTah8D-hgWOXaLTZfU8Bcsujt8lncpW7AxPH5JanLtAfh06GuI2syyiNfbq5FXUc9NBq1opkOdmTkbHG_MDg&google_hm=BesOEYP-QLey_AB9cDaXbWU
Request Chain 249
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAMOO6tPl3lefkSe9HQbnV8&google_cver=1&google_push=AYg5qPK0XmCfdv3kA-QVx0w6eQ_ob7PvsS0TJB6jUpRLTmN4F1Rnkoc1I-WtIkZVAf7qvfCPGC4dk_Mcd-RceqgLwGqVA40wBgltRQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK0XmCfdv3kA-QVx0w6eQ_ob7PvsS0TJB6jUpRLTmN4F1Rnkoc1I-WtIkZVAf7qvfCPGC4dk_Mcd-RceqgLwGqVA40wBgltRQ&google_hm=Uov4PYZfSveh_fJHqMZn-w==
Request Chain 250
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEASVeGcut9X3-K_Ghnu1qO0&google_cver=1&google_push=AYg5qPJEzWijrgXdCd9qo5MHpap3RkiKAK7L1tMEHfNYot9O42e8qY7Q3yJJNBbiFbuf9qxceHGWpzVaFUMpkNxj-L0XBO40mWnN4A HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEASVeGcut9X3-K_Ghnu1qO0&google_cver=1&google_push=AYg5qPJEzWijrgXdCd9qo5MHpap3RkiKAK7L1tMEHfNYot9O42e8qY7Q3yJJNBbiFbuf9qxceHGWpzVaFUMpkNxj-L0XBO40mWnN4A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2ODQzNTU5MTU3MjE5OTg3NQ&google_push=AYg5qPJEzWijrgXdCd9qo5MHpap3RkiKAK7L1tMEHfNYot9O42e8qY7Q3yJJNBbiFbuf9qxceHGWpzVaFUMpkNxj-L0XBO40mWnN4A
Request Chain 251
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH9ih6FRrUGYr1i-g-TkKe4&google_cver=1&google_push=AYg5qPIZxyYpjksJ8bjV7CWqiEF3IhYqSwfqOd2JUQ50tfWhRZlAuMDL3yoT2sLXFoG31zMtjPxkALg92iiX3hEgolip9Ii3Q7DTZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJXUlVWUUktUS0yVzRY&google_push=AYg5qPIZxyYpjksJ8bjV7CWqiEF3IhYqSwfqOd2JUQ50tfWhRZlAuMDL3yoT2sLXFoG31zMtjPxkALg92iiX3hEgolip9Ii3Q7DTZg
Request Chain 255
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO2_kpNOW0IG6arCn-3ZFLM&google_cver=1&google_push=AYg5qPKTmGSIRZ_RgtTYkPZsTwDFu5w12uO5jBFiQwO2419FYyeKEmJcO5B3akE2LN4DjD15p-FJsonNzvJw6vOMZYIWHNL1j_erWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKTmGSIRZ_RgtTYkPZsTwDFu5w12uO5jBFiQwO2419FYyeKEmJcO5B3akE2LN4DjD15p-FJsonNzvJw6vOMZYIWHNL1j_erWw
Request Chain 256
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPVlpD1YHtJCDeD-gy0Yc5U&google_cver=1&google_push=AYg5qPKlhpGbVbKNErPkPNMU5mAt8qylEF2-1o0BGe6Dch_vSiJWGmJQBHu-iovQ8GIQXSUWx3mtrD9lI8tVOts02TxKJe1N6PmEPg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKlhpGbVbKNErPkPNMU5mAt8qylEF2-1o0BGe6Dch_vSiJWGmJQBHu-iovQ8GIQXSUWx3mtrD9lI8tVOts02TxKJe1N6PmEPg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPVlpD1YHtJCDeD-gy0Yc5U&google_cver=1&google_push=AYg5qPKlhpGbVbKNErPkPNMU5mAt8qylEF2-1o0BGe6Dch_vSiJWGmJQBHu-iovQ8GIQXSUWx3mtrD9lI8tVOts02TxKJe1N6PmEPg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKlhpGbVbKNErPkPNMU5mAt8qylEF2-1o0BGe6Dch_vSiJWGmJQBHu-iovQ8GIQXSUWx3mtrD9lI8tVOts02TxKJe1N6PmEPg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 258
  • https://um.simpli.fi/gp_match?google_gid=CAESEERmnR8ItliSg3ZjLxsKvg8&google_cver=1&google_push=AYg5qPKJqWao1oy__39yfPXPj_3ZRdV4CgIlT6LbiyzbZUFkZwJ_2imbklKjVwsneB7_tKbjF4WnYHrW55CQCTqjdxn-rku9OgKyAw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=048856DC97BA4E43A9528C204FD0F8B2&google_push=AYg5qPKJqWao1oy__39yfPXPj_3ZRdV4CgIlT6LbiyzbZUFkZwJ_2imbklKjVwsneB7_tKbjF4WnYHrW55CQCTqjdxn-rku9OgKyAw
Request Chain 259
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMWbfPTiHBtIz_zaVrIgvzE&google_cver=1&google_push=AYg5qPK9AU5G4yY6jY4ouPKpv599UA3Q5R8Vhr8AC9Sqt6g5uFXUPHDYKKROw_PT_XToHmB7kANfzZLxD-GqdlkB4-H55evQBSqIyw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMWbfPTiHBtIz_zaVrIgvzE&google_cver=1&google_push=AYg5qPK9AU5G4yY6jY4ouPKpv599UA3Q5R8Vhr8AC9Sqt6g5uFXUPHDYKKROw_PT_XToHmB7kANfzZLxD-GqdlkB4-H55evQBSqIyw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FW7xJsoLT8W74xXWRapaNg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK9AU5G4yY6jY4ouPKpv599UA3Q5R8Vhr8AC9Sqt6g5uFXUPHDYKKROw_PT_XToHmB7kANfzZLxD-GqdlkB4-H55evQBSqIyw
Request Chain 260
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOfjJ53Qcrg49Nhqvxp-yIo&google_cver=1&google_push=AYg5qPIRDTRzHUDxFCCwvHZf4qlyHAvz3pXaxAerw-W0CpjYibHE-de9TAxwhoPKavmDDD2lN7qe7DUZ1yZQ2ibbA3Nbod_3zokVEw HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOfjJ53Qcrg49Nhqvxp-yIo&google_cver=1&google_push=AYg5qPIRDTRzHUDxFCCwvHZf4qlyHAvz3pXaxAerw-W0CpjYibHE-de9TAxwhoPKavmDDD2lN7qe7DUZ1yZQ2ibbA3Nbod_3zokVEw&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIRDTRzHUDxFCCwvHZf4qlyHAvz3pXaxAerw-W0CpjYibHE-de9TAxwhoPKavmDDD2lN7qe7DUZ1yZQ2ibbA3Nbod_3zokVEw&google_hm=Emq1qGZHvPr3UxO9SRO1okk3
Request Chain 261
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENpWxy0Yc5h2k0cVl2tYl7U&google_cver=1&google_push=AYg5qPLhL70x2TyMbMKN0CTmzehS1CA8EzYx4Pd7JjC8_7lWRxIkT9NLSupv18ywJpBBZ3AAICDns6AK9lRGuI-6DqlgEB0FdeErQw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPLhL70x2TyMbMKN0CTmzehS1CA8EzYx4Pd7JjC8_7lWRxIkT9NLSupv18ywJpBBZ3AAICDns6AK9lRGuI-6DqlgEB0FdeErQw HTTP 302
  • https://onetag-sys.com/sync/i,19/?google_error=5
Request Chain 312
  • https://www.facebook.com/v3.1/plugins/page.php?adapt_container_width=true&app_id=1797034293858937&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39f64e77786%26domain%3Divona.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fivona.ua%252Ff22e64b88645e04%26relation%3Dparent.parent&container_width=320&height=600&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FIvona.bigmir.net%2F&locale=uk_UA&sdk=joey&show_facepile=true&small_header=true&tabs=timeline HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df39f64e77786%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff22e64b88645e04%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline

327 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ivona.ua/
Redirect Chain
  • http://ivona.ua/
  • https://ivona.ua/
102 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
3fbfb06e63fa579fed72ece8aa20f93ff47ce40613d3e0e5a12326874e34ca5f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
274
cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 08 May 2022 04:02:55 GMT
server
nginx
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
x-amz-cf-id
JGDxUuVvtbdswKR37hn3-qHts0sAZmstZPvAZWiF89m3bws5EDly4Q==
x-amz-cf-pop
FRA56-C1
x-cache
Hit from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
183
Content-Type
text/html
Date
Sun, 08 May 2022 04:05:15 GMT
Location
https://ivona.ua/
Server
CloudFront
Via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
X-Amz-Cf-Id
NQHya0F1ltO37mjJf-Q190jr2RJsCdOQvIvARoYMz9KBYKOqEyVMZg==
X-Amz-Cf-Pop
FRA56-C1
X-Cache
Redirect from cloudfront
holder.js
i.holder.com.ua/t/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.holder.com.ua/t/holder.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
i1.i.ua
Software
nginx /
Resource Hash
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 08 May 2022 04:05:16 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2017 14:14:15 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Mon, 08 May 2023 04:05:16 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d2ef2d592f177d6008f995b944cda8c3111800e828e3aedb3919d22ce2e4755

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:57:48 GMT
server
nginx
etag
W/"626a813c-2c101"
x-cached-since
2022-05-08T04:01:36+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Thu, 05 May 2022 21:24:00 GMT
js
www.googletagmanager.com/gtag/ 		104 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-206274582-1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
080431b0d2ed7669bbdfb77ae3c5fbbca5f5c49e43f520c396d5f0f9ee5b7497
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40737
x-xss-protection
0
last-modified
Sun, 08 May 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 08 May 2022 04:05:16 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b8bc82efed6ab5687af2f31504453af4e229e4b8d88466534709dcc229070ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55909
x-xss-protection
0
server
cafe
etag
11981456512827260515
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 08 May 2022 04:05:16 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
015e4b567c96c225b5aa2fdb9990d4464bd60bf5611c41897e59ac1237b17b7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 08 May 2022 04:05:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 08 May 2022 04:05:16 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 08 May 2022 04:05:16 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 		56 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
286670
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10022
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-de0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TSNbx%2Br89Sj1c0jlgJUob3rYgILRjFmnuUx3do0BdSWPYoOZNZYKhuajXGFAfYuQ2ccWAGiofbOmNDZ49WKKc4NVA5U8cXqMpnTo7FNKvC%2FTugPFinOMm0XBMoQi%2Fl8eS%2BHOoueJAnIEbvJ4HdJqCeC4"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
707f50e85e4174c1-LHR
expires
Fri, 28 Apr 2023 04:05:16 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
602
age
6200254
cdn-cachedat
09/26/2021 18:03:36
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
2efedba6a02f47e646b20fbd043b4180
cf-ray
707f50e858e176e3-LHR
cdn-requestcountrycode
FR
cdn-status
200
cdn-requestpullsuccess
True
v10
ivona.ua/css/style.css/ 		77 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/css/style.css/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
2c87d3e2f818ba84a6d76a422499b997d743c05d936adfd84539290a8f0fec42

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:24 GMT
content-encoding
gzip
age
7576863
x-cache
Hit from cloudfront
last-modified
Wed, 09 Feb 2022 11:22:20 GMT
server
nginx
etag
W/"6203a3ec-13503"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
RHSa510mgGpvZxnuZWcn7_k_Qe4egaD2LmU09joUmnrSgwAMYnawJw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v10
ivona.ua/a-custom/custom.css/ 		970 B
829 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/a-custom/custom.css/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8c49566661e25a56098710ae7c23c306a8cd94bf3ac3614686aa7f9a3afb1c32

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:24 GMT
content-encoding
gzip
age
7576864
x-cache
Hit from cloudfront
last-modified
Mon, 11 Oct 2021 09:24:29 GMT
server
nginx
etag
W/"616402cd-3ca"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
p5jgAJ4nuQKJHw58mpbLpa4PFpPJPtElxpQ9XsMaCl-fga8v5AfMxg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
751505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VHL0h%2FculxB8AVWl1oju%2B10%2FL73fdY5fgK6n535iLnoOCfcR446aMoeCshZ5zQkixcVJR4qB6Ib7cOg%2F4NFbD%2F5Q2WSj7HXE2pXt%2BM%2BDJcRmXxfWsDRw8vWMHfUkKo2zhWBL4BDTDygpIQT8Vej6G5hA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
707f50e85e4474c1-LHR
expires
Fri, 28 Apr 2023 04:05:16 GMT
630x283.png
ivona.ua/img/ 		130 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/630x283.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7b4b07d23354c543dc43e161b5abe841f026ebaf1d53ac0cce0e3884b970f871

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 20:57:57 GMT
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
age
6419255
x-cache
Hit from cloudfront
content-length
130
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-82"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
61y_0GAFqtvb4YdEYyvU1ysAIwyZKp6mjfqj4Zv7WBrVwHbdQ_QMKA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
4x3.png
ivona.ua/img/ 		96 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/4x3.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a10e7064bf6a788c67304be2dacba454fca986a3bac0d0de71c79fb6a54bd1bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Mar 2022 22:23:13 GMT
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
age
4167754
x-cache
Hit from cloudfront
content-length
96
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-60"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
u7WM9wb8Jska8Q6Q3HT_wbhQ9R66zSTj0zZmIpI_He2XQHgGeriNUg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
882397
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6646
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UpkLJvA8Uw9syWXnYxyYBE46q0onY14rdaoxkjAH1bQshxRm9sdktSFfeD7hDBVFxQYIQk2WrAakfwA7PVLbz6j9%2F6MQ3qltnGtClQtcBsybQ%2BBcRCB05dXzseDCSclKVW9%2BvPl4UXhyberxr6m%2FVG%2Bk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
707f50ea1b164071-LHR
expires
Fri, 28 Apr 2023 04:05:16 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
7498304
cdn-cachedat
2021-08-02 21:50:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
9afd14f9e96ccd8371450da16c710442
cf-ray
707f50ea09d776e3-LHR
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
271869
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19249
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-10a9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e7WZ1qVy109bIJuyXPwRexS45nMjUa7cuWmL4IH4LtAP033i0sPiCqlDjZ8WwSNDv8HbtVPIs1eg46iLPs3rX%2FJWjZSjQa9fDeQM8T3B2ScPrpa24sHMtEmSJYiQ6U8kvMPGqPlgMCa9CUIS7ypsx4MQ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
707f50ea0f3d74c1-LHR
expires
Fri, 28 Apr 2023 04:05:16 GMT
lazyload.js
cdn.jsdelivr.net/npm/lazyload/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lazyload/lazyload.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23087
x-jsd-version
2.0.0-rc.2
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19156-FRA, cache-lcy19237-LCY
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=skGTjr9FdbCI7Cd%2B%2FbLCGt5vdaeeJ9tS3pQkyux9iX6l4bO%2FILrgypylHccvyLyT97NS8R2zXwWtFl4sB4uQ3hK4FyAvlkKT9XZmpKL3rUmDFDF5tjM2BL1BHIKw0nyXdjoF4P1o%2FCTTz7LKJwI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
707f50ea6d8d7698-LHR
v10
ivona.ua/js/theme-script.min.js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/js/theme-script.min.js/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6056ffc424715134bc8cb5583ce0af5e2bb6c2eb772550a0519e1afd163eb4d6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:25 GMT
content-encoding
gzip
age
7576863
x-cache
Hit from cloudfront
last-modified
Wed, 09 Feb 2022 11:22:20 GMT
server
nginx
etag
W/"6203a3ec-693"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
DDA2aSku_TEzKSgdYc3toTpPGgyuiiRHX7aGYythmZjFkavdRrMdcA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v10
ivona.ua/js/banner-index.js/ 		2 KB
806 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/js/banner-index.js/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
24b8dee038e42eb0a35f5f2250385a6e7821a0410a4c55f4afaab79dad56b470

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:23:48 GMT
content-encoding
gzip
age
3811327
x-cache
Hit from cloudfront
last-modified
Sat, 21 Aug 2021 13:24:17 GMT
server
nginx
etag
W/"6120fe81-725"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
fFmusG-DqSTHXDJlZFZ1H--8cy9Njvx_HGnUbyiQRVmS0MgFomMuLA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
article-stat-v2.js
ivona.ua/click/js/ 		976 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/click/js/article-stat-v2.js?8
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:07:29 GMT
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified
Mon, 29 Apr 2019 05:26:10 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
etag
"5cc68af2-3d0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
x-cache
Miss from cloudfront
accept-ranges
bytes
access-control-allow-headers
*
content-length
976
x-amz-cf-id
xYuq0e1CdGk5LJBiGOiWeSXouUBYnhJqt07a7k3DuN9iGJml1AabNQ==
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		1 KB
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2073892
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
591
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FA0aa0Y2nT%2B7by73MUbI79aDPXPRlL%2BUQJYsL10vnyqMVPoUsLZNNkqv3YmF8Fb4AuEccLBXq2wfKkZOyy8nrx20ITj9x4iVF3wDceZtRmyL1mP6MFfDMMFoQrzBr5HaOQ0MICZog3QVe%2Bn9cMMEsdeX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
707f50ea0f3e74c1-LHR
expires
Fri, 28 Apr 2023 04:05:16 GMT
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4437576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1339
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-eb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XXYIkbo%2Bij0CofkIKeM95szFZMQPFx4ZPBymEBgYEyk05x7HOnb5aDLrewHfMtapIO66AfdFvIugioVyHaJuNh6It9jNi7a0N6JRz41Cah632Cb1wSJpm%2FhYoAWY4RbxVzW65bVmnCS4aqw6HpCrSRSC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
707f50ea0f3f74c1-LHR
expires
Fri, 28 Apr 2023 04:05:16 GMT
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1270864
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1763
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1483"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ncZTa4izC%2BciDF5TPTCCiCg6yFdHMPhAnk%2FDCQQvvpmdCBnF2R9Bnr%2BgOY9ndk8SPerRoG%2BQe4VywaJwRxkPMif0lnuke%2FScWTkO7FTdjRef1b0Gp0xV4IpSC%2FOhoWqDB9qisarCAmdqqGjNTN3dAC80"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
707f50ea0f4074c1-LHR
expires
Fri, 28 Apr 2023 04:05:16 GMT
common.js
ivona.ua/click/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/click/js/common.js?1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:07:29 GMT
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
last-modified
Mon, 06 Jan 2020 10:11:50 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
etag
"5e1307e6-a00"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
x-cache
Miss from cloudfront
accept-ranges
bytes
access-control-allow-headers
*
content-length
2560
x-amz-cf-id
hNC6T2Yn7kaHnm1HpOx7pW161LMpaz-aNs9al6DXbhwaWdM_B2_Xcw==
xgemius.js
gaua.hit.gemius.pl/ 		43 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
gzip
last-modified
Thu, 21 Apr 2022 06:09:03 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
11715
expires
Sun, 08 May 2022 16:05:16 GMT
e.js
cdn.umh.ua/libs/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.umh.ua/libs/e.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block;
last-modified
Tue, 01 Mar 2022 15:54:34 GMT
server
nginx
etag
W/"621e41ba-16f4"
access-control-max-age
1728000
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER
expires
Mon, 09 May 2022 04:05:16 GMT
logo.png
ivona.ua/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/logo.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
2a5ffc4b5364d3c9b497b0358cec59b47658cdbb7455e840977d80dffcc4c37b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:26:19 GMT
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
age
21918917
x-cache
Hit from cloudfront
content-length
1326
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-52e"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
zg6w53CylMSwHyFVcXvoJODr2VqTMfghDzSj-HeKFYHidufifpNm9Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
sitename.png
ivona.ua/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/sitename.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ca18a695aa649c8be202136c7e83fe201f90b7c3391d45fbe971689d9bb3ebcd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 00:23:06 GMT
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
age
12022789
x-cache
Hit from cloudfront
content-length
1058
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-422"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
ZI0WM1nRzv2lpGlFe38TH1BRs7EouAXBKmVN6DVP6tZ_SDTr3Ot-xA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 04 May 2022 20:48:04 GMT
x-content-type-options
nosniff
age
285432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 20:48:04 GMT
search_icon.png
ivona.ua/img/ 		253 B
700 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/search_icon.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7a3e2211e9bf114d049bb17ffdab66a889f20a55770d462a3136b573e23c439c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 05 Mar 2022 01:51:50 GMT
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
age
5537605
x-cache
Hit from cloudfront
content-length
253
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-fd"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
2LvmmTE_IYD2BbUvvuilBrBOTio-JXcVdm0qc6yfXi3D9tk-DR8yJA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 04 May 2022 23:35:30 GMT
x-content-type-options
nosniff
age
275386
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29928
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 23:35:30 GMT
jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 04 May 2022 23:33:27 GMT
x-content-type-options
nosniff
age
275509
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28444
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:45:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 23:33:27 GMT
sdk.js
connect.facebook.net/uk_UA/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa3acc2c005d6a53519d71912ebd1d465039dcb920d52dfa93a14b5f3a289763
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
GGa7wyONcoKWwLXT+hdMdA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Sun, 08 May 2022 04:09:07 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
9F86eKII8+ty+249Jv8n/4IEH+sHg+yMokS7zVwJd0fCBR0kTN06H/aoar2d/lJJB1xGK1C0VR0FxH0QR5uNbw==
x-fb-trip-id
917726464
x-fb-content-md5
7136282a3246bd9162db4f3cb365dbf5
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Sun, 08 May 2022 04:05:16 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"7e29da2b247ae88a7be46215b3371491"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
arrows.png
ivona.ua/img/ 		562 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/arrows.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e0aa33565d329e1218a6d190b0aa8c20e73d637429df09713949330e4632d7cd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:26:19 GMT
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
age
21918917
x-cache
Hit from cloudfront
content-length
562
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-232"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
OXCh07pCPmuOVtoCEsQAl3Y6zaPxPumaznSmMnFkYhXM69OFJh-HIg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
bigmir_logo.svg
ivona.ua/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/bigmir_logo.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
33ba16e1b1d8a7bd9b5fd855dbe3db459460d39b818944c98fa56efc03d04070

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 15:48:31 GMT
content-encoding
gzip
age
17583250
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
W/"60fc3da0-d2d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
Ee-t6GfMIvM1QEEc40ujAD2bRdzPtnW4vRKmrbbA6QyLYzAW8Qz_lg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
185548
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75728
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-127d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dWDfMW2u73YAVIWSnO%2BUKb9c7%2FQMnU7cXMot6rLIVxnh29cy3QAeIlkoVZNL448Mecx%2Bx1V6ddV574afDkYe58KuN6UN%2FhoQKeoeprkl2jHMaQWE8cvDGnqbMLuChD1knOIiKlC%2BobZrLs1XDxSrdPbg"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
707f50ea5b394071-LHR
expires
Fri, 28 Apr 2023 04:05:16 GMT
load
z.cdn.umh.ua/ 		42 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1817662902&div=zone_1817662902&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=711&pl=3&mi=4&me=8&hc=4&n=1651982716617&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2275286253
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
7b8e36274e8930a38a94c85117c749376c2a1d7a219fe1558e2a58dd39e9e1dd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:16 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/ 		42 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=2096059570&div=zone_2096059570&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=711&pl=3&mi=4&me=8&hc=4&n=1651982716617&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2275286253
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
258648f036b2724ed8b9868d5e04d05d6f76b6a9aed313da504c76e436a127c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:16 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/ 		42 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1604070069&div=zone_1604070069&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=711&pl=3&mi=4&me=8&hc=4&n=1651982716617&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2275286253
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e09b2dd8838df37e9abab83c276821dce1d4484bf03e0b2d6bdea6a454e8657d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:16 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/ 		57 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=2068016217&div=zone_2068016217&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=711&pl=3&mi=4&me=8&hc=4&n=1651982716617&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2275286253
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
b6ce302111de6cc0467e584ea54cd79e186e2c2d2872c1809ff7548ed750ce96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:16 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
57
expires
-1
load
z.cdn.umh.ua/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1451965891&div=zone_1451965891&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=711&pl=3&mi=4&me=8&hc=4&n=1651982716617&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2275286253
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
f422efe56fd00e94c49dfbad74dfd0a73e72dcdc632da922b401115b25c6fe67

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
701
expires
-1
load
z.cdn.umh.ua/ 		57 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1217097366&div=zone_1217097366&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=711&pl=3&mi=4&me=8&hc=4&n=1651982716617&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2275286253
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
c30b014e3192d3d0d52b07e96b08e53ae72996798717bd8a46eeecfb353e7f16

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:16 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
57
expires
-1
load
z.cdn.umh.ua/ 		42 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1320962835&div=zone_1320962835&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=711&pl=3&mi=4&me=8&hc=4&n=1651982716617&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2275286253
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
813e00e93ee3876232674bfb1e27eebbeebc4a9494fbe02aff87c00aa6834ee9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:16 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1579786519&div=zone_1579786519&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=711&pl=3&mi=4&me=8&hc=4&n=1651982716617&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2275286253
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
4743c6992e1e6c3e4f51231f76d888109fd6c73d443226688e0f1b48b84158d5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
915
expires
-1
load
z.cdn.umh.ua/ 		75 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1966145486&div=zone_1966145486&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=711&pl=3&mi=4&me=8&hc=4&n=1651982716617&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2275286253
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
0c816db78c9677581e1a5944e4822496ff397e2fdba0df34a2f809b49562f3cf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:16 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
load
z.cdn.umh.ua/ 		1 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1424319715&div=zone_1424319715&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=711&pl=3&mi=4&me=8&hc=4&n=1651982716617&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2275286253
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
c65e72277456100de4e033cd12dd87cbf0e10a47d68af7d198689dffbc76f66a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
792
expires
-1
add-view
ivona.ua/click/articles/stat/ 		39 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/click/articles/stat/add-view?cid=6&site=ivona&aid=5255288&0.3518921517276823
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
98b2cf187a1b22f55c63f13408c83865d0377b181768439c7d118b5f7edbcd53

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ivona.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 08 May 2022 04:07:29 GMT
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ivona.ua
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
*
x-amz-cf-id
ZTq1bVGV_8E-_nACyFs_ZBdO6oNVW16yUUTBeUP9anEwSfaIjWkEmw==
z
s.zmctrack.net/ Frame CF07 		50 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
7a00f8e4f124e4cd2b5c64004c37469fbaed0be5d0b2624e1b6977178985e458

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23352
expires
Thu, 01 Jan 1970 00:00:01 GMT
sdk.js
connect.facebook.net/uk_UA/ 		289 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js?hash=9f60dd423d87d8eb51b21ff34c8c9a85
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
56f472a78bb26cb01bac9a695e9b30e89b87f5e070b51532992f037b2d20fcb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5xy9UOTtU90irRH0FY5XiA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84817
x-fb-rlafr
0
x-fb-debug
LV/jUanLJb2rMre/koTuLm4n1iLe+Jw4nGOF8Sx6DfI9lMA1ZlGymmnqwce0USosHqPUaaiYs8zcpUCC9sL2OA==
x-fb-content-md5
ebee86e1baab0eb99fd7efe69d5186bb
x-frame-options
DENY
date
Sun, 08 May 2022 04:05:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"590869bb54aa98176e5e42750d71fc8a"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 08 May 2023 02:49:21 GMT
8cc1c81c63271da80ce6f06273a5f48d-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
i.ivona.ua/i/62/95/92/9/6295929/image_main/ 		160 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/95/92/9/6295929/image_main/8cc1c81c63271da80ce6f06273a5f48d-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
586d7b4b743133e06789ce98a3a49ebbf23f1e002279438c2e377b541b93ede9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 16:37:20 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Sat, 07 May 2022 16:21:19 GMT
server
AmazonS3
age
41277
etag
"eaa9014b5dea8d54f54098a8250d6a4d"
x-cache
Hit from cloudfront
x-amz-version-id
cj6VtC0MxfKDyD0xb0D5Ruk9SMNjXzJS
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
163681
x-amz-cf-id
wm2Nob5FmVLgtZ48ztDxI-no4KbYA7lTFpUfzSJTDesIJz166jjEkw==
8cc1c81c63271da80ce6f06273a5f48d-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/95/92/9/6295929/image_main/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/95/92/9/6295929/image_main/8cc1c81c63271da80ce6f06273a5f48d-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
889627c3043f5e9bca49c89c75505b33ac7cd36cba8a4bc8a6861daca3c93290

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 16:46:15 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Sat, 07 May 2022 16:23:24 GMT
server
AmazonS3
age
40742
etag
"54eb5f988c8ad1c39bf830f61f5d138f"
x-cache
Hit from cloudfront
x-amz-version-id
2nNpkBsPQk4OVkzM5QmRHrOYCeySvKG_
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
6925
x-amz-cf-id
m_uDvW4MyCBQm5KkXiMRWRkM224ZBPKDbtN_26qAsW7rRNIgLTqoJw==
dd58b8522fe8bfa6761e8fb43bebd8fc-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/54/46/68/1/5446681/image_main/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/54/46/68/1/5446681/image_main/dd58b8522fe8bfa6761e8fb43bebd8fc-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fbdae4a5e845acb71cabb54e61f38111822ad317b5c3d66ac29f90dd8a04e5ad

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 15:39:55 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Sat, 07 May 2022 15:25:30 GMT
server
AmazonS3
age
44722
etag
"5ca8874e2a87a8d91bc00f2c4ee31a01"
x-cache
Hit from cloudfront
x-amz-version-id
UgpPOdrvcLN.cdxTjszPDSaVSvSNrwyE
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
9437
x-amz-cf-id
JKau1soDZr6J0IB0gaWQsQX0YbKTyVFpP4rMU9iojHq4M0pbRwxa5A==
58333baae0110ff8f66b8e161f59e972-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/54/23/22/4/5423224/image_main/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/54/23/22/4/5423224/image_main/58333baae0110ff8f66b8e161f59e972-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d69048ad742259a1dc28fad3bd232ae0098b2f64b9e9e4183b4abe6cc3749a71

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 15:00:54 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Sat, 07 May 2022 14:50:05 GMT
server
AmazonS3
age
47063
etag
"7f352629aa045322d41b3b341e13303a"
x-cache
Hit from cloudfront
x-amz-version-id
23BGzSa3jREYCNXgmeou.N1IiRrSkXmH
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
9367
x-amz-cf-id
MbZot40pdTaL1CRc1mX9KjlaZucj_YhE9JhZXMJP89A-FRoamdmf4Q==
e2b91f55d16127564684ee70964b4c34-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/95/94/4/6295944/image_main/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/95/94/4/6295944/image_main/e2b91f55d16127564684ee70964b4c34-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18b6670e07249a713ae14f473537778fa319942a3eaabaf1534fe186910f5ec4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 13:39:09 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Sat, 07 May 2022 13:08:09 GMT
server
AmazonS3
age
51968
etag
"8a40e7028c50395b1cf3a259f9e24caa"
x-cache
Hit from cloudfront
x-amz-version-id
qicWmwHmIn2dpUWXV73paYYPa4vvmDaG
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
52841
x-amz-cf-id
DIfzb8SSN8sEMSWgJUmS7dIJ7E70NFaCwzWc5XtiR8lQJP4siJL61A==
e2b91f55d16127564684ee70964b4c34-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/95/94/4/6295944/image_main/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/95/94/4/6295944/image_main/e2b91f55d16127564684ee70964b4c34-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e9f925476cd82f39e2183a6765ff68e02fbfba3b0c30846e8564e7440b7c002

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 13:22:33 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Sat, 07 May 2022 13:08:12 GMT
server
AmazonS3
age
52964
etag
"7172dd4ecbe769be80addc09167346fb"
x-cache
Hit from cloudfront
x-amz-version-id
KCwuY8TUD4zemcJs2liY0JRQm1jvDmal
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
58071
x-amz-cf-id
8sqYyi6xxrFhL9cwqogkf8DScNmAqg8Mny3-cQCq8ekNu-eH6GDWZg==
763e5ea40ed4e50a0908c1acbc15d165-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/54/46/57/9/5446579/image_main/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/54/46/57/9/5446579/image_main/763e5ea40ed4e50a0908c1acbc15d165-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f8e48919c1f242f07f5a269245622483a7fc806b79339601356ded6c0021b9a4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 13:49:24 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Sat, 07 May 2022 13:45:48 GMT
server
AmazonS3
age
51353
etag
"4c88c615b3f27757bab336133ecda20e"
x-cache
Hit from cloudfront
x-amz-version-id
T7XKIuCSz5FbO92JJgwc.EmISdZudCHs
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
12398
x-amz-cf-id
zZ3yoAXJMo_7qdEciAJnpz-SJ3yARtQreKJ5Hi0mqhHblHQTknNPog==
ef450e0449d3f5595459e72cd815493a-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/54/46/96/1/5446961/image_main/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/54/46/96/1/5446961/image_main/ef450e0449d3f5595459e72cd815493a-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d46d546adb8eb4f0e1c016bf923e54b4602e57409e473ac32a8a2c14ed2cc06d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 09:59:59 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Sat, 07 May 2022 09:49:36 GMT
server
AmazonS3
age
65118
etag
"382d759c11d02cb7066120cc174a7bc8"
x-cache
Hit from cloudfront
x-amz-version-id
r_WC8kSG0o9j8WhSawS0JRXFPGcdk3HA
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
12579
x-amz-cf-id
3IDhXA2R96DjDmPu_s-HOQRLpcl-g8XF5kaHhtJYG18ebppJFTjBpw==
81400f4236b9246928eef20ccb464882-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/95/46/6/6295466/image_main/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/95/46/6/6295466/image_main/81400f4236b9246928eef20ccb464882-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2398bf1724098cd83c9183e68a382ec695bea12a4fb51db4e79c8c1c9b8aa312

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 07:09:00 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Sat, 07 May 2022 07:08:59 GMT
server
AmazonS3
age
75377
etag
"59a9351613aa3aafeb67bcb7888a4278"
x-cache
Hit from cloudfront
x-amz-version-id
xVCmH8Fgl6XVIjKP8PG5rFAM.FYf_Qo6
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
19157
x-amz-cf-id
hMWomPQExUF2vXr3x6djawmiLRgdNqAoxef929ToABlH5ioma-Fmig==
bb70a58d99d0bbeb7f166e8a538f7ff7-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/54/29/62/2/5429622/image_main/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/54/29/62/2/5429622/image_main/bb70a58d99d0bbeb7f166e8a538f7ff7-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ab5749bdc8f7d93af52475e10351459bea68841c0bc9c498ba716497eb77f539

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 06 May 2022 13:17:09 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 13:12:25 GMT
server
AmazonS3
age
139688
etag
"caf16fa47a8434df3b944a100392c01c"
x-cache
Hit from cloudfront
x-amz-version-id
Ud0uHnhrVHBmfo5Knr5j2IqWuFf_FPmX
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
8994
x-amz-cf-id
sDRkZR_eoGnSB6afO22V2IGzMlfGPXl2kveA31Q4jCEiem14qqiQ9Q==
aa71a3ec6adfdb9dba5dd3d31a23c47f-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/54/21/34/6/5421346/image_main/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/54/21/34/6/5421346/image_main/aa71a3ec6adfdb9dba5dd3d31a23c47f-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bd01542a1cf26a2e3c0ae28b4fd11fe33bd63cca61bf55243c2008e30aec925

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 06 May 2022 08:52:51 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 08:40:11 GMT
server
AmazonS3
age
155546
etag
"9ef7cfde6c9ed3643f98031c13bd2ea7"
x-cache
Hit from cloudfront
x-amz-version-id
GcK2sj4KwLq0FDJfhTOmlNqPkglnLL4g
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
6791
x-amz-cf-id
y425p-4S82XpagS_zt7KKSquNl1QhVT-7WNbk9TuMqQpr7vYzOEEzA==
20609ab1f1f2c43f7195e3a7de3c4738-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/94/39/7/6294397/image_main/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/94/39/7/6294397/image_main/20609ab1f1f2c43f7195e3a7de3c4738-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1d6da5b2d9dcb7f54dd07bd3ccd7b3fb8620b679c6923378f79604285f9dd346

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 15:52:53 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Thu, 05 May 2022 15:38:39 GMT
server
AmazonS3
age
216744
etag
"c7ca3f120fce1f2746b2eaebb1a9a399"
x-cache
Hit from cloudfront
x-amz-version-id
9o.oq.2qzW8IAUpQCCjWM33XJSjtZlae
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
17689
x-amz-cf-id
CglLPP9CjXdKVshyXROFRiOOvNpZJNYAXe5yvRprbjsgdcT8ZH2Ktw==
a80e8af678cbdc172692c4f0f4f95bac-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/54/19/93/6/5419936/image_main/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/54/19/93/6/5419936/image_main/a80e8af678cbdc172692c4f0f4f95bac-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8d7832681fefe96364c5125961411b92444f84368fe0c6097c4ebe2777c831d8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 14:11:49 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Thu, 05 May 2022 14:10:52 GMT
server
AmazonS3
age
222808
etag
"1a65fd1a69a18570cec9c586ecdb3079"
x-cache
Hit from cloudfront
x-amz-version-id
RdttM2Opj6wnuNVQb9gsw4UjCeUkZN_o
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
10150
x-amz-cf-id
XXasYFu4rRvkaNQvJB5LWmSVvnhiAHzDj5iqWevettMzCXstt7bxrA==
1cb1e36b542e5d4f33cc16392c7d26d3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/52/82/21/1/5282211/image_main/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/52/82/21/1/5282211/image_main/1cb1e36b542e5d4f33cc16392c7d26d3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caa6ff303a43dc709e7cdc38637d434ba077374a0ed8e06f7fe30c89dcbbb338

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 02 May 2022 11:40:46 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Mon, 02 May 2022 11:31:05 GMT
server
AmazonS3
age
491070
etag
"683f1d1c1c8c0406e978d271593f9a7f"
x-cache
Hit from cloudfront
x-amz-version-id
BC_s4xQqEjyulcGDg_2gRJm6qBT3FQlR
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
12018
x-amz-cf-id
ooNHV85NGeu_mVg7TD4V3UPliwXcHtZE0ICjaVk2FZZy42-OWsTasw==
c9b16722369823ced3c878a162ecd9da-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/54/09/94/6/5409946/image_main/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/54/09/94/6/5409946/image_main/c9b16722369823ced3c878a162ecd9da-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
607a088bcfabb3c9f9913512a27c9e600869e4b7f9730ee06ec54747f8870e53

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 03 May 2022 16:17:24 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Tue, 03 May 2022 16:10:52 GMT
server
AmazonS3
age
388072
etag
"cc51ac4c829b07ef294d190c84b3f1e3"
x-cache
Hit from cloudfront
x-amz-version-id
lJsj7PzJFP3i7vCZwd5ODsgjKBk3Y.kB
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
6317
x-amz-cf-id
lFTydGZcKdbDQXcWldKUsRDtk5kTRUos7D6kqgUUiqKxDoOA4mUkIA==
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/ 		308 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067426
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14bda2a65f2a9a08295f65b3aac194f99614522a6cdf8b95ce0d9b629332644c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112622
x-xss-protection
0
server
cafe
etag
3791103371209486309
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 08 May 2022 04:05:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/ Frame 5DE7 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
47003
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4421
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 15:01:53 GMT
etag
1428802124239944296
expires
Sat, 21 May 2022 15:01:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-206274582-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6367
date
Sun, 08 May 2022 02:19:09 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 08 May 2022 04:19:09 GMT
mwayss_invocation.min.js
ad.mediawayss.com/ad/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mediawayss.com/ad/mwayss_invocation.min.js?pzoneid=1022&height=250&width=300&tld=ivona.bigmir.net&ctype=div&ch=ivona.bigmir.net
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1451965891&div=zone_1451965891&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=711&pl=3&mi=4&me=8&hc=4&n=1651982716617&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2275286253
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
s
h.holder.com.ua/ 		730 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b8655&c1&r82720310&dholder1817662902&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
bc1488787d3cf709f889ff69ac672838198868852d9a7a6ae5bf3cd2f3ec6786

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:17 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
730
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s
h.holder.com.ua/ 		735 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b8656&c1&r82720310&dholder2096059570&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
897df19b5abf52d0fe3f004ab86b862b587a72ce3bb06565eb17556a6767bab1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:17 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
735
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s
h.holder.com.ua/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&bholder_320x100_4084&c1&r82720310&dholder1217097366&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 08 May 2022 04:05:17 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
s
h.holder.com.ua/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&bholder_320x100_5759&c1&r82720310&dholder2068016217&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 08 May 2022 04:05:17 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
s
h.holder.com.ua/ 		817 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b8654&c1&r82720310&dholder1604070069&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
abecbd5e11f3f3dab2178ecff1946d64faad970349f64134d385171c18d6f419

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:17 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
817
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fpdata.js
gaua.hit.gemius.pl/ 		277 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=ivona.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
fbbbfa131cfc336e66492225585abaaa19e3ce31e2329a4738d2e9e0446ac8bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
277
expires
Tue, 07 Jun 2022 04:05:16 GMT
lsget.html
ls.hit.gemius.pl/ Frame 88C1 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
145.239.237.56 , France, ASN16276 (OVH, FR),
Reverse DNS
ip56.ip-145-239-237.eu
Software
GHC /
Resource Hash
211f7410704189d6e68894621ca2adf74d6b81a093c23491790aa77f87f805d3

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2722
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 04:05:16 GMT
etag
PRIVATE7520710249
expires
Tue, 07 Jun 2022 04:05:16 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
mwayss_invocation.min.js
ad.mox.tv/mox/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1424319715&div=zone_1424319715&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=711&pl=3&mi=4&me=8&hc=4&n=1651982716617&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2275286253
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 08 May 2022 05:05:16 GMT
mwayss_invocation.min.js
ad.mediawayss.com/ad/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mediawayss.com/ad/mwayss_invocation.min.js?pzoneid=1023&height=90&width=728&tld=ivona.bigmir.net&ctype=div&ch=ivona.bigmir.net
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1579786519&div=zone_1579786519&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=711&pl=3&mi=4&me=8&hc=4&n=1651982716617&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2275286253
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b2718&c1&r82720310&dholder1320962835&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 08 May 2022 04:05:17 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
c.html
cdn.admixer.net/scripts3/45890/ Frame 8FAA 		738 B
485 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 08 May 2022 04:05:16 GMT
etag
W/"626a814d-2e2"
expires
Sat, 06 May 2023 20:55:02 GMT
last-modified
Thu, 28 Apr 2022 11:58:05 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-05T20:55:02+00:00
x-id
fr5-up-gc36
376cef9bc739cb759b1b.b.js
cdn.admixer.net/scripts3/45890/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/376cef9bc739cb759b1b.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:57:56 GMT
server
nginx
etag
W/"626a8144-5d41"
vary
Accept-Encoding
x-cached-since
2022-05-06T10:26:16+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 07 May 2023 10:26:16 GMT
8fa10895f61293c9aa16.b.js
cdn.admixer.net/scripts3/45890/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/8fa10895f61293c9aa16.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Sun, 08 May 2022 04:05:16 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:58:01 GMT
server
nginx
etag
W/"626a8149-12a41"
vary
Accept-Encoding
x-cached-since
2022-05-05T20:55:01+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 06 May 2023 20:55:01 GMT
c.html
cdn.admixer.net/scripts3/45890/ Frame 2E49 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/c.html?b=45890
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 08 May 2022 04:05:16 GMT
etag
W/"626a814d-2e2"
expires
Sat, 06 May 2023 20:55:02 GMT
last-modified
Thu, 28 Apr 2022 11:58:05 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-05T20:55:02+00:00
x-id
fr5-up-gc36
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1797034293858937&ev=fb_page_view&dl=https%3A%2F%2Fivona.ua%2F&rl=&if=false&ts=1651982716867&sw=1600&sh=1200&at=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sun, 08 May 2022 04:05:17 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1751639858&t=pageview&_s=1&dl=https%3A%2F%2Fivona.ua%2F&ul=en-us&de=UTF-8&dt=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1576011461&gjid=252342389&cid=697972760.1651982717&tid=UA-206274582-1&_gid=1489439959.1651982717&_r=1&gtm=2ou540&z=420559874
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:17 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		212 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ivona.ua&callback=_gfp_s_&client=ca-pub-3755662197386269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
de020618ba00c1a723cf7ce18fade73ea0ee4c5ddc05d6eaf9ccea87ebaf6cf6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:811::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067426
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DE5C 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1651982716&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fivona.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651982716717&bpp=2&bdt=588&idt=244&shv=r20220504&mjsv=m202205030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6831742848696&frm=20&pv=2&ga_vid=697972760.1651982717&ga_sid=1651982717&ga_hid=1751639858&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067426%2C31067419%2C31064019&oid=2&pvsid=3789903359041081&pem=928&tmod=1477635949&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=261
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 04:05:17 GMT
expires
Sun, 08 May 2022 04:05:17 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
loadercdn.net/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=ac7326742cf21b05&d=ivona.ua
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 May 2022 04:05:17 GMT
server
openresty
dsp.aspx
inv-nets.admixer.net/ 		222 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=9881435348891810&cpv=754e79c7-f9ca-10e0-bbbf-bce37b1bcc99&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22e828be2c-c074-90cf-ea53-ed8449f3b0c7%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22389b1536-783f-ec12-55f1-d62a6a0a1a8f%22%2C%22tagid%22%3A%22d9675bdf-cf85-4051-92db-9ca047f83379%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1966145486%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
d2b4784c4c5222aeeb8184754ecf53fadbf0d75d3d633ef473b222afd955b766
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 08 May 2022 04:05:17 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
202
X-Xss-Protection
0
collect
stats.g.doubleclick.net/j/ 		7 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-206274582-1&cid=697972760.1651982717&jid=1576011461&gjid=252342389&_gid=1489439959.1651982717&_u=YEBAAUAAAAAAAC~&z=1488978708
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 08 May 2022 04:05:17 GMT
content-type
text/plain
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
impress
ad.mox.tv/delivery/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=ivona.ua&top_url=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&url=https%3A%2F%2Fivona.ua%2F&referrer=&async=1&uid=898123828
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
08a17ca9bcfece46e069e7a74d3b5bddbd1c7cd254b11f32311baee1c1919ca9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://ivona.ua
date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
rexdot.js
gaua.hit.gemius.pl/__/_1651982717051/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1651982717051/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F...
  • https://gaua.hit.gemius.pl/__/_1651982717051/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua...
169 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1651982717051/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=275&lsdata=kDe6OsMo_LhOoBrvvJLepoM.jWY3LOQwe23yBYbdTpD.778EhQeTa7P7WnV5X9.erOEbwoBkoRKpNpWUdNEqNatIm0Xh/L.ThOjHIuFQUi/&fpdata=y.1lO3Vjr1RjfExku_A_e7glZTs6Pq4Uu_1iuKRw_Gv.27&vis=1&fpcap=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
9ff109c4e57422f8a036056b925a05bda1bb347a7ad921a1911f8975afa91c4b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:17 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Sat, 07 May 2022 04:05:17 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:17 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1651982717051/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=275&lsdata=kDe6OsMo_LhOoBrvvJLepoM.jWY3LOQwe23yBYbdTpD.778EhQeTa7P7WnV5X9.erOEbwoBkoRKpNpWUdNEqNatIm0Xh/L.ThOjHIuFQUi/&fpdata=y.1lO3Vjr1RjfExku_A_e7glZTs6Pq4Uu_1iuKRw_Gv.27&vis=1&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sat, 07 May 2022 04:05:17 GMT
swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
14754128
fly-request-id
01FMS6VCG2E8X0SJ6H4WAGRB2A
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
707f50eeaa5906fd-LHR
achernar.min.js
ad.mox.tv/js/achernar/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/achernar.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 14:47:09 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6213a5ed-2b1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 08 May 2022 05:05:17 GMT
prebid.js
ad.mox.tv/js/achernar/ 		237 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/prebid.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
last-modified
Fri, 22 Apr 2022 10:13:13 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62627fb9-3b3ea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 08 May 2022 05:05:17 GMT
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7ce75b11f8c0a2820306e881c1764088d16e4e73e52b94572ab9c668440396da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28416
x-xss-protection
0
server
sffe
etag
"1208 / 529 of 1000 / last-modified: 1651874797"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 08 May 2022 04:05:17 GMT
swiper-bundle.min.js
unpkg.com/swiper@7.3.0/ 		132 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
14754076
fly-request-id
01FMS6WYRTSGJY5T8FNF1KVJRP
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
707f50eeaa5a06fd-LHR
mwayss_invocation.min.css
ad.mox.tv/mox/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-a0a"
vary
Accept-Encoding
content-type
text/css
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 		35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
magic.png
bgstats.mox.tv/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
sync
ad.vidver.to/delivery/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=70cd728a-cbef-4ac2-9ace-32bba2377b1d&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=70cd728a-cbef-4ac2-9ace-32bba2377b1d&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=d43ed2f2-42b2-5280-ba6a-3b0bd81d7a76&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://ad.mox.tv/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb
  • https://ad.mediawayss.com/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
  • https://ad.outstream.today/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
  • https://ad.adopx.net/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG...
  • https://ad.invamia.com/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVy...
  • https://ad.vidverto.io/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=YWQudmlkdmVyLnRv
  • https://ad.vidver.to/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=
0
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ad.vidver.to/delivery/sync?userid=528bf83d-865f-4af7-a1fd-f247a8c667fb&inner_redirect=1&inner_uuid=70cd728a-cbef-4ac2-9ace-32bba2377b1d&redirect_host_list=
date
Sun, 08 May 2022 04:05:18 GMT
server
nginx/1.14.0 (Ubuntu)
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
/
exchange.informer.ua/informer/stat/ Frame 3791 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.informer.ua/informer/stat/?s=kolobok
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b8656&c1&r82720310&dholder2096059570&hhttps%3A//ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 / PHP/7.1.17
Resource Hash
e33fcd75e8f23bd4e15ab2082cc106c6ed8c6a6c491b11280d8df7818afb585d

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 08 May 2022 04:07:40 GMT
server
nginx/1.12.2
vary
Accept-Encoding
x-powered-by
PHP/7.1.17
cmeter_an.js
source.mmi.bemobile.ua/cm/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://source.mmi.bemobile.ua/cm/cmeter_an.js
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b8656&c1&r82720310&dholder2096059570&hhttps%3A//ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 07:55:53 GMT
server
nginx/1.13.0
etag
W/"5dc27c89-2699"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
expires
Thu, 07 Nov 2019 07:55:53 GMT
ivona.bigmir.net.1211636.js
jsc.idealmedia.io/i/v/ 		2 KB
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be705c134d98e7a215275e82ed9d928f4361b65143517f9809ae1c9e113eeb42

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
HE655RZ23S8GSHXC
cf-ray
707f50eecf7d8861-LHR
content-length
746
x-amz-id-2
cIDuB0E7Bs0NFb2jfyEysDuk5glQz11VfFQ+rZFAxNyq00VdLELWjK6oS3nWrsLEzaP1W3fKfEc=
last-modified
Thu, 21 Apr 2022 13:12:03 GMT
server
cloudflare
etag
"d245c3976e8b37aa0431b5a7963b9259"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 08 May 2022 07:05:17 GMT
s
h.holder.com.ua/ 		3 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.holder.com.ua/s?tv&p1&b8655&r943039639
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:17 GMT
Server
nginx
Content-Type
application/x-www-form-urlencoded; charset=windows-1251
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
3
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ivona.bigmir.net.1296107.js
jsc.idealmedia.io/i/v/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.js
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b8654&c1&r82720310&dholder1604070069&hhttps%3A//ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ba54c2c0ee422e605c0a01ab06fd224af56017507c345ee988b2d66658ba69d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
KJ5DA7509SQXZ8MZ
cf-ray
707f50eecf828861-LHR
content-length
747
x-amz-id-2
t3p8ACwa4Me7oWi+DhIP2k7s3DB0ys/qVHzCadPbU0cE/81m4KouwMoyVJRcNWMU7TrkiZmOi+A=
last-modified
Thu, 21 Apr 2022 14:17:21 GMT
server
cloudflare
etag
"d55ff0e2835c6fab6cb303c8faa6e5d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 08 May 2022 07:05:17 GMT
s
h.holder.com.ua/ 		3 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.holder.com.ua/s?tv&p1&b8654&r601141015
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:17 GMT
Server
nginx
Content-Type
application/x-www-form-urlencoded; charset=windows-1251
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
3
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-206274582-1&cid=697972760.1651982717&jid=1576011461&_u=YEBAAUAAAAAAAC~&z=669969376
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-206274582-1&cid=697972760.1651982717&jid=1576011461&_u=YEBAAUAAAAAAAC~&z=669969376
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/45890/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:58:07 GMT
server
nginx
etag
W/"626a814f-702f"
vary
Accept-Encoding
x-cached-since
2022-05-06T08:44:39+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 07 May 2023 08:44:38 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/45890/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:58:09 GMT
server
nginx
etag
W/"626a8151-a793"
vary
Accept-Encoding
x-cached-since
2022-05-06T08:44:41+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 07 May 2023 08:44:41 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/45890/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:58:01 GMT
server
nginx
etag
W/"626a8149-326c"
vary
Accept-Encoding
x-cached-since
2022-05-06T10:26:20+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 07 May 2023 10:26:20 GMT
7103cce7fa6705169441.b.js
cdn.admixer.net/scripts3/45890/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/7103cce7fa6705169441.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:58:00 GMT
server
nginx
etag
W/"626a8148-2a79"
vary
Accept-Encoding
x-cached-since
2022-05-06T08:44:40+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 07 May 2023 08:44:40 GMT
362b590febf83073189a.b.js
cdn.admixer.net/scripts3/45890/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/45890/362b590febf83073189a.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
59fe052fa30275b48b087c29ee1e47022c320d5f4081d8e15015caee0f2a6283

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc36
date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 11:57:56 GMT
server
nginx
etag
W/"626a8144-35ac7"
vary
Accept-Encoding
x-cached-since
2022-05-06T08:44:40+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sun, 07 May 2023 08:44:40 GMT
z
s.zmctrack.net/ Frame DBDD 		102 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
a50bc86507d138f13723003cdb2386fac5e5bf6cf5b09ad82f0f42042b8b230c

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://ivona.ua
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
pubads_impl_2022050401.js
securepubads.g.doubleclick.net/gpt/ 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
sffe /
Resource Hash
463f3a36ad85e31f7b490397a006aeb2b9ebcaa9929f50c35fb766e6ee3005a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 13:11:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53637
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127725
x-xss-protection
0
last-modified
Wed, 04 May 2022 08:35:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 07 May 2023 13:11:20 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		171 B
746 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ivona.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
c76d5e2046acda81a2a3ef977a12f20192ec17dd6168b241db47cedce7c18829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110
x-xss-protection
0
expires
Sun, 08 May 2022 04:05:17 GMT
upwards.png
ivona.ua/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/upwards.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.63.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-63-58.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c228cfe6b3ebb46f183eda1d08be68dfc80fd7680ce97ec6daef9b3d81f52b44

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 13:35:31 GMT
via
1.1 9570c3a1725c20e6faed117bbb74223a.cloudfront.net (CloudFront)
age
17245611
x-cache
Hit from cloudfront
content-length
1602
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-642"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
d8UBGS0zsywueVZJd_uOagXaEiNtBeDbS23TWfGdV83chBgC6ebBfg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo_top.png
kolobok.ua/images/ Frame 3791 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/images/logo_top.png
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:07:30 GMT
last-modified
Thu, 04 Feb 2021 12:11:24 GMT
server
nginx
etag
"601be46c-208f"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
8335
expires
Thu, 31 Dec 2037 23:55:55 GMT
10c16b45ce01322e040aa60b5bbcff86.jpg
exchange.informer.ua/assets/thumbnails/10/ Frame 3791 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/10/10c16b45ce01322e040aa60b5bbcff86.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
e4240d53f3c103801982992bf1d459bdd3778b476ef996f2cd92da06d668c295

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:07:40 GMT
last-modified
Fri, 06 May 2022 08:30:07 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"6274dc8f-14ad"
content-length
5293
content-type
image/jpeg
358539c5470675dcd9395e29cbf2c1f4.jpg
exchange.informer.ua/assets/thumbnails/35/ Frame 3791 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/35/358539c5470675dcd9395e29cbf2c1f4.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
c90a99bbac9772de85d6ad1923be2c53c4e1ca74e30d64ae341b9aa6de9d1c24

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:07:40 GMT
last-modified
Fri, 06 May 2022 08:40:08 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"6274dee8-1cc5"
content-length
7365
content-type
image/jpeg
5acd52e813a1d3951eaad6a400234ba8.jpg
exchange.informer.ua/assets/thumbnails/5a/ Frame 3791 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/5a/5acd52e813a1d3951eaad6a400234ba8.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
4e52e4f3a1ae80182e6e89ee7aeca40bc41370a0f511e0211cbb85cc60484803

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:07:40 GMT
last-modified
Tue, 03 May 2022 07:30:06 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"6270d9fe-2125"
content-length
8485
content-type
image/jpeg
7cefa509006ea4b27e02907b44bf28d9.jpg
exchange.informer.ua/assets/thumbnails/7c/ Frame 3791 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/7c/7cefa509006ea4b27e02907b44bf28d9.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
4fbb19b8f5aebbc171196f2f6c83eb9a9750af2a838005b0af20b76561b0ae20

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:07:40 GMT
last-modified
Tue, 03 May 2022 07:50:05 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"6270dead-1485"
content-length
5253
content-type
image/jpeg
6f92f14229f7e680a00ce909eac4a533.jpg
exchange.informer.ua/assets/thumbnails/6f/ Frame 3791 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/6f/6f92f14229f7e680a00ce909eac4a533.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
5c69d76cd9d8b7383aa7eeea1df3c34e37fbd04a624488ea7db5e7d6c476593e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:07:40 GMT
last-modified
Tue, 03 May 2022 07:30:06 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"6270d9fe-1f95"
content-length
8085
content-type
image/jpeg
cm.js
source.mmi.bemobile.ua/cm/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://source.mmi.bemobile.ua/cm/cm.js
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cmeter_an.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 07:55:53 GMT
server
nginx/1.13.0
etag
W/"5dc27c89-d0f6"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
expires
Thu, 07 Nov 2019 07:55:53 GMT
ivona.bigmir.net.1296107.es6.js
jsc.idealmedia.io/i/v/ 		230 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0330a0898abe8caef0f06be08f760ef75cafcc56941a8accaa28943217b0da34

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
48X3BFD95MMNT760
cf-ray
707f50f0291c8861-LHR
content-length
71396
x-amz-id-2
smtVGulqT2AMRUbNbFSSwmJqVcOntjQHFSgY0n9ApbkKOdHmPi0edrPlbeq9dmFLyEnhe6SxP7M=
last-modified
Thu, 21 Apr 2022 14:17:21 GMT
server
cloudflare
etag
"83c996574e278dd4a2168b7febd0f4ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 08 May 2022 07:05:17 GMT
ivona.bigmir.net.1211636.es6.js
jsc.idealmedia.io/i/v/ 		238 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff7bab8af8a346d7c3f611bad6645a5578f2d9e678aceff6070c0787d0dedb2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
HE6CDT4FYQHMJ3JQ
cf-ray
707f50f029208861-LHR
content-length
73301
x-amz-id-2
GtGcfY4/Fo7T3WmMa0GiYNx/A9tSHuMy/O0fx7y2GD2laNO6cI5IztdNJ+Qh5SYecfS/ipqiI+Y=
last-modified
Thu, 21 Apr 2022 13:12:04 GMT
server
cloudflare
etag
"447bf39da416951cc99c992fef47cc82"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
null
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 08 May 2022 07:05:17 GMT
cds.js
pa.tns-ua.com/viewability/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cds.js
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
last-modified
Wed, 17 Jul 2019 12:54:29 GMT
server
nginx/1.16.0
accept-ranges
bytes
etag
"5d2f1a85-9c3"
content-length
2499
content-type
application/javascript; charset=utf-8
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
prebid.1.2.aspx
inv-nets.admixer.net/ 		42 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 08 May 2022 04:05:17 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://ivona.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=ivona.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ivona.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3789903359041081&correlator=1820307152495516&eid=31067437%2C31067460%2C31067463%2C31067465%2C31067419%2C31064019%2C31065518&output=ldjh&gdfp_req=1&vrg=2022050401&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_ivona.ua_S_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=2&adks=3119778438&sfv=1-0-38&ecs=20220508&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3Dde2ffcaf26b8bfcc-2249c0de8ccd0081%3AT%3D1651982717%3ART%3D1651982717%3AS%3DALNI_MY9gCvcmLiRBtDThO4I0QEzcy4zNQ&abxe=1&dt=1651982717626&lmt=1651982717&dlt=1651982716129&idt=1444&biw=1600&bih=1200&adxs=1050&adys=1208&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=697972760.1651982717&ga_sid=1651982717&ga_hid=1751639858&ga_fc=true&btvi=1&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
8bb484309d784bba01a1ff715f7d423af33702fc47ea5c796ecf69e522c9f600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9221
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3789903359041081&correlator=1820307152495516&eid=31067437%2C31067460%2C31067463%2C31067465%2C31067419%2C31064019%2C31065518&output=ldjh&gdfp_req=1&vrg=2022050401&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_ivona.ua_S_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=3&adks=1056675244&sfv=1-0-38&ecs=20220508&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3Dde2ffcaf26b8bfcc-2249c0de8ccd0081%3AT%3D1651982717%3ART%3D1651982717%3AS%3DALNI_MY9gCvcmLiRBtDThO4I0QEzcy4zNQ&abxe=1&dt=1651982717631&lmt=1651982717&dlt=1651982716129&idt=1444&biw=1600&bih=1200&adxs=2250&adys=1208&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=697972760.1651982717&ga_sid=1651982717&ga_hid=1751639858&ga_fc=true&btvi=2&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
9ea0e377e7aae7d3dc96cdbf930aafd610462f072b2461fc9608b126267fee32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9435
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3789903359041081&correlator=1820307152495516&eid=31067437%2C31067460%2C31067463%2C31067465%2C31067419%2C31064019%2C31065518&output=ldjh&gdfp_req=1&vrg=2022050401&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.ua_S_ww_%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=2740913590&sfv=1-0-38&ecs=20220508&fsapi=false&sc=1&cookie=ID%3Dde2ffcaf26b8bfcc-2249c0de8ccd0081%3AT%3D1651982717%3ART%3D1651982717%3AS%3DALNI_MY9gCvcmLiRBtDThO4I0QEzcy4zNQ&abxe=1&dt=1651982717634&lmt=1651982717&dlt=1651982716129&idt=1444&biw=1600&bih=1200&adxs=3450&adys=1208&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=697972760.1651982717&ga_sid=1651982717&ga_hid=1751639858&ga_fc=true&btvi=3&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
b17707fd3962e62b1399de6f42bc7abe06af681821524b5e52bc4bde4468e2e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9747
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3789903359041081&correlator=1820307152495516&eid=31067437%2C31067460%2C31067463%2C31067465%2C31067419%2C31064019%2C31065518&output=ldjh&gdfp_req=1&vrg=2022050401&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Civona.bigmir.net_S_WW_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=1204994220&sfv=1-0-38&ecs=20220508&fsapi=false&sc=1&cookie=ID%3Dde2ffcaf26b8bfcc-2249c0de8ccd0081%3AT%3D1651982717%3ART%3D1651982717%3AS%3DALNI_MY9gCvcmLiRBtDThO4I0QEzcy4zNQ&abxe=1&dt=1651982717636&lmt=1651982717&dlt=1651982716129&idt=1444&biw=1600&bih=1200&adxs=4650&adys=1208&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=697972760.1651982717&ga_sid=1651982717&ga_hid=1751639858&ga_fc=true&btvi=4&topics=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
1d53683ab7784f6a0d77c41959d76037efcf1a3e340a6d40fc1617e84b01df4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9749
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D74C 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 04:05:17 GMT
expires
Mon, 08 May 2023 04:05:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cm.html
pa.tns-ua.com/viewability/ Frame AE09 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cm.html
Requested by
Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sun, 08 May 2022 04:05:17 GMT
etag
W/"5d2f1a85-b5f"
last-modified
Wed, 17 Jul 2019 12:54:29 GMT
server
nginx/1.16.0
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=B975C028E6724236A853F003CA132373&time=1651982717661&location=https%3A%2F%2Fivona.ua%2F&referrer=&is_flash=0&session_id=792008575&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=holder&param1=~cm_timer~&param2=0&param3=1200&param5=2&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ivona.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 May 2022 04:05:18 GMT
server
nginx/1.18.0
content-length
36
content-type
application/json
pic.gif
pa.tns-ua.com/bug/ 		56 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?uid=B975C028E6724236A853F003CA132373&time=1651982717872
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:17 GMT
cache-control
no-cache
server
nginx/1.16.0
expires
Thu, 01 Jan 1970 00:00:00 GMT
container.html
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BA67 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 04:05:17 GMT
expires
Mon, 08 May 2023 04:05:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=Q0JLcmFXWlQwbkhMVXFITkhBTDZCWmx2V3VuaTVBTjhWbm9RSFh5TXlpazlweVZKWHdKUzhmUTZ6YmZvVUM1cjZWcHMzQkNicnY0Ymppc2N3QVhQbWlLcVBMOHZqRk0rRUpyL3BJcEg3a2ZScW5sM0NzMDRSQ1ZiVE1wclR5cEIxY043WW1rQzVkaGV4eTcrSEpYV3BxcGZBS21HdUoyZEUzbUN4YmFrUi8vN3hFL0ZxZFV6Z0hVR3F4dlpMVHZaQnJrVnU5MXhIUklkQkUzaW0vaDgxY1A1WVFjakNnR3RXY1UrcW9EdEJvejJ6NyszYU0vMDF4RlJROUhJczZoY0RpL2JKQU8wVlpoSUl4UUNMRm1GRnc9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C660 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 04:05:17 GMT
expires
Mon, 08 May 2023 04:05:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=bDVsTHAvdllhREgvYmJSVUQxU0NvVjdPRy9LUzkydTNydWNZbjF1R212V09IL0F0WkVxcnNmZE9OSEh5OHFOUzVRVnlnSDYvN3dXeVkrU2ZqU3FFY0ZqdzJOK1RrM2IwcUdkYXdJbC9ObWplTXprbERzLzEreU42SGUyaERHUUp6bUNtNDZMalpybDJEUEVFMFlzUXVBcFE0R2RUVGxkR3g3dDljY1ZjUUt1T2JoSW5vTVJvR0VJQ3htQlhhR0lxVjUydFF6anpmbVdlSjduWmxLNWRYbkNlTU8rdzRKOTZkVkhiY3RqNUpLVjRjdUtDRWhQZXhab1o4M25kMFY5Ug%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D6B8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 04:05:17 GMT
expires
Mon, 08 May 2023 04:05:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=RVRxbFIyTGh5V00rc1F3OGRURy9HRndjckRkdEZzNFoxb3JTYXJ0Q2FoOEtGT1lvVjZJOVgwcHVnVUNmc0ZCY2xYRzhJRmtib1YvdjdFa3VIbjZzaEVXaWxBTWtrUW0wSDZXT2d3dHRtU09zZ2xmNThYS0dzUEZIaE4zWmxGNUVZRkVVRUZWNDFEelpKYmZDR0o5RkZXK2d4QlFHQThKTnovZkF1M0xGZThqRkxOM0VJa3A4SVptdk91bXBDYmNCYjB3MDNvYkVzSVp6NGVDTXhXQkE4NDNpMEpYYWQvT1dqWXp1d2RYcWlZYkJiRXBuRkxqT1NzTmllT1FJRlB0RQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2A08 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050401.js?cb=31067437
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 04:05:17 GMT
expires
Mon, 08 May 2023 04:05:17 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=VzRPV3NySU5uei9WcGo4VFJPY0pVMEdEUlNvaEZTdEJQa0lUNlRJM1VJSG5FZ0xoK1JSLzZaSHRWKzg4NnZJUWREdzgvbE5NOExoL2F1UFNRd0FTT0lnV3Y0VUVZdVowK0dQM0hNU2Y1Z3RKYyt2K0dFb3kwMG9HQ2xzMUJRSU9NYTAyVWF0dHVQVjdybldWRVFXKzhjVnhZZC9vYk9jZEtnZk1pUlB5Wkc1VEZiVy9OMUFtNTczVVA2SEpmZERZdHQ4VEtBQ3pmbjJkRUN1R1JZRXBtaXRVenkxcnZudTIyNkdFdzBnMGVaQWVxRW1yS09iWWlPZ1ZlaHRTc1RteUFVSXN6dkRpZ2RZTnZMZW1pdk51Z1E9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-132-133-134.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
c.idealmedia.io/pv/ 		0
66 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.idealmedia.io/pv/?pv=5&cbuster=1651982718086707287770&uniqId=038ea&childs=1296181&lct=1650499200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=6277417e-13d2d&pageView=1&pvid=180a1d7d486a2522137&site=466737&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
707f50f43d0f8861-LHR
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
pixel
googleads.g.doubleclick.net/xbbe/ Frame B9CD 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNUNnz5vPPhiszybUCB3xi8O4rKmvP1d8uoI192RzVTxYeswGjxVl-486b2ESfs5OheQuCYpGtMmkiQ5f5CPhu7YWk0ls2RuBL_nvyk-1UZupO78kJMC1gRAUqS78REoRjKuQ_S702PqpDKWN5xkHhZAABvLpS9ugH7AE4CC13vmsNgKaAs
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 04:05:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame D6B8 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcX5HWa_e2qH-vQGt_1xrUckgoh92M7hud9g0BJ1lbsxhWls7rSgi-Xk5IM_c6C1CgVuRYQCM6gja8L0ToN3sfkG8mp1mtcQj6EINsgeep7otuD8vjW7mIiWbK-mEqeAKoPv4FlXbAD3zRaYcNaIeQ--VNlg&dbm_d=AKAmf-AvtQXsyqTKwqvVZ6bPswAk38tQUtaiiScX4SrHPiMsia0u2KnDPSHDHT6pvdTvXRv9c8y3IxpGdBmmg-iUqDRVwRDZMjg7B3348d06XuwrR_pmd_3fUIWEHyewhp-v2qtKdF_Ebrxc5-2H639JG7tz89yyTxv1Ia6aLUGFsGID45tPnv9swkjfqa5jnGxbzZ_K9zX5QZtKsuCHp6BnPNFUGMuuXQBPt3ifxh5wugKIbNvetASdkcIselM3pUXcp5KKWM4ORG15PIkZwga1xKeZzq9bdfWtoMIcUextiDy2-3OxmxN61L-mAUkH8yTzHMMQBv3unu9ji9VG6WvZU77hw54qYncfjpfCG-BaPW2EM9F3JVq5Iw9hUQSLtfhAFrCV3wtrO7k187lijwnYXWZPMjnglYy_caS7wDpFzyEJM1A1x2--uTYr-DLS52c5a1HsmMq7RR-_QFi5VzEFgnf6MBrblKRHjWZ2VFdRSHcxA85UHmDbhrawhYumEXfx9Y_3pCOOhgHVe61u9kC3peBe7tPqu-OWzp0bj0O2Ce1Fl5GN0JyrI8tZP-EWiPyDr6egtb47n_EucQ-9x6U5tuuUMYGDhVARLsa0ZMKcWe_tc-SDsLwHQE4t8ynnd-RhHn1Dd5pmV1uyIcOaErFT3gc2IJUZwnesNqvGGDO0nno5HlNI3yUzzO9YX1rp_6dqxOB2E4oJNUcy97mlTe3n45UL5N3053MbjiRimDnan-hvxiJPHJokX8DZKjtpgkeuFO9WhncVd7mhI9l9fhX-2K9RKxjYEFiOCHVdl__ySDT-KyWr2eHrRY_CyXF6QcghK_Wma3N2aVyYJPVHVMGp9RVEArVuekV5-xHqGQjiLNjnPjYH-dyRgNsAqs9QrOHdLHNMNmpNmUTcFx9-4HKvubsTrkQlgCV8N6JtgAcXARtpF_tJBEm71YWillFxafziIqB93bXGnf7iINqL-en_yTe7IhKSEmoaRoLSIwEccBlm1ODiKxQuYj_b79FwN6D1-7UfXAqjxWfMzTZIxvZRDio2MdXpFjVyRQPWUSXsIwihTEUv5Ic-s4CSDI6U3KQadhkXaMAExgT8y-Z-5_jvVtOCF791_mkEDdafkX7jL3h-_MP9VbnnXfa2l6G4hRNmA27i5SbkcbpHLhhCmZ26OrJLgPL-GTMRX5FRGk6N8yQraZobSCB-MQLnpcERsLBNwhwIvkStXC2xrzcUEvg4BZwg3v40DzjejECa9hk4RY6tFjRHvSkAXx5C4DYUOadzODMsnOSTjp7khTwnP_bQr1WPNUCIyS5AdZlnAsIieHo4OE8CFmqcZmjl8UoX7zPxgaLaPnbiCsBG7CUNmc1T91qSXWJyMEp9UJG0oH-n2qsCYNcjINI1cmb9Qd-n7i8cfGsWqQigRV5326bCfXGIaomu5SthnM4dDcml3bZhQ4PvI2n7ErETOFsHo_fwXGZMqZ-f3g1w_6yCsJX77ob7SQD_RjEnrmqTIY65JkTVP0z4hb_uqEYO_tqjRS4rFWwh-sStWa8Z-2ezu-E5rqPZD9o3oAy6j-LyPRgYNOmdEVOw-P_KawmB45DAHaHyTn5FwC8agEby6E38_lrRjvu7x7c4tEQBD5CFOYevcO0c6JPCcZV7mnWsQDAi_joO9AY530505uhtxAyBTZLKnCLTQdRiq9eAnqE_sgFlq2CT8aOmF4Det6-BpRR73eR_17sYH2398rzE3gG39eM6btx3MPN4Y6GUEceXE0wXIS3peplwXK1nU5Co1S3GoKC3oPpG6aLgBnpZG1GQphv5RqOY7-u6zfXZyYUiiveD4vbc4qscMf9HGjwobcW5I-Tmn4kr8bAgjwpQTqUK0WE9-2K-Lq5AaUCaVIXZL2MFPbYd9VOcBlKEaCvL9Pj4OmXeGe0Pnzx6a6ziYc9uglR2vaoRzvjusmRUDSMCj_-pWxw9UFgVrwQJNYoqCIm6kg98anKfVuUu0dTFuStauUQ5Z4c-93YzAlXGipCi_mNbCZnMTwBITUUZCvibYozMQh5zp3h3XKG6IkVF356EuDJ8HTL8jfQ7EtJRJAcD4RaPjtZ_OQqeEiK4Q_d4BzZo-rA3P0NIGUhtkwl_GNCl3IDIEGVE80SSxxxDL1GcI4VRA1mMDDZJMWQQEMcj6IMN0Y5bTA0JbVg7y-AAvtWcntkWt_Hy_Bn5ZMxT9U4A_SHEPyIG9p4P93bLKSrob8HTMMcko3vl59AxWYLnzsRtJnz4zfQo2hZ7YTTU4JXTZ_ubuX7tjXbf1cgqiPPMyjtLlFh5tzxY22E9H83-xSYzaB0Sknt8D1cFj6n8S0on70iwFNs4Vz6SKfGI1Fjp7IUDR643_Tg2WCO4TEsYQ_gMN_dNOUeVwNl07ezgFdyGxOh7xGATLweQllmm89D7LZOysvk-HiYwFgdmJ_2pt200DgGlgY8mA_cbZnGRKqFohQ45kQsCml_3Sof6feRNZKLMA0SgcQ4BTUYdMkFqRs-rWj-oY1O_ECtC3_O_SG2NB3SngyoPBopOsxSV-UM_vV0hbBc89GoJgohm80K-aatN7ZMwNl2KmA3-nKx1KJ7zbYwHwfyElsP2s-36Nq0PQyhu0wAktt4CHxWhkphmvUck24vIeR2fnMMj78IC7QPyu4jEDrYatHyLL_Y7YdqO2GKxFVXMXqgwO-3Oz-ffPPWVUAkI92CfMBegMXosLTWeXG7HsDS0pHI7Lhs-FAHUP7Oul_yf3SNg5WpwM3CuUj_4q-ZxBdzLdkKizJ48tVEE1joGisszbToAa39yG98bSOjubzqGfM8twgWL6CfOjeB2gbKOdCo8Jtd7ZoLsIpqTLsnyk_R2yt65YPzZNXm6U2U3ELef9VMIwSIXvJ3NQPFW9FopSFXAHIxGiOVOMJ0hZjyoj-2m4sxtkgd94OLeaL3WX_5qASQa9T2yAGUnCiW8hVy80ZI50FeBRtDHI5zlXvJqi4UwSmpXsnEjI0aYkD-sm_KbUd2nTjgeK8TockR-0o7UOyDSdZFtO7MKHqJ6wymG_OWemTSutrsbpup-5kCZX4vY_Zt6EajIqqLO&cid=CAASJeRoSjGfcZ9sgYQffvYx6p-GQf3YB--TZoPaMCqtI9xsRkP3PFA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0d291f822cdb185df7637c64caf28f0394f5436a1dc3c44a1199a85ab44b19dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33089
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D6B8 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CZ7QKv06Bq8Iyr2EpMyWz_4WEFTzFsrgMQI2fn1FRJorpLyPNGPh57BMEtNmCMaDoKyHeKQb9ORKmAQ2DLytW2AO-dWs1i5Ls3b9OqlxPplKPALyc
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame D6B8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 03:25:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 03:25:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D6B8 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651664140737961"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 08 May 2022 04:05:18 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame D6B8 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 03:46:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 03:46:23 GMT
l
www.google.com/ads/measurement/ Frame D6B8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3YNbWjOAc4uv3b2Amv3ClsWn1mW_UkuFLlGKdn2Z4MtCjYUfDWyCiBdw5t9orwqHGQi3USNboF8PdqWWaCLmpse7Q5A
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame B5C1 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNUkUoRmB7_VkSqYpJ3TNVkrxRENhhBbj11WS-PV2nLbiF4WtjZoDUXwLaeWEpnK2zcm2LggiABZkpqSQcck3ewOCiwaCXlw2iPuHEnt97OmxNsPSJ76a9L9MaMFzsktU8laUpLNpNbOCQdPOQnGJocqdaOTWUt8j21Ku3H4QbHcx6gWgTyBdy-wfJJF0CPB6gKxMkxT
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 04:05:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame BA67 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8W-sV-_xtdl8Tp0ls5A4jioGMrKGmHjQkQyfrJBnMGeybkDtg-6p9MnqJxQ3aIf_zMjaGoSszl-EmLLMvPEd_96snZWxTXRSB-_xPkg99jZnC6u8zm4EglHK9NMJq8wEk5INwo5Wdb95kW7_JkYN1ujNr5w&dbm_d=AKAmf-Clr6WwfmhYhBzHoCqKf4auy9rT3i0fdcJt2067Vk2aHTPeUm4uWgcq6nS9nowG7d95IB8f0Uyg_OcfMilogTp43WBhjfOEU22hmWCayf8koTazhlTrFdScW2tcXF630Ggubk4zRo8GOL6gifsf-98YVhukFlx6N5pLQiqzc8LMB_PnGkVjJTOpOnDkejaq4iZUAOgaKyPSTygWEjTAS6qMLTA_KN6y77DdT2BibMeTPWKBXebM0H5EmKldhS4GjQwqsfLsQSRjBO1EOSf3MRZkVkw5YDO0piTJ1IqqIUv5pnc7MuREyH9QcvsfoO2wyW7abluw29Nh-P8Rm_IqBaPntC7j0KarszQ7dkTbxgfNNA2QVZHdG9RGoNghifA33PaqWiOG9toOxWwHbNnSsoNE2ROELmueAdj9qAvu5JO2YZ4BFoWeJmtr52sZtF3agMsxSHGE9ylknuWfm0pPKxOtot3tFtcM47wU1DUX2e2CJOmFzs_UaCVQ0qlupETP_tZYM5NYaQyWzXCr3gGe0Lvv2ui1bUZB9bRe9M0I_oBNT9PAr-5nWJQ0eCAVvpqG-JepuKVOdxcW-EILIseEVDR9RYC4igRfID44zayR33QMQo_q7M8NSiYteAuSN5hpITQxr2gDNm3Tobyqyi43Kfd-cB5AKCdhQdQwctNATEyj6n1djXmOhi4Bcx_4Jnjrn5pUW7aQ-SHPig4CTZbc_2a33EA2ow_xf8kgOgtLPlNFL5rSrtrm92Dr30jrJw9MEKBbo3vR56Sy70gpH_sywzspu_Zv9xIgPDX5cf54XOL8xlNUKs_zqceBOKnM70ebxkJ4e0kH54bBESpmC6PWfTaP0jgp3L5Hc8htOmwNrPXuHSPMArM3rhAYBcROC4RTVEiQJt2gCDXOKpOZHqYFtEIGEv9GhPV-XSNuLPSArhs6KmlwQL1iBLVuEkYYJTIBcgYs4KK9_5uS5_AD2QOYevxSQdefPPgsyEoFDmOq1gYW9sVt4DJ4E-h1efsl8KoK7O5qDoV1qjQPRbM9-LFBnWVM1lJlx0f9JRdhI9tLQ2LxzDJk5S2K0Fp9KcQdY1_uYVqiXLS-xPmr2durnDH2ro6HSCP7G7mEi3IrpzYpMBM72m6mIBfe7Re_rh0csDwTDmYSeCrWBrUSgXTA2G4lt-mgOUlfCa3oFLiFKwMt5UgVQ3MLc2az1UTWJbyd0-bQwuYg8jTjjKzywSx1BXPgCO6cVEKestfzl3qPFP63tRHPS4LTYvy0885k-9W0mshGRPDJUbL4TQFqOnSYp0NblwWSS6ospc2ns0IJnPVzvGoZlHP-kslxfMpXNYF8ix0mOjRFrkzb4xngGDTdjPeC4wJPGzMu7fsxfJB4Wz-6ZsmykVSCW5WyDe7V8u_m29wC6GdMNHq3HakbIyp8o8YGaDAggRENTeaAHEnhsassrPbYHQoNpOtUr_shd77W5QThASQF_KhR_31YsqivIBpQRQftvyupoPBYlTx14KBcWnO7-GenAHnxqkWwt6b-syqY7oseI4NABXDJBVYVX7h9bcFKE_fiwS2ZWINB59TJuFqO9cGQrgiiJ7mhudIwtAn5flsWZiGewJ5nt-mu-CE8ADUmqAOVuXoMtQLZYLcPbN83Eb8PNfd-s5eiSBG5e74uxM-x8ONWrPS7MBJB9h6OlGbWOeo-_107sbZ9VwMDyxN6luSbGuWqbyWvHNowFz_-oOV0qxapAjyF3F3HFuyoAbYJZXzin2r8uMmLRhhe2pqaHUSKRm3Z7Bdtn-114WT67uvDA5tJvb82Ls7KRsohbb50Dm4bn8WUTkJmWtSmFbU91Ep_XzJYfNB_uW34Ht6xnVGfV_Lsw_dV-nhDB5sU6MSGJvx-f7vSyc8DA7u9PbXFKcXrNULsL9x1gWnMEUhKHp0zjU3Cke61Nxy5kYg3YQ3uMbddnwpp8YgCvn6AcnMfYGlCBtUHRIf4AZGPfRKo-2n5tyDmO_IR5nTLjRSMjJZ5SKI_HfuH1Ow7UDlCFTW7Y1kV_jnOT2mx4VolI25EfOHrZyPYg3vNxWhrBXc7Ohylk_QC3dv8fJ7eR5C5UzIAzq-lJ0U9FYTNkKQshUVZwOJZjW9mjMYJXWUeG-1fwXQNfavaW4lGSgxaL3PX2Wsmo39p-uR2Ino9UIFNlaw5HM_ZQMhF6rFAKWz2WaGLwalv_Gi2_P4bjgKNkWQuFureMTC1V4FdVg-n-lSevKAnwkAOqERdrMqECU5PEME4tuin7a4udN3jLDFhX5zj0Jt2KcWurc9qiV9J2aYk7sjg1tK1SlAZkCDTMmJTD_bhBa77S-CiTc818vQh9L0z-abIS8QkuJb2V-UXbLXrDQMK-63NtCbdkYKDEy9VetLElZhyoTA-szD48R0DoLBwNExu8wy1Njl0XsfYeZ3rLl7xvFheA6jYkMvd4ahPWwMkTW-s_Ye2cvjtgFqJPwGdNcbgeQTqBlqFLki7e0j-kP0mlMqQuOD3l3k_n2Of16wHlMdcWwBPCHAAlKSiwdJYHfoE4pEkKVZHH5bzgnAnXW87-6xdNwMnjnk7_PeBYBWek2LHpsTYtP_56VdE0hpv-GayvXYuQuc1oEdcJ686nko2tVaJZGbRfXVTKUuMoTWiArZ5GpNVrZlvJu79Hrf0P7d4ajyb8jwJxOvsGbtoMa6MuNq_DV1UV9E28sIahVEscH8TKfYdia776F_6eLu0MbPCrsKj4XgEZh2qHPz_zNX3SInG1CImDNTbN02X7VdCUhDWOwVNebEpX9CFBcEkoH3vAGWw19c4Z2JAeEsDsNKnpNZ9FodRagWJYPlWst7O2dRPR7K6tS5445vAli14bRW1roqd6-Lcaljw2OSIUfFHmlZQszntblneKMRLszJ87VOeUAhLt0XoDi0Sh8aFxCwYXClVBtXEPSKyP0IQt6fQkWjxipfiVtAm0MOAElFLz0O_lJ45Wan-PsB1M0gBzADxwYTknyGK6A_YhX1v9GXLDGnJ8vZeW60x1IxhroF14WOgQ6nBsxuDXCAZvA93GpF-tHrVP8WfNZHw4dtmpOdGTO-_43UfAGcZRum_U0anHVw_bmstyQ&cid=CAASJeRoVzp3DzurX2y2IPbWae3v8M0Iw-I750KmryVAEnMwC4cGQ1E&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0aa3da6f6cfc9bca498309db855293bafd6558ff87eaa650863dddb63218be7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33079
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BA67 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BoP8YWDoppPyO0cHdRYzwf8PgbCCvBMYxvIuiGgJ5czC4xmD23eqFSvGLPxSKBdkgwOx04o3v_af3CQm65KL471i05A6es-0WQ4ZI9xFltS-xvacM
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame BA67 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 03:25:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 03:25:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame BA67 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 03:46:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 03:46:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BA67 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651664140737961"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 08 May 2022 04:05:18 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame F195 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNVoaJwE18Td2raZXNJiglyc7Q1XxbmpY7x3JAUCXIM_1iyzenpfqe9v1DyY0_3iuTQ3KLbLpcLa6EruDFsH9tzIrT9Q5Aj55Sf7C_tev2SBg1JOV20n6FSSEmErJbh-1bLgZ6d_v0PXrpY_mafl4oz7U8cVnfEBLDQ7CmSBM9UEmevMvNE
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 04:05:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame C660 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BT8lK7HAdbnKGeCRGEgp8XPE-ebZCQzDX9APXtVeo_aOEZYqeOD8-cLeBwYKpfAy0eQOmq9R7HuW14lDjkCIqnFf7GTlhqcKKb8miK-nVrQYxJVr6WMu8cePuEYbBYXqQaAbtcdzWBWq4zCGVJeFgflOOXkg&dbm_d=AKAmf-BYfqx3O8b2i_i83gmuaUUCQbRgpeCH_o2lGVcBsy3yCQgLwc7xT30aawb3YRggtBKLulbhKRTguVMIE2CRLmKQVll2puEpxYccgllEQEpDKvq7_rvQaczR49B7WzMbcS549I2oHiyTk3XBcOgMq78idOEhQZ2LORTh-o6ursyrCzwSc8MxX8QpOEXYxMtjUKw0WIoKb24yMjf-I4xmmdOmMTeAM0hVmaJwhQVf1id3bO3XK23yiLW7CWP5hwhrHjqgwoeNN2Miwr9xn0fTyx3psUNFN-m5OXOa1lMtIohy_1YfC-WiGnqfl-kOEG72S04tXLnV5MT2_igHKY_-BVwGZbMxCVjO4kwzO2z86xvZEm2zm3KpDUGtTIsJj38zEpiymJLb-xibwWAPKAwoIe5Pbn92-fCgtMqvaTIoLc_XbIlPEl2htDouBzD87EH8u5qP_L21zJQ3pirp2gwQZPSd1Jtj_hYhck_PPSsMTh45l7izpIiO6VfOryAeawKq_pPwMVV5tS5IdZaX6S3z59r0AZWlwdwb6TY_yuOWp0emaAhqaNDf0CQHCmeq63T8ojDxNZFwfk1-wvRVFvvcAu8Y5xuJIi4_Cjp5fuSUPbDHUPwkoY-rveDJq73-pq271xKmauURXXcknsIur8kxt9NeuPBUVhlO_B2AgSOwJotXUYel7BfGeYI5XwP8n9Eqg1Z3AVA3VpzY1llmhSNTZv0DNlIcDDSMth-ndwUAaFicqc_L1dmBfzryVZeGPXFq1CWOos3G454SXVBUibgaNzc3QeV3Wp3sZQXIHb4u8IqP5m4iLH922aW4r4b0d-ZyLAC92Hy_-SAMsdifBhmKdknh-0MQG_h4qYlE6Iw_k2_iITpvMP5VWAXRQ-zDQvW3xASdpf3xhNGL9NI6JXDNcBk92G6I1PDspBOPEe7uMVmggPgJLDitmp4JWehVkXKGx4_SSja1z3t2kcTuXQxbu7aVjBYBNKT-XtKRsWFvBXxA7vT1TpQN-1zE0KoYim5PGKpAURV5APxkAOv1cJ0rXPAZcYKq5s2GJT5GHltHAvNDYzboCPyJaaQ0U5qFSqN3SeVnS-_qQZj7QRvhpY3CZCc2wg0dzjOaAoMGaNwWiMxAWPNUpc7QaBv2Y3smYg3K6iIWYJLuFBybfqRu8Iv9yoP2s_oKFk4-xXOiY2YiyoswFSCJTxC-WkwtYlO8KLmb_mXtBWswyW5L9nkpPrnN6JUSAthZaZCxH7IBfEqgIepXpkov--bud8iWeW1wv7YJG7f0A4sfhRkGuMuqxytoSLDe6r9X5jNW3bPFA6qdpR1N-BJPWzvwn9Hc8_tGh359aoXnj0NdKlPRSMMPeOPZL5IDw9Cy5APLMuyYUOqwSK_NqcGm66MrekbpgyK--rCYQZF4OTtw_zcTyH_h-iC3H8b7wuZe1FhRWubsEqODwhslfhYmpqSPFWVXPIePjB6MsXo7T7rzralg9LkcUGRxQHMIDIOIkykWE8p8-XNwRqaQE0J0uAyKV7klRSmLV53xA1Gq5LVtleGAdiww0qI8Rr_iY4KVu6VTcLimf1Mlm9rQNNh1yXCLbLz1MiteRx25EP8hey1ULVn4lqOajvt9Tvk218j3BzW9qliiG1pGKbibJFV4d-D7C_OBsuGZEFkfFXEVAzZegsjSshAVgZzkeAD6sEODobyOu3mQI6xqWt_rkmCxUIeVq1yszPzXkXcMkf2-JG8s6BLrxPk1pO5Wz_6KY05hIeYaUVzbos5tNZGqG5otm2Df51e5uclqht7URjv02FYWMpR4-yzifBrWM4oKLXo6C2RbMmXfKBJDM3QqbWY2F3hHOSXEVyYhE0QYfOosl8QqabsR-tQk1WD2VfttiEIVMqakvlngzaDWURnTnesbli19f_5qJASDuiURjkAWqvUTu-Bd1LyQwxTEwrhjFtyjRJp4u28TpWvMt8upubAF5R0EHB2MUjM7llPxOQtWmWKRKiXD_ZfZFWe61OOvmcRiDB9If-qDoj9w39FAPoDBX3ZsLbCQdPzl-WXobztBturZ2xqYfrn9BuU1DpByEW5lfJCn8lNn_8KWZfAmq3xUCcrLcB-N6D-e-zbQ2h3b9wIzXZTxcE_1yQkiX0J50vgZAziTmdbB-pmbRyt68y3w-Dfw6fBBGrX9erSVCAj3dw4w1T98tth75Q6LQWdhSImibJTr7JbXk8jMHMIe1kWmqaSaac8aSOWdnXDChmUOhpy8zLwLxtN2OaVzvn7t4fQ3NBvVHiZvT2LCnbxXMsK0GmnrOEuU9_xMK-Txb_-C4SFbmfIxOmoDkJh05ZTT3qOyqPoAvmAMzIu8dnOzpnB1cRhpq9Lf2R7MiheoFNEZFIp-wXtD9xovmdtkTvpCuxpc0ET_FlujdpWbjd75vcZ9bIxBpWvD_hK488rKRKf_WkfSqdyESKBbOF38EsxV5dEt4eIo6cw2E1yQumnR8CX4kRLOUr6XHzVKltsjekETOR6bSLs_XjzOaCmWhIn966MZJoMKQuuRRXLylMars2RuRHQvdKbejwMi9zQ_x43TFAB_bmYu7_ocoXnvlqPsyZEFpULM5mYbf9ICutja4SQ-DAIHcD98e_bXq2LKjas9k_m7jDhKYRyXe_GbAA23YNwAJXRxenmpiISUbeX2dl61NmBZShU0_YZU26RL3tAItnBk_tI1fsSsHxTGv_n_ZmDeMSkkyUyYfY8wyrU1eWFD-6r28vN-eqVSmkzi8J1IVmHy6sWAQAw-O0nbRNt11MZVtbJvSZXuE0_NSsnRh6FAFZwErtXBeZH3t42MXJbUOJHJy2JIQOPNfVpmHZuRo3N-nHhkg4thghtUcUAcyhD_rk9nRFqtPCYkmtMEHnutu_Gydm_Mqfl9sA-bDqBZb0YM94B5DIi966FcG9Dm7AjCC1pukR4XKnWj_tKB_f3gnaGsSxTWXFu5SHMp-jzu3CrMpy6E_bfjHSXLpbKyV8BEj4NWsmAbvksyf2TY657t2HAzDzp6jHN9H3kA6iQ1V5CDnmvUG7f3ltNpqFwWtWfhcmAFQyxMkQaAKYJIgCm03-kTt7otzabG-U-KYacL9Kh2pA&cid=CAASJeRoF-SbrwimfIfyZPOLstc-oJY25Ft7yjj7GRqGysEYDFW6EEA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
086a975ac822168f5668c2af7b9d8e0d810c86ab13eac0952a07b1131bc9b344
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32960
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C660 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BTcyfJAKNpf6W6QcwTMkgnZqRr0AnJeO-nnA2KdOUVL0y3-anN1zUol9QL49P4jm2-oJsoJg9uAyX-a3pkmZ9tEKcH87qUQUSCgSYDYhUAD1e8wYY
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame C660 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 03:25:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2390
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 03:25:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C660 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651664140737961"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 08 May 2022 04:05:18 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame C660 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 03:46:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1135
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 03:46:23 GMT
l
www.google.com/ads/measurement/ Frame C660 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaReTuPk22v6kye90vPjKWBnyFPPWUG3A0xe1ymwLVibNNXhUyCblLwiayGX2zsNkHcRRxod9QxSR0wdnHCXp-xzjTeIdA
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
im_logo_mini_43x20.svg
cdn.idealmedia.io/images/ 		1 KB
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idealmedia.io/images/im_logo_mini_43x20.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1748
x-amz-request-id
QXK5TN9SHDRBT7A0
x-amz-id-2
iWT0ze+0D0AhhBGiBNsK1sMMV+AOkWq5YHzxa/Qc57TkB7dAIjyfTu+bMASQ3nsuqfY0IoE42oc=
last-modified
Mon, 04 May 2020 12:16:51 GMT
server
cloudflare
etag
W/"ff394e3a03921d25c2f03e03046bf506"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-version-id
null
cf-ray
707f50f48d578861-LHR
expires
Sun, 08 May 2022 08:05:18 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FB97 		586 B
315 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj7tczIATAB&v=APEucNXEA1wgL_mZwHolWOS5T_RIsLqcNCxM1VkyMYK1_GNWqDdgq9K751CAjR2dtPpv1Kn3lxWMAmD_mmD7XpADDP05ZCk82_x32oae0tUPq303TZhOaGr-5R7NsxHLdVe4sV09Fd1fnbnf6rnBUP1Ve67DVw26GiNBi1aVwWMI2p_naTlDSik
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
294
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 04:05:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 2A08 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DV003xVK7iwINg-O1PAlsH_kGOLurExJMobkB3r76whMlWJfsJy7z0Ow1pHxDDsgYC9_g1N7qgsZVX2VbvFU0fWjqhHW7WBSLcQ9FmY0vvMRZkPGiG1NUhyTBRsv1zhnIFWKmV6J6ZHz3GA5kbs7EeqLtwqg&dbm_d=AKAmf-BbOYniM7WCwqNyJoSsLH-xeqxaHYZ2T4cgGYxuTTUw7bP1jDHzseD8yxfqtWXth8Zj4NYA4OhPlI0x76GLncIj8GBBlpFDpN53pAlw8rr6dRYVxBaaILmtuBTAEQOL9nm9zXhCnlfiixf_UgWK3iLdoz99tRop8QeO6nJxRtSojfkjOYlKymLLG8CInbhnv5oA3sw6HK4jHBLM--iDQvDMvCTANMFfG3iTKZWL-oeetkhDvXXTYQ_Vfh69j_qewcPehH_ZlM6WR2qUhb6CMWvEVir4RpJBclZqv4a51IPPmkpdAMMWujxEUmO5YpP6wkIE3B3Ugz_EZlbLOdn0lsZsL7urhYKVlAsZY_S4uy6mrWFBgAJSHidZfmgZqCF-rNdhDIFtasq7M5VtNmkQ-NffutukXSVso4D6EJPjUMRHoye-sSXVjoPiN0fCO5YrbCB2H8Db-s-xN00AlU1WcH-r2G1aYjhWmb-pshX1Rz0QgjzzCvzcITEVMRFD5pncA8OYMID-1YCtFbxRwXvXc_0xz4Xgib2NyRB_nBjEtLN-dgpQX_E2O6Rbd_gPFOezbgdHrHeeQ4NzvImyPo7QTdJ8BiLwEZ80PwDMCvKo2cWvbBYaEetDCC8f88ZHCsiSHHYCijRbvezqw1_YVi1rWvSp7sFqN3gxeSgVvffZvH96XE4aaFgqobfu5BwWkKsTTKOIl_qFftBg4F8By6Itd1K0E1GZI_22vEQMGYAs27XY4maNwYFVOCsZiT_GZAwg6j8AOHOWg8v6QObiV50uTaS5r_-4U8mcEY9ualzoCTRpQTiIBKjAyUFit5uTrjIuLsIsevjzYsZ7qIiCUg3P_dJ4-5uRzzYq21H1N-wxheuW4JQW_iR219MP6DSy9enrOF9qgPvuDycMZ_QFchuzXbN-Ya9eZq1j3jeoQwsSrqlQkAbULd0p7uE6I3jGnQIWNfDpqKCMN_gnEXaMs_16u3MsSIwHvfh8AGTv-WUzJQ_opVPpraMEYxJvGEHpfSzMnUq_sYBMMZ6UXV13mBvri5BP6TIzI9BbBLN1L3BYd_n0s_0AN0UqcABS-PkXAoRMViB1fXpZGJycyWfnn2Z8OJSVUIFZrbhqT9m-LLvSykIimMOsVsMMwV46EQrwBMnpYjP3P7qr1xjPddoRfxRmcHG4iGLTkhqwaiEhGlJH6_A8N2PNZe84KGEcc5BQsAThkoaPAZ0gk1tnjOORBMI5DIVNKb9dS0UiYYd-Ky3SP54NcUNu4wxUg11O0aD_rMrFgywhJJ3cku9YBdWamzbWq8lTacpAi4-lZ6THj0nqNfcVXtEUkOppsZX4U6q-kIkxgdtQeO6LynGJy7oj5oPUy9LqwHTue5yyxMYtE0fTD0kI6KVlC3H_USpGZMjXUnGx6t2T7BG2r5q7ME9Q47rb5mUmf5_twLZU_a67Qv-CcJ1Wi2EWgRhWfcvqhsojUfLVUj4JpK5cWbqGanMAsNAMyrAej3Mw7wS-yapTKWC1Nav_A_bBMjm-5Wbp0orY2iCnOwXji1vny_kr1pEYrYU5IzeEObgLorNH0qGGpay56wbYlmFizfaGycIvTmMdt3symGgkQtqAZ18svQK-b9IqT1kfyxldwMGnj6uIapGVYZ8sEVp6v-lzQ5SG22knxO0Nxvc8EzclRkYB8HRUY5AHKOvEy8H5wW6pH9P3rQz3CS8lgrtZC06-ydReEQVsELjocj0TbJa_gWi3FbRvngCbG2l-wc0qkajjoYia72NDGiNLDkB27X3hhdcFN615dcdCG8QjWMzBq_Z_h2pBR6JzKOPaomx5-HmEnz2TE8fCG2HwOJisyhRtXiV9JO93tM1cwFfqcG0W0KXIo9Ckbq3Pv4w62BEm-4NFXMk0PR5Ae7g7T6LF__aTmH9MRxSK0DyeMrOolLcDSdXDOP2cgLsrDxH3P4fmm3mV3R9wr38me4mgxASVD1Qxc1raBDzMVUN1AUOFEXubeNrESb-ju3fcw0jJXAFtr5qLsi5rPdIeflfTSWVbBfY1LTwwq6kCkqS0sCk9kIjntOyd0xbPUUzFvV_s5rwC6zg4763G-BSpAvc7xGC98mMYSaGL0LsUYaNP_9RqWZEasMuunjYzUuYQaDGs_nOqq0pHITjUsJv6tGT6dv2aA145JCeLOLaA7mVZ8BMxGyq6O3sBWJJCMCLv1s1uPTY-6YzMqRaedKVmvLd6kTE5hR34xtXj9izNeGrfbrW0YoPuUD1UoKe6Ftb8E7rThkG0sb6hCCbAEl2xrB_5tSaMzJYKiK1zoBrGgPpIqaM1xKX6IP82hDhlKAO_OZxTBTSvpeKaVTgGGZflTzvoOEF0NucjQzTH4Ptm-jsA-6K6jByy7CWv8_4eOJbLFNj_n1shl--Wsz6_B52vv0m3CIgzYUNlq0Dltq-R8LkGCJ0SqmdJRJcOs6vbUHALkYRr59cM-Sku7ta-fvYORoSMtGZH6P5FMJIx-ZUv26w5QMCUJ6tTEAZb0LrkdX_QyBQBi8Pg2RuLPYqwDIVe7nAn-NaEpBLR5zw78WT94FssxHDsB60sxMVrAhkUK9durLafYP61FTiR9h4g7RAg4YMdJN7Bl4MALSbj8cbIhnmITpWOtxhtXo7gYnyFKoa7f00D_fr0Xzcp5wBNh8Y0kJS9QDNxJT5_dC3TrPPdoK4Vd30VtT4yI7gQpf0nrcYdaEb5qU8Vz7sCHLmOuM_dzPSuA-xSUkh3fr2reZ_VkvMPS3XLbK0alIh95q6VYT1pOCoLmd4zXHB27lnT8jvoVGTeExdq8jn6sORGI-Ip4VLKjVCMCDpUC1O1VvP58vJinhLLEjgQO5Te9vrG8q-pC8N_9oah__c35IzEj-hBCugLzGn2hT8HAwdMvYAk-F6AyyVdhZkZBq_-oU4i4RLPqNGasYAtiEXRuLSTNK08I0UvF93cr580sP3hiMF29szEegSzTTe3hMKY1MpZqs7fp5CqNlm92CcHB6i4ApF9K909hxtor8dKqCluYHBgpH7qvPk_5NDnMGM31HBYV3zi-Z_SKGTn4XX9ESyOAc_x_wfC46aYAZnnD4Yj3YmK-lYkPBVjEnG5I3hN5wP8fq3vi0jOLZfsAmzwXOfhmtLa-hy0aHc2TWM9&cid=CAASJeRovNZeSEdXmZZ5QpBs1bRgcRYEiUkj_u5ZVj-Kfp61PP5apX8&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c81545d9563ab48d53fcab50bb75af59524e88a2a2c0de861f54588c9c2e9761
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33047
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A08 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A93NvgSWgdiM_FXz_MHOK3-3_rJvHBRbKpnbdQ70lt04FXEvApYqYplcGN0oRU4GoO0I4dG5rwxCsKGCXhtCDSkjLTJFcTjF0yFWIWux-LrI51sWU
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 2A08 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2021.js
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 01:30:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 01:30:51 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2A08 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37409
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651664140737961"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 08 May 2022 04:05:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 2A08 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0e7c44952ddcc2591ef2fc3ef2b99fc6623fa8a02e8f4c04957362695f91dcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 03:59:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6374
x-xss-protection
0
server
cafe
etag
12872279909177429123
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 03:59:28 GMT
l
www.google.com/ads/measurement/ Frame 2A08 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcbFsfWDSk63LpJnGyEGtSpy3vnrKZSlWYNxd6ybMIh2FLaJgd6xqdq2B2gJrMWKIZHBJSxThEZUI6gHwse0UsURbu_Q
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 04 May 2022 20:48:04 GMT
x-content-type-options
nosniff
age
285434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 04 May 2023 20:48:04 GMT
rum
dsum-sec.casalemedia.com/ Frame B9CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1&C=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNUNnz5vPPhiszybUCB3xi8O4rKmvP1d8uoI192RzVTxYeswGjxVl-486b2ESfs5OheQuCYpGtMmkiQ5f5CPhu7YWk0ls2RuBL_nvyk-1UZupO78kJMC1gRAUqS78REoRjKuQ_S702PqpDKWN5xkHhZAABvLpS9ugH7AE4CC13vmsNgKaAs
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 08 May 2022 04:05:18 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Sun, 08 May 2022 04:05:18 GMT
rum
dsum-sec.casalemedia.com/ Frame B9CD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YndBfsrfggpviMHbQYFmZgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNUNnz5vPPhiszybUCB3xi8O4rKmvP1d8uoI192RzVTxYeswGjxVl-486b2ESfs5OheQuCYpGtMmkiQ5f5CPhu7YWk0ls2RuBL_nvyk-1UZupO78kJMC1gRAUqS78REoRjKuQ_S702PqpDKWN5xkHhZAABvLpS9ugH7AE4CC13vmsNgKaAs
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 08 May 2022 04:05:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B9CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzlDvSX90rfVvOcq4DhfMI&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzlDvSX90rfVvOcq4DhfMI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNUNnz5vPPhiszybUCB3xi8O4rKmvP1d8uoI192RzVTxYeswGjxVl-486b2ESfs5OheQuCYpGtMmkiQ5f5CPhu7YWk0ls2RuBL_nvyk-1UZupO78kJMC1gRAUqS78REoRjKuQ_S702PqpDKWN5xkHhZAABvLpS9ugH7AE4CC13vmsNgKaAs
Protocol
HTTP/1.1
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:18 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
077794d9-d71f-43a0-91ab-6d782c34fd75
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzlDvSX90rfVvOcq4DhfMI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B9CD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwMzg5NjY1ODcyOTc4NzU5MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwMzg5NjY1ODcyOTc4NzU5MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNUNnz5vPPhiszybUCB3xi8O4rKmvP1d8uoI192RzVTxYeswGjxVl-486b2ESfs5OheQuCYpGtMmkiQ5f5CPhu7YWk0ls2RuBL_nvyk-1UZupO78kJMC1gRAUqS78REoRjKuQ_S702PqpDKWN5xkHhZAABvLpS9ugH7AE4CC13vmsNgKaAs
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:18 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2e889590-cb57-4300-852a-0576e7dd486b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwMzg5NjY1ODcyOTc4NzU5MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B5C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1&C=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNUkUoRmB7_VkSqYpJ3TNVkrxRENhhBbj11WS-PV2nLbiF4WtjZoDUXwLaeWEpnK2zcm2LggiABZkpqSQcck3ewOCiwaCXlw2iPuHEnt97OmxNsPSJ76a9L9MaMFzsktU8laUpLNpNbOCQdPOQnGJocqdaOTWUt8j21Ku3H4QbHcx6gWgTyBdy-wfJJF0CPB6gKxMkxT
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 08 May 2022 04:05:18 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Sun, 08 May 2022 04:05:18 GMT
rum
dsum-sec.casalemedia.com/ Frame B5C1
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YndBfsrfggpviMHbQYFmbAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1
43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNUkUoRmB7_VkSqYpJ3TNVkrxRENhhBbj11WS-PV2nLbiF4WtjZoDUXwLaeWEpnK2zcm2LggiABZkpqSQcck3ewOCiwaCXlw2iPuHEnt97OmxNsPSJ76a9L9MaMFzsktU8laUpLNpNbOCQdPOQnGJocqdaOTWUt8j21Ku3H4QbHcx6gWgTyBdy-wfJJF0CPB6gKxMkxT
Protocol
HTTP/1.1
Server
2.20.85.164 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-85-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:18 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 08 May 2022 04:05:18 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBNEXKoxEel5aWz4HC63tYQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B5C1
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEJzlDvSX90rfVvOcq4DhfMI&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzlDvSX90rfVvOcq4DhfMI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNUkUoRmB7_VkSqYpJ3TNVkrxRENhhBbj11WS-PV2nLbiF4WtjZoDUXwLaeWEpnK2zcm2LggiABZkpqSQcck3ewOCiwaCXlw2iPuHEnt97OmxNsPSJ76a9L9MaMFzsktU8laUpLNpNbOCQdPOQnGJocqdaOTWUt8j21Ku3H4QbHcx6gWgTyBdy-wfJJF0CPB6gKxMkxT
Protocol
HTTP/1.1
Server
185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:18 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b12c9d62-b780-4071-9daf-8dc75b8ce8d4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEJzlDvSX90rfVvOcq4DhfMI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B5C1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwMzg5NjY1ODcyOTc4NzU5MQ%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwMzg5NjY1ODcyOTc4NzU5MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNUkUoRmB7_VkSqYpJ3TNVkrxRENhhBbj11WS-PV2nLbiF4WtjZoDUXwLaeWEpnK2zcm2LggiABZkpqSQcck3ewOCiwaCXlw2iPuHEnt97OmxNsPSJ76a9L9MaMFzsktU8laUpLNpNbOCQdPOQnGJocqdaOTWUt8j21Ku3H4QbHcx6gWgTyBdy-wfJJF0CPB6gKxMkxT
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:18 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a2305209-6b71-4ca9-a450-9e880976584b
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTkwMzg5NjY1ODcyOTc4NzU5MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F195
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEENwLT_uymNr41_DDqkj6c4&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEENwLT_uymNr41_DDqkj6c4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNVoaJwE18Td2raZXNJiglyc7Q1XxbmpY7x3JAUCXIM_1iyzenpfqe9v1DyY0_3iuTQ3KLbLpcLa6EruDFsH9tzIrT9Q5Aj55Sf7C_tev2SBg1JOV20n6FSSEmErJbh-1bLgZ6d_v0PXrpY_mafl4oz7U8cVnfEBLDQ7CmSBM9UEmevMvNE
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
via
1.1 google
server
OXGW/18.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEENwLT_uymNr41_DDqkj6c4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame F195 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNVoaJwE18Td2raZXNJiglyc7Q1XxbmpY7x3JAUCXIM_1iyzenpfqe9v1DyY0_3iuTQ3KLbLpcLa6EruDFsH9tzIrT9Q5Aj55Sf7C_tev2SBg1JOV20n6FSSEmErJbh-1bLgZ6d_v0PXrpY_mafl4oz7U8cVnfEBLDQ7CmSBM9UEmevMvNE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame F195
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEFIR0BUL6mrhaWK6t_iBANY&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEFIR0BUL6mrhaWK6t_iBANY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNVoaJwE18Td2raZXNJiglyc7Q1XxbmpY7x3JAUCXIM_1iyzenpfqe9v1DyY0_3iuTQ3KLbLpcLa6EruDFsH9tzIrT9Q5Aj55Sf7C_tev2SBg1JOV20n6FSSEmErJbh-1bLgZ6d_v0PXrpY_mafl4oz7U8cVnfEBLDQ7CmSBM9UEmevMvNE
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 08 May 2022 04:05:18 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEFIR0BUL6mrhaWK6t_iBANY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame F195 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj6tczIATAB&v=APEucNVoaJwE18Td2raZXNJiglyc7Q1XxbmpY7x3JAUCXIM_1iyzenpfqe9v1DyY0_3iuTQ3KLbLpcLa6EruDFsH9tzIrT9Q5Aj55Sf7C_tev2SBg1JOV20n6FSSEmErJbh-1bLgZ6d_v0PXrpY_mafl4oz7U8cVnfEBLDQ7CmSBM9UEmevMvNE
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 08 May 2022 04:05:18 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
partner
sync.search.spotxchange.com/ Frame FB97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELg9cpxQumFES1JYDhg8OVA&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELg9cpxQumFES1JYDhg8OVA&google_cver=1&__user_check__=1&sync_id=129daeb6-ce84-11ec-9bdb-18c6427b0306
43 B
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESELg9cpxQumFES1JYDhg8OVA&google_cver=1&__user_check__=1&sync_id=129daeb6-ce84-11ec-9bdb-18c6427b0306
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj7tczIATAB&v=APEucNXEA1wgL_mZwHolWOS5T_RIsLqcNCxM1VkyMYK1_GNWqDdgq9K751CAjR2dtPpv1Kn3lxWMAmD_mmD7XpADDP05ZCk82_x32oae0tUPq303TZhOaGr-5R7NsxHLdVe4sV09Fd1fnbnf6rnBUP1Ve67DVw26GiNBi1aVwWMI2p_naTlDSik
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 08 May 2022 04:05:18 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
6
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sun, 08 May 2022 04:05:18 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESELg9cpxQumFES1JYDhg8OVA&google_cver=1&__user_check__=1&sync_id=129daeb6-ce84-11ec-9bdb-18c6427b0306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
108
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame FB97
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTI5NGZkZDktY2U4NC0xMWVjLWFjNjUtMTQxOTIyMDYwMjA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTI5NGZkZDktY2U4NC0xMWVjLWFjNjUtMTQxOTIyMDYwMjA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj7tczIATAB&v=APEucNXEA1wgL_mZwHolWOS5T_RIsLqcNCxM1VkyMYK1_GNWqDdgq9K751CAjR2dtPpv1Kn3lxWMAmD_mmD7XpADDP05ZCk82_x32oae0tUPq303TZhOaGr-5R7NsxHLdVe4sV09Fd1fnbnf6rnBUP1Ve67DVw26GiNBi1aVwWMI2p_naTlDSik
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 08 May 2022 04:05:18 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MTI5NGZkZDktY2U4NC0xMWVjLWFjNjUtMTQxOTIyMDYwMjA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
101
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55946/ Frame FB97
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESED5I5AUkqeK2jD-xxGzOOt8&_origin=1&google_cver=1
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED5I5AUkqeK2jD-xxGzOOt8&_origin=1&google_cver=1&apid=UP12873b28-ce84-11ec-a783-0283112e4064
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED5I5AUkqeK2jD-xxGzOOt8&_origin=1&google_cver=1&apid=UP12873b28-ce84-11ec-a783-0283112e4064&verify=true
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED5I5AUkqeK2jD-xxGzOOt8&_origin=1&google_cver=1&apid=UP12873b28-ce84-11ec-a783-0283112e4064&verify=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj7tczIATAB&v=APEucNXEA1wgL_mZwHolWOS5T_RIsLqcNCxM1VkyMYK1_GNWqDdgq9K751CAjR2dtPpv1Kn3lxWMAmD_mmD7XpADDP05ZCk82_x32oae0tUPq303TZhOaGr-5R7NsxHLdVe4sV09Fd1fnbnf6rnBUP1Ve67DVw26GiNBi1aVwWMI2p_naTlDSik
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESED5I5AUkqeK2jD-xxGzOOt8&_origin=1&google_cver=1&apid=UP12873b28-ce84-11ec-a783-0283112e4064&verify=true
date
Sun, 08 May 2022 04:05:18 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame FB97
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP12873b28-ce84-11ec-a783-0283112e4064
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP12873b28-ce84-11ec-a783-0283112e4064&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAxMjg3M2IyOC1jZTg0LTExZWMtYTc4My0wMjgzMTEyZTQwNjQ%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAxMjg3M2IyOC1jZTg0LTExZWMtYTc4My0wMjgzMTEyZTQwNjQ%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPyYgQEQ_cKFARj7tczIATAB&v=APEucNXEA1wgL_mZwHolWOS5T_RIsLqcNCxM1VkyMYK1_GNWqDdgq9K751CAjR2dtPpv1Kn3lxWMAmD_mmD7XpADDP05ZCk82_x32oae0tUPq303TZhOaGr-5R7NsxHLdVe4sV09Fd1fnbnf6rnBUP1Ve67DVw26GiNBi1aVwWMI2p_naTlDSik
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVAxMjg3M2IyOC1jZTg0LTExZWMtYTc4My0wMjgzMTEyZTQwNjQ%3D
date
Sun, 08 May 2022 04:05:18 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
1
servicer.idealmedia.io/1296107/ 		1 KB
873 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.idealmedia.io/1296107/1?pv=5&cbuster=165198271821272707385&uniqId=038ea&childs=1296181&lct=1650499200&niet=4g&nisd=false&jsv=es6&w=300&h=100&cols=1&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=6277417e-13d2d&pageView=1&pvid=180a1d7d486a2522137&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
674dfab03d4ce9bf29aa896cf93cdf6875b068bd7097a3a90657651bc48e4862

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
707f50f4fdc98861-LHR
1
servicer.idealmedia.io/1211636/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.idealmedia.io/1211636/1?w=300&h=211&wrongImageSize=1&cols=1&pv=5&cbuster=1651982718221806363004&uniqId=02fdd&lct=1650499200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=6277417e-13d2d&pageView=0&pvid=180a1d7d486a2522137&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06460bf7c5f4dca446e79cb15c7de70cfbb2f31a6bc55b49ef2f8a7c7463488e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
707f50f4fdcb8861-LHR
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D6B8 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Origin
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 May 2022 15:33:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/ Frame D6B8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcX5HWa_e2qH-vQGt_1xrUckgoh92M7hud9g0BJ1lbsxhWls7rSgi-Xk5IM_c6C1CgVuRYQCM6gja8L0ToN3sfkG8mp1mtcQj6EINsgeep7otuD8vjW7mIiWbK-mEqeAKoPv4FlXbAD3zRaYcNaIeQ--VNlg&dbm_d=AKAmf-AvtQXsyqTKwqvVZ6bPswAk38tQUtaiiScX4SrHPiMsia0u2KnDPSHDHT6pvdTvXRv9c8y3IxpGdBmmg-iUqDRVwRDZMjg7B3348d06XuwrR_pmd_3fUIWEHyewhp-v2qtKdF_Ebrxc5-2H639JG7tz89yyTxv1Ia6aLUGFsGID45tPnv9swkjfqa5jnGxbzZ_K9zX5QZtKsuCHp6BnPNFUGMuuXQBPt3ifxh5wugKIbNvetASdkcIselM3pUXcp5KKWM4ORG15PIkZwga1xKeZzq9bdfWtoMIcUextiDy2-3OxmxN61L-mAUkH8yTzHMMQBv3unu9ji9VG6WvZU77hw54qYncfjpfCG-BaPW2EM9F3JVq5Iw9hUQSLtfhAFrCV3wtrO7k187lijwnYXWZPMjnglYy_caS7wDpFzyEJM1A1x2--uTYr-DLS52c5a1HsmMq7RR-_QFi5VzEFgnf6MBrblKRHjWZ2VFdRSHcxA85UHmDbhrawhYumEXfx9Y_3pCOOhgHVe61u9kC3peBe7tPqu-OWzp0bj0O2Ce1Fl5GN0JyrI8tZP-EWiPyDr6egtb47n_EucQ-9x6U5tuuUMYGDhVARLsa0ZMKcWe_tc-SDsLwHQE4t8ynnd-RhHn1Dd5pmV1uyIcOaErFT3gc2IJUZwnesNqvGGDO0nno5HlNI3yUzzO9YX1rp_6dqxOB2E4oJNUcy97mlTe3n45UL5N3053MbjiRimDnan-hvxiJPHJokX8DZKjtpgkeuFO9WhncVd7mhI9l9fhX-2K9RKxjYEFiOCHVdl__ySDT-KyWr2eHrRY_CyXF6QcghK_Wma3N2aVyYJPVHVMGp9RVEArVuekV5-xHqGQjiLNjnPjYH-dyRgNsAqs9QrOHdLHNMNmpNmUTcFx9-4HKvubsTrkQlgCV8N6JtgAcXARtpF_tJBEm71YWillFxafziIqB93bXGnf7iINqL-en_yTe7IhKSEmoaRoLSIwEccBlm1ODiKxQuYj_b79FwN6D1-7UfXAqjxWfMzTZIxvZRDio2MdXpFjVyRQPWUSXsIwihTEUv5Ic-s4CSDI6U3KQadhkXaMAExgT8y-Z-5_jvVtOCF791_mkEDdafkX7jL3h-_MP9VbnnXfa2l6G4hRNmA27i5SbkcbpHLhhCmZ26OrJLgPL-GTMRX5FRGk6N8yQraZobSCB-MQLnpcERsLBNwhwIvkStXC2xrzcUEvg4BZwg3v40DzjejECa9hk4RY6tFjRHvSkAXx5C4DYUOadzODMsnOSTjp7khTwnP_bQr1WPNUCIyS5AdZlnAsIieHo4OE8CFmqcZmjl8UoX7zPxgaLaPnbiCsBG7CUNmc1T91qSXWJyMEp9UJG0oH-n2qsCYNcjINI1cmb9Qd-n7i8cfGsWqQigRV5326bCfXGIaomu5SthnM4dDcml3bZhQ4PvI2n7ErETOFsHo_fwXGZMqZ-f3g1w_6yCsJX77ob7SQD_RjEnrmqTIY65JkTVP0z4hb_uqEYO_tqjRS4rFWwh-sStWa8Z-2ezu-E5rqPZD9o3oAy6j-LyPRgYNOmdEVOw-P_KawmB45DAHaHyTn5FwC8agEby6E38_lrRjvu7x7c4tEQBD5CFOYevcO0c6JPCcZV7mnWsQDAi_joO9AY530505uhtxAyBTZLKnCLTQdRiq9eAnqE_sgFlq2CT8aOmF4Det6-BpRR73eR_17sYH2398rzE3gG39eM6btx3MPN4Y6GUEceXE0wXIS3peplwXK1nU5Co1S3GoKC3oPpG6aLgBnpZG1GQphv5RqOY7-u6zfXZyYUiiveD4vbc4qscMf9HGjwobcW5I-Tmn4kr8bAgjwpQTqUK0WE9-2K-Lq5AaUCaVIXZL2MFPbYd9VOcBlKEaCvL9Pj4OmXeGe0Pnzx6a6ziYc9uglR2vaoRzvjusmRUDSMCj_-pWxw9UFgVrwQJNYoqCIm6kg98anKfVuUu0dTFuStauUQ5Z4c-93YzAlXGipCi_mNbCZnMTwBITUUZCvibYozMQh5zp3h3XKG6IkVF356EuDJ8HTL8jfQ7EtJRJAcD4RaPjtZ_OQqeEiK4Q_d4BzZo-rA3P0NIGUhtkwl_GNCl3IDIEGVE80SSxxxDL1GcI4VRA1mMDDZJMWQQEMcj6IMN0Y5bTA0JbVg7y-AAvtWcntkWt_Hy_Bn5ZMxT9U4A_SHEPyIG9p4P93bLKSrob8HTMMcko3vl59AxWYLnzsRtJnz4zfQo2hZ7YTTU4JXTZ_ubuX7tjXbf1cgqiPPMyjtLlFh5tzxY22E9H83-xSYzaB0Sknt8D1cFj6n8S0on70iwFNs4Vz6SKfGI1Fjp7IUDR643_Tg2WCO4TEsYQ_gMN_dNOUeVwNl07ezgFdyGxOh7xGATLweQllmm89D7LZOysvk-HiYwFgdmJ_2pt200DgGlgY8mA_cbZnGRKqFohQ45kQsCml_3Sof6feRNZKLMA0SgcQ4BTUYdMkFqRs-rWj-oY1O_ECtC3_O_SG2NB3SngyoPBopOsxSV-UM_vV0hbBc89GoJgohm80K-aatN7ZMwNl2KmA3-nKx1KJ7zbYwHwfyElsP2s-36Nq0PQyhu0wAktt4CHxWhkphmvUck24vIeR2fnMMj78IC7QPyu4jEDrYatHyLL_Y7YdqO2GKxFVXMXqgwO-3Oz-ffPPWVUAkI92CfMBegMXosLTWeXG7HsDS0pHI7Lhs-FAHUP7Oul_yf3SNg5WpwM3CuUj_4q-ZxBdzLdkKizJ48tVEE1joGisszbToAa39yG98bSOjubzqGfM8twgWL6CfOjeB2gbKOdCo8Jtd7ZoLsIpqTLsnyk_R2yt65YPzZNXm6U2U3ELef9VMIwSIXvJ3NQPFW9FopSFXAHIxGiOVOMJ0hZjyoj-2m4sxtkgd94OLeaL3WX_5qASQa9T2yAGUnCiW8hVy80ZI50FeBRtDHI5zlXvJqi4UwSmpXsnEjI0aYkD-sm_KbUd2nTjgeK8TockR-0o7UOyDSdZFtO7MKHqJ6wymG_OWemTSutrsbpup-5kCZX4vY_Zt6EajIqqLO&cid=CAASJeRoSjGfcZ9sgYQffvYx6p-GQf3YB--TZoPaMCqtI9xsRkP3PFA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 04:03:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame D6B8 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CcX5HWa_e2qH-vQGt_1xrUckgoh92M7hud9g0BJ1lbsxhWls7rSgi-Xk5IM_c6C1CgVuRYQCM6gja8L0ToN3sfkG8mp1mtcQj6EINsgeep7otuD8vjW7mIiWbK-mEqeAKoPv4FlXbAD3zRaYcNaIeQ--VNlg&dbm_d=AKAmf-AvtQXsyqTKwqvVZ6bPswAk38tQUtaiiScX4SrHPiMsia0u2KnDPSHDHT6pvdTvXRv9c8y3IxpGdBmmg-iUqDRVwRDZMjg7B3348d06XuwrR_pmd_3fUIWEHyewhp-v2qtKdF_Ebrxc5-2H639JG7tz89yyTxv1Ia6aLUGFsGID45tPnv9swkjfqa5jnGxbzZ_K9zX5QZtKsuCHp6BnPNFUGMuuXQBPt3ifxh5wugKIbNvetASdkcIselM3pUXcp5KKWM4ORG15PIkZwga1xKeZzq9bdfWtoMIcUextiDy2-3OxmxN61L-mAUkH8yTzHMMQBv3unu9ji9VG6WvZU77hw54qYncfjpfCG-BaPW2EM9F3JVq5Iw9hUQSLtfhAFrCV3wtrO7k187lijwnYXWZPMjnglYy_caS7wDpFzyEJM1A1x2--uTYr-DLS52c5a1HsmMq7RR-_QFi5VzEFgnf6MBrblKRHjWZ2VFdRSHcxA85UHmDbhrawhYumEXfx9Y_3pCOOhgHVe61u9kC3peBe7tPqu-OWzp0bj0O2Ce1Fl5GN0JyrI8tZP-EWiPyDr6egtb47n_EucQ-9x6U5tuuUMYGDhVARLsa0ZMKcWe_tc-SDsLwHQE4t8ynnd-RhHn1Dd5pmV1uyIcOaErFT3gc2IJUZwnesNqvGGDO0nno5HlNI3yUzzO9YX1rp_6dqxOB2E4oJNUcy97mlTe3n45UL5N3053MbjiRimDnan-hvxiJPHJokX8DZKjtpgkeuFO9WhncVd7mhI9l9fhX-2K9RKxjYEFiOCHVdl__ySDT-KyWr2eHrRY_CyXF6QcghK_Wma3N2aVyYJPVHVMGp9RVEArVuekV5-xHqGQjiLNjnPjYH-dyRgNsAqs9QrOHdLHNMNmpNmUTcFx9-4HKvubsTrkQlgCV8N6JtgAcXARtpF_tJBEm71YWillFxafziIqB93bXGnf7iINqL-en_yTe7IhKSEmoaRoLSIwEccBlm1ODiKxQuYj_b79FwN6D1-7UfXAqjxWfMzTZIxvZRDio2MdXpFjVyRQPWUSXsIwihTEUv5Ic-s4CSDI6U3KQadhkXaMAExgT8y-Z-5_jvVtOCF791_mkEDdafkX7jL3h-_MP9VbnnXfa2l6G4hRNmA27i5SbkcbpHLhhCmZ26OrJLgPL-GTMRX5FRGk6N8yQraZobSCB-MQLnpcERsLBNwhwIvkStXC2xrzcUEvg4BZwg3v40DzjejECa9hk4RY6tFjRHvSkAXx5C4DYUOadzODMsnOSTjp7khTwnP_bQr1WPNUCIyS5AdZlnAsIieHo4OE8CFmqcZmjl8UoX7zPxgaLaPnbiCsBG7CUNmc1T91qSXWJyMEp9UJG0oH-n2qsCYNcjINI1cmb9Qd-n7i8cfGsWqQigRV5326bCfXGIaomu5SthnM4dDcml3bZhQ4PvI2n7ErETOFsHo_fwXGZMqZ-f3g1w_6yCsJX77ob7SQD_RjEnrmqTIY65JkTVP0z4hb_uqEYO_tqjRS4rFWwh-sStWa8Z-2ezu-E5rqPZD9o3oAy6j-LyPRgYNOmdEVOw-P_KawmB45DAHaHyTn5FwC8agEby6E38_lrRjvu7x7c4tEQBD5CFOYevcO0c6JPCcZV7mnWsQDAi_joO9AY530505uhtxAyBTZLKnCLTQdRiq9eAnqE_sgFlq2CT8aOmF4Det6-BpRR73eR_17sYH2398rzE3gG39eM6btx3MPN4Y6GUEceXE0wXIS3peplwXK1nU5Co1S3GoKC3oPpG6aLgBnpZG1GQphv5RqOY7-u6zfXZyYUiiveD4vbc4qscMf9HGjwobcW5I-Tmn4kr8bAgjwpQTqUK0WE9-2K-Lq5AaUCaVIXZL2MFPbYd9VOcBlKEaCvL9Pj4OmXeGe0Pnzx6a6ziYc9uglR2vaoRzvjusmRUDSMCj_-pWxw9UFgVrwQJNYoqCIm6kg98anKfVuUu0dTFuStauUQ5Z4c-93YzAlXGipCi_mNbCZnMTwBITUUZCvibYozMQh5zp3h3XKG6IkVF356EuDJ8HTL8jfQ7EtJRJAcD4RaPjtZ_OQqeEiK4Q_d4BzZo-rA3P0NIGUhtkwl_GNCl3IDIEGVE80SSxxxDL1GcI4VRA1mMDDZJMWQQEMcj6IMN0Y5bTA0JbVg7y-AAvtWcntkWt_Hy_Bn5ZMxT9U4A_SHEPyIG9p4P93bLKSrob8HTMMcko3vl59AxWYLnzsRtJnz4zfQo2hZ7YTTU4JXTZ_ubuX7tjXbf1cgqiPPMyjtLlFh5tzxY22E9H83-xSYzaB0Sknt8D1cFj6n8S0on70iwFNs4Vz6SKfGI1Fjp7IUDR643_Tg2WCO4TEsYQ_gMN_dNOUeVwNl07ezgFdyGxOh7xGATLweQllmm89D7LZOysvk-HiYwFgdmJ_2pt200DgGlgY8mA_cbZnGRKqFohQ45kQsCml_3Sof6feRNZKLMA0SgcQ4BTUYdMkFqRs-rWj-oY1O_ECtC3_O_SG2NB3SngyoPBopOsxSV-UM_vV0hbBc89GoJgohm80K-aatN7ZMwNl2KmA3-nKx1KJ7zbYwHwfyElsP2s-36Nq0PQyhu0wAktt4CHxWhkphmvUck24vIeR2fnMMj78IC7QPyu4jEDrYatHyLL_Y7YdqO2GKxFVXMXqgwO-3Oz-ffPPWVUAkI92CfMBegMXosLTWeXG7HsDS0pHI7Lhs-FAHUP7Oul_yf3SNg5WpwM3CuUj_4q-ZxBdzLdkKizJ48tVEE1joGisszbToAa39yG98bSOjubzqGfM8twgWL6CfOjeB2gbKOdCo8Jtd7ZoLsIpqTLsnyk_R2yt65YPzZNXm6U2U3ELef9VMIwSIXvJ3NQPFW9FopSFXAHIxGiOVOMJ0hZjyoj-2m4sxtkgd94OLeaL3WX_5qASQa9T2yAGUnCiW8hVy80ZI50FeBRtDHI5zlXvJqi4UwSmpXsnEjI0aYkD-sm_KbUd2nTjgeK8TockR-0o7UOyDSdZFtO7MKHqJ6wymG_OWemTSutrsbpup-5kCZX4vY_Zt6EajIqqLO&cid=CAASJeRoSjGfcZ9sgYQffvYx6p-GQf3YB--TZoPaMCqtI9xsRkP3PFA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 04:04:49 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame C660 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Origin
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 May 2022 15:33:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/ Frame C660 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BT8lK7HAdbnKGeCRGEgp8XPE-ebZCQzDX9APXtVeo_aOEZYqeOD8-cLeBwYKpfAy0eQOmq9R7HuW14lDjkCIqnFf7GTlhqcKKb8miK-nVrQYxJVr6WMu8cePuEYbBYXqQaAbtcdzWBWq4zCGVJeFgflOOXkg&dbm_d=AKAmf-BYfqx3O8b2i_i83gmuaUUCQbRgpeCH_o2lGVcBsy3yCQgLwc7xT30aawb3YRggtBKLulbhKRTguVMIE2CRLmKQVll2puEpxYccgllEQEpDKvq7_rvQaczR49B7WzMbcS549I2oHiyTk3XBcOgMq78idOEhQZ2LORTh-o6ursyrCzwSc8MxX8QpOEXYxMtjUKw0WIoKb24yMjf-I4xmmdOmMTeAM0hVmaJwhQVf1id3bO3XK23yiLW7CWP5hwhrHjqgwoeNN2Miwr9xn0fTyx3psUNFN-m5OXOa1lMtIohy_1YfC-WiGnqfl-kOEG72S04tXLnV5MT2_igHKY_-BVwGZbMxCVjO4kwzO2z86xvZEm2zm3KpDUGtTIsJj38zEpiymJLb-xibwWAPKAwoIe5Pbn92-fCgtMqvaTIoLc_XbIlPEl2htDouBzD87EH8u5qP_L21zJQ3pirp2gwQZPSd1Jtj_hYhck_PPSsMTh45l7izpIiO6VfOryAeawKq_pPwMVV5tS5IdZaX6S3z59r0AZWlwdwb6TY_yuOWp0emaAhqaNDf0CQHCmeq63T8ojDxNZFwfk1-wvRVFvvcAu8Y5xuJIi4_Cjp5fuSUPbDHUPwkoY-rveDJq73-pq271xKmauURXXcknsIur8kxt9NeuPBUVhlO_B2AgSOwJotXUYel7BfGeYI5XwP8n9Eqg1Z3AVA3VpzY1llmhSNTZv0DNlIcDDSMth-ndwUAaFicqc_L1dmBfzryVZeGPXFq1CWOos3G454SXVBUibgaNzc3QeV3Wp3sZQXIHb4u8IqP5m4iLH922aW4r4b0d-ZyLAC92Hy_-SAMsdifBhmKdknh-0MQG_h4qYlE6Iw_k2_iITpvMP5VWAXRQ-zDQvW3xASdpf3xhNGL9NI6JXDNcBk92G6I1PDspBOPEe7uMVmggPgJLDitmp4JWehVkXKGx4_SSja1z3t2kcTuXQxbu7aVjBYBNKT-XtKRsWFvBXxA7vT1TpQN-1zE0KoYim5PGKpAURV5APxkAOv1cJ0rXPAZcYKq5s2GJT5GHltHAvNDYzboCPyJaaQ0U5qFSqN3SeVnS-_qQZj7QRvhpY3CZCc2wg0dzjOaAoMGaNwWiMxAWPNUpc7QaBv2Y3smYg3K6iIWYJLuFBybfqRu8Iv9yoP2s_oKFk4-xXOiY2YiyoswFSCJTxC-WkwtYlO8KLmb_mXtBWswyW5L9nkpPrnN6JUSAthZaZCxH7IBfEqgIepXpkov--bud8iWeW1wv7YJG7f0A4sfhRkGuMuqxytoSLDe6r9X5jNW3bPFA6qdpR1N-BJPWzvwn9Hc8_tGh359aoXnj0NdKlPRSMMPeOPZL5IDw9Cy5APLMuyYUOqwSK_NqcGm66MrekbpgyK--rCYQZF4OTtw_zcTyH_h-iC3H8b7wuZe1FhRWubsEqODwhslfhYmpqSPFWVXPIePjB6MsXo7T7rzralg9LkcUGRxQHMIDIOIkykWE8p8-XNwRqaQE0J0uAyKV7klRSmLV53xA1Gq5LVtleGAdiww0qI8Rr_iY4KVu6VTcLimf1Mlm9rQNNh1yXCLbLz1MiteRx25EP8hey1ULVn4lqOajvt9Tvk218j3BzW9qliiG1pGKbibJFV4d-D7C_OBsuGZEFkfFXEVAzZegsjSshAVgZzkeAD6sEODobyOu3mQI6xqWt_rkmCxUIeVq1yszPzXkXcMkf2-JG8s6BLrxPk1pO5Wz_6KY05hIeYaUVzbos5tNZGqG5otm2Df51e5uclqht7URjv02FYWMpR4-yzifBrWM4oKLXo6C2RbMmXfKBJDM3QqbWY2F3hHOSXEVyYhE0QYfOosl8QqabsR-tQk1WD2VfttiEIVMqakvlngzaDWURnTnesbli19f_5qJASDuiURjkAWqvUTu-Bd1LyQwxTEwrhjFtyjRJp4u28TpWvMt8upubAF5R0EHB2MUjM7llPxOQtWmWKRKiXD_ZfZFWe61OOvmcRiDB9If-qDoj9w39FAPoDBX3ZsLbCQdPzl-WXobztBturZ2xqYfrn9BuU1DpByEW5lfJCn8lNn_8KWZfAmq3xUCcrLcB-N6D-e-zbQ2h3b9wIzXZTxcE_1yQkiX0J50vgZAziTmdbB-pmbRyt68y3w-Dfw6fBBGrX9erSVCAj3dw4w1T98tth75Q6LQWdhSImibJTr7JbXk8jMHMIe1kWmqaSaac8aSOWdnXDChmUOhpy8zLwLxtN2OaVzvn7t4fQ3NBvVHiZvT2LCnbxXMsK0GmnrOEuU9_xMK-Txb_-C4SFbmfIxOmoDkJh05ZTT3qOyqPoAvmAMzIu8dnOzpnB1cRhpq9Lf2R7MiheoFNEZFIp-wXtD9xovmdtkTvpCuxpc0ET_FlujdpWbjd75vcZ9bIxBpWvD_hK488rKRKf_WkfSqdyESKBbOF38EsxV5dEt4eIo6cw2E1yQumnR8CX4kRLOUr6XHzVKltsjekETOR6bSLs_XjzOaCmWhIn966MZJoMKQuuRRXLylMars2RuRHQvdKbejwMi9zQ_x43TFAB_bmYu7_ocoXnvlqPsyZEFpULM5mYbf9ICutja4SQ-DAIHcD98e_bXq2LKjas9k_m7jDhKYRyXe_GbAA23YNwAJXRxenmpiISUbeX2dl61NmBZShU0_YZU26RL3tAItnBk_tI1fsSsHxTGv_n_ZmDeMSkkyUyYfY8wyrU1eWFD-6r28vN-eqVSmkzi8J1IVmHy6sWAQAw-O0nbRNt11MZVtbJvSZXuE0_NSsnRh6FAFZwErtXBeZH3t42MXJbUOJHJy2JIQOPNfVpmHZuRo3N-nHhkg4thghtUcUAcyhD_rk9nRFqtPCYkmtMEHnutu_Gydm_Mqfl9sA-bDqBZb0YM94B5DIi966FcG9Dm7AjCC1pukR4XKnWj_tKB_f3gnaGsSxTWXFu5SHMp-jzu3CrMpy6E_bfjHSXLpbKyV8BEj4NWsmAbvksyf2TY657t2HAzDzp6jHN9H3kA6iQ1V5CDnmvUG7f3ltNpqFwWtWfhcmAFQyxMkQaAKYJIgCm03-kTt7otzabG-U-KYacL9Kh2pA&cid=CAASJeRoF-SbrwimfIfyZPOLstc-oJY25Ft7yjj7GRqGysEYDFW6EEA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 04:03:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame C660 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BT8lK7HAdbnKGeCRGEgp8XPE-ebZCQzDX9APXtVeo_aOEZYqeOD8-cLeBwYKpfAy0eQOmq9R7HuW14lDjkCIqnFf7GTlhqcKKb8miK-nVrQYxJVr6WMu8cePuEYbBYXqQaAbtcdzWBWq4zCGVJeFgflOOXkg&dbm_d=AKAmf-BYfqx3O8b2i_i83gmuaUUCQbRgpeCH_o2lGVcBsy3yCQgLwc7xT30aawb3YRggtBKLulbhKRTguVMIE2CRLmKQVll2puEpxYccgllEQEpDKvq7_rvQaczR49B7WzMbcS549I2oHiyTk3XBcOgMq78idOEhQZ2LORTh-o6ursyrCzwSc8MxX8QpOEXYxMtjUKw0WIoKb24yMjf-I4xmmdOmMTeAM0hVmaJwhQVf1id3bO3XK23yiLW7CWP5hwhrHjqgwoeNN2Miwr9xn0fTyx3psUNFN-m5OXOa1lMtIohy_1YfC-WiGnqfl-kOEG72S04tXLnV5MT2_igHKY_-BVwGZbMxCVjO4kwzO2z86xvZEm2zm3KpDUGtTIsJj38zEpiymJLb-xibwWAPKAwoIe5Pbn92-fCgtMqvaTIoLc_XbIlPEl2htDouBzD87EH8u5qP_L21zJQ3pirp2gwQZPSd1Jtj_hYhck_PPSsMTh45l7izpIiO6VfOryAeawKq_pPwMVV5tS5IdZaX6S3z59r0AZWlwdwb6TY_yuOWp0emaAhqaNDf0CQHCmeq63T8ojDxNZFwfk1-wvRVFvvcAu8Y5xuJIi4_Cjp5fuSUPbDHUPwkoY-rveDJq73-pq271xKmauURXXcknsIur8kxt9NeuPBUVhlO_B2AgSOwJotXUYel7BfGeYI5XwP8n9Eqg1Z3AVA3VpzY1llmhSNTZv0DNlIcDDSMth-ndwUAaFicqc_L1dmBfzryVZeGPXFq1CWOos3G454SXVBUibgaNzc3QeV3Wp3sZQXIHb4u8IqP5m4iLH922aW4r4b0d-ZyLAC92Hy_-SAMsdifBhmKdknh-0MQG_h4qYlE6Iw_k2_iITpvMP5VWAXRQ-zDQvW3xASdpf3xhNGL9NI6JXDNcBk92G6I1PDspBOPEe7uMVmggPgJLDitmp4JWehVkXKGx4_SSja1z3t2kcTuXQxbu7aVjBYBNKT-XtKRsWFvBXxA7vT1TpQN-1zE0KoYim5PGKpAURV5APxkAOv1cJ0rXPAZcYKq5s2GJT5GHltHAvNDYzboCPyJaaQ0U5qFSqN3SeVnS-_qQZj7QRvhpY3CZCc2wg0dzjOaAoMGaNwWiMxAWPNUpc7QaBv2Y3smYg3K6iIWYJLuFBybfqRu8Iv9yoP2s_oKFk4-xXOiY2YiyoswFSCJTxC-WkwtYlO8KLmb_mXtBWswyW5L9nkpPrnN6JUSAthZaZCxH7IBfEqgIepXpkov--bud8iWeW1wv7YJG7f0A4sfhRkGuMuqxytoSLDe6r9X5jNW3bPFA6qdpR1N-BJPWzvwn9Hc8_tGh359aoXnj0NdKlPRSMMPeOPZL5IDw9Cy5APLMuyYUOqwSK_NqcGm66MrekbpgyK--rCYQZF4OTtw_zcTyH_h-iC3H8b7wuZe1FhRWubsEqODwhslfhYmpqSPFWVXPIePjB6MsXo7T7rzralg9LkcUGRxQHMIDIOIkykWE8p8-XNwRqaQE0J0uAyKV7klRSmLV53xA1Gq5LVtleGAdiww0qI8Rr_iY4KVu6VTcLimf1Mlm9rQNNh1yXCLbLz1MiteRx25EP8hey1ULVn4lqOajvt9Tvk218j3BzW9qliiG1pGKbibJFV4d-D7C_OBsuGZEFkfFXEVAzZegsjSshAVgZzkeAD6sEODobyOu3mQI6xqWt_rkmCxUIeVq1yszPzXkXcMkf2-JG8s6BLrxPk1pO5Wz_6KY05hIeYaUVzbos5tNZGqG5otm2Df51e5uclqht7URjv02FYWMpR4-yzifBrWM4oKLXo6C2RbMmXfKBJDM3QqbWY2F3hHOSXEVyYhE0QYfOosl8QqabsR-tQk1WD2VfttiEIVMqakvlngzaDWURnTnesbli19f_5qJASDuiURjkAWqvUTu-Bd1LyQwxTEwrhjFtyjRJp4u28TpWvMt8upubAF5R0EHB2MUjM7llPxOQtWmWKRKiXD_ZfZFWe61OOvmcRiDB9If-qDoj9w39FAPoDBX3ZsLbCQdPzl-WXobztBturZ2xqYfrn9BuU1DpByEW5lfJCn8lNn_8KWZfAmq3xUCcrLcB-N6D-e-zbQ2h3b9wIzXZTxcE_1yQkiX0J50vgZAziTmdbB-pmbRyt68y3w-Dfw6fBBGrX9erSVCAj3dw4w1T98tth75Q6LQWdhSImibJTr7JbXk8jMHMIe1kWmqaSaac8aSOWdnXDChmUOhpy8zLwLxtN2OaVzvn7t4fQ3NBvVHiZvT2LCnbxXMsK0GmnrOEuU9_xMK-Txb_-C4SFbmfIxOmoDkJh05ZTT3qOyqPoAvmAMzIu8dnOzpnB1cRhpq9Lf2R7MiheoFNEZFIp-wXtD9xovmdtkTvpCuxpc0ET_FlujdpWbjd75vcZ9bIxBpWvD_hK488rKRKf_WkfSqdyESKBbOF38EsxV5dEt4eIo6cw2E1yQumnR8CX4kRLOUr6XHzVKltsjekETOR6bSLs_XjzOaCmWhIn966MZJoMKQuuRRXLylMars2RuRHQvdKbejwMi9zQ_x43TFAB_bmYu7_ocoXnvlqPsyZEFpULM5mYbf9ICutja4SQ-DAIHcD98e_bXq2LKjas9k_m7jDhKYRyXe_GbAA23YNwAJXRxenmpiISUbeX2dl61NmBZShU0_YZU26RL3tAItnBk_tI1fsSsHxTGv_n_ZmDeMSkkyUyYfY8wyrU1eWFD-6r28vN-eqVSmkzi8J1IVmHy6sWAQAw-O0nbRNt11MZVtbJvSZXuE0_NSsnRh6FAFZwErtXBeZH3t42MXJbUOJHJy2JIQOPNfVpmHZuRo3N-nHhkg4thghtUcUAcyhD_rk9nRFqtPCYkmtMEHnutu_Gydm_Mqfl9sA-bDqBZb0YM94B5DIi966FcG9Dm7AjCC1pukR4XKnWj_tKB_f3gnaGsSxTWXFu5SHMp-jzu3CrMpy6E_bfjHSXLpbKyV8BEj4NWsmAbvksyf2TY657t2HAzDzp6jHN9H3kA6iQ1V5CDnmvUG7f3ltNpqFwWtWfhcmAFQyxMkQaAKYJIgCm03-kTt7otzabG-U-KYacL9Kh2pA&cid=CAASJeRoF-SbrwimfIfyZPOLstc-oJY25Ft7yjj7GRqGysEYDFW6EEA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 04:04:49 GMT
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF80MDMseV8zMTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMzEwMTQxLzViMDQ4Z...
s-img.idealmedia.io/g/12224356/492x328/-/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/g/12224356/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcix3XzEwMjAseF80MDMseV8zMTcvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDIvMzEwMTQxLzViMDQ4ZTQ4ZTk3MWFhNWJmODk2OGQ1ZTQ0OTQwMTZlLnBuZw.webp?v=1651982718-6My1QCq-KNqPi3tvbuGygm1fTGCWjBc0KCV-jmjeVQc
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
564ac34413ba02e14b2b0929c2db111e6973a52ed3e7575cd945a357fc6d486e

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
cf-cache-status
HIT
last-modified
Wed, 30 Mar 2022 18:47:51 GMT
x-mg-request-uuid
c2fee433-f271-482b-b929-4658ef95dd61
age
37578
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
707f50f5ef084057-LHR
content-length
12852
server
cloudflare
expires
Sun, 08 May 2022 17:39:00 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 2A08 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Origin
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 May 2022 15:33:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/ Frame 2A08 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DV003xVK7iwINg-O1PAlsH_kGOLurExJMobkB3r76whMlWJfsJy7z0Ow1pHxDDsgYC9_g1N7qgsZVX2VbvFU0fWjqhHW7WBSLcQ9FmY0vvMRZkPGiG1NUhyTBRsv1zhnIFWKmV6J6ZHz3GA5kbs7EeqLtwqg&dbm_d=AKAmf-BbOYniM7WCwqNyJoSsLH-xeqxaHYZ2T4cgGYxuTTUw7bP1jDHzseD8yxfqtWXth8Zj4NYA4OhPlI0x76GLncIj8GBBlpFDpN53pAlw8rr6dRYVxBaaILmtuBTAEQOL9nm9zXhCnlfiixf_UgWK3iLdoz99tRop8QeO6nJxRtSojfkjOYlKymLLG8CInbhnv5oA3sw6HK4jHBLM--iDQvDMvCTANMFfG3iTKZWL-oeetkhDvXXTYQ_Vfh69j_qewcPehH_ZlM6WR2qUhb6CMWvEVir4RpJBclZqv4a51IPPmkpdAMMWujxEUmO5YpP6wkIE3B3Ugz_EZlbLOdn0lsZsL7urhYKVlAsZY_S4uy6mrWFBgAJSHidZfmgZqCF-rNdhDIFtasq7M5VtNmkQ-NffutukXSVso4D6EJPjUMRHoye-sSXVjoPiN0fCO5YrbCB2H8Db-s-xN00AlU1WcH-r2G1aYjhWmb-pshX1Rz0QgjzzCvzcITEVMRFD5pncA8OYMID-1YCtFbxRwXvXc_0xz4Xgib2NyRB_nBjEtLN-dgpQX_E2O6Rbd_gPFOezbgdHrHeeQ4NzvImyPo7QTdJ8BiLwEZ80PwDMCvKo2cWvbBYaEetDCC8f88ZHCsiSHHYCijRbvezqw1_YVi1rWvSp7sFqN3gxeSgVvffZvH96XE4aaFgqobfu5BwWkKsTTKOIl_qFftBg4F8By6Itd1K0E1GZI_22vEQMGYAs27XY4maNwYFVOCsZiT_GZAwg6j8AOHOWg8v6QObiV50uTaS5r_-4U8mcEY9ualzoCTRpQTiIBKjAyUFit5uTrjIuLsIsevjzYsZ7qIiCUg3P_dJ4-5uRzzYq21H1N-wxheuW4JQW_iR219MP6DSy9enrOF9qgPvuDycMZ_QFchuzXbN-Ya9eZq1j3jeoQwsSrqlQkAbULd0p7uE6I3jGnQIWNfDpqKCMN_gnEXaMs_16u3MsSIwHvfh8AGTv-WUzJQ_opVPpraMEYxJvGEHpfSzMnUq_sYBMMZ6UXV13mBvri5BP6TIzI9BbBLN1L3BYd_n0s_0AN0UqcABS-PkXAoRMViB1fXpZGJycyWfnn2Z8OJSVUIFZrbhqT9m-LLvSykIimMOsVsMMwV46EQrwBMnpYjP3P7qr1xjPddoRfxRmcHG4iGLTkhqwaiEhGlJH6_A8N2PNZe84KGEcc5BQsAThkoaPAZ0gk1tnjOORBMI5DIVNKb9dS0UiYYd-Ky3SP54NcUNu4wxUg11O0aD_rMrFgywhJJ3cku9YBdWamzbWq8lTacpAi4-lZ6THj0nqNfcVXtEUkOppsZX4U6q-kIkxgdtQeO6LynGJy7oj5oPUy9LqwHTue5yyxMYtE0fTD0kI6KVlC3H_USpGZMjXUnGx6t2T7BG2r5q7ME9Q47rb5mUmf5_twLZU_a67Qv-CcJ1Wi2EWgRhWfcvqhsojUfLVUj4JpK5cWbqGanMAsNAMyrAej3Mw7wS-yapTKWC1Nav_A_bBMjm-5Wbp0orY2iCnOwXji1vny_kr1pEYrYU5IzeEObgLorNH0qGGpay56wbYlmFizfaGycIvTmMdt3symGgkQtqAZ18svQK-b9IqT1kfyxldwMGnj6uIapGVYZ8sEVp6v-lzQ5SG22knxO0Nxvc8EzclRkYB8HRUY5AHKOvEy8H5wW6pH9P3rQz3CS8lgrtZC06-ydReEQVsELjocj0TbJa_gWi3FbRvngCbG2l-wc0qkajjoYia72NDGiNLDkB27X3hhdcFN615dcdCG8QjWMzBq_Z_h2pBR6JzKOPaomx5-HmEnz2TE8fCG2HwOJisyhRtXiV9JO93tM1cwFfqcG0W0KXIo9Ckbq3Pv4w62BEm-4NFXMk0PR5Ae7g7T6LF__aTmH9MRxSK0DyeMrOolLcDSdXDOP2cgLsrDxH3P4fmm3mV3R9wr38me4mgxASVD1Qxc1raBDzMVUN1AUOFEXubeNrESb-ju3fcw0jJXAFtr5qLsi5rPdIeflfTSWVbBfY1LTwwq6kCkqS0sCk9kIjntOyd0xbPUUzFvV_s5rwC6zg4763G-BSpAvc7xGC98mMYSaGL0LsUYaNP_9RqWZEasMuunjYzUuYQaDGs_nOqq0pHITjUsJv6tGT6dv2aA145JCeLOLaA7mVZ8BMxGyq6O3sBWJJCMCLv1s1uPTY-6YzMqRaedKVmvLd6kTE5hR34xtXj9izNeGrfbrW0YoPuUD1UoKe6Ftb8E7rThkG0sb6hCCbAEl2xrB_5tSaMzJYKiK1zoBrGgPpIqaM1xKX6IP82hDhlKAO_OZxTBTSvpeKaVTgGGZflTzvoOEF0NucjQzTH4Ptm-jsA-6K6jByy7CWv8_4eOJbLFNj_n1shl--Wsz6_B52vv0m3CIgzYUNlq0Dltq-R8LkGCJ0SqmdJRJcOs6vbUHALkYRr59cM-Sku7ta-fvYORoSMtGZH6P5FMJIx-ZUv26w5QMCUJ6tTEAZb0LrkdX_QyBQBi8Pg2RuLPYqwDIVe7nAn-NaEpBLR5zw78WT94FssxHDsB60sxMVrAhkUK9durLafYP61FTiR9h4g7RAg4YMdJN7Bl4MALSbj8cbIhnmITpWOtxhtXo7gYnyFKoa7f00D_fr0Xzcp5wBNh8Y0kJS9QDNxJT5_dC3TrPPdoK4Vd30VtT4yI7gQpf0nrcYdaEb5qU8Vz7sCHLmOuM_dzPSuA-xSUkh3fr2reZ_VkvMPS3XLbK0alIh95q6VYT1pOCoLmd4zXHB27lnT8jvoVGTeExdq8jn6sORGI-Ip4VLKjVCMCDpUC1O1VvP58vJinhLLEjgQO5Te9vrG8q-pC8N_9oah__c35IzEj-hBCugLzGn2hT8HAwdMvYAk-F6AyyVdhZkZBq_-oU4i4RLPqNGasYAtiEXRuLSTNK08I0UvF93cr580sP3hiMF29szEegSzTTe3hMKY1MpZqs7fp5CqNlm92CcHB6i4ApF9K909hxtor8dKqCluYHBgpH7qvPk_5NDnMGM31HBYV3zi-Z_SKGTn4XX9ESyOAc_x_wfC46aYAZnnD4Yj3YmK-lYkPBVjEnG5I3hN5wP8fq3vi0jOLZfsAmzwXOfhmtLa-hy0aHc2TWM9&cid=CAASJeRovNZeSEdXmZZ5QpBs1bRgcRYEiUkj_u5ZVj-Kfp61PP5apX8&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 04:03:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame 2A08 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DV003xVK7iwINg-O1PAlsH_kGOLurExJMobkB3r76whMlWJfsJy7z0Ow1pHxDDsgYC9_g1N7qgsZVX2VbvFU0fWjqhHW7WBSLcQ9FmY0vvMRZkPGiG1NUhyTBRsv1zhnIFWKmV6J6ZHz3GA5kbs7EeqLtwqg&dbm_d=AKAmf-BbOYniM7WCwqNyJoSsLH-xeqxaHYZ2T4cgGYxuTTUw7bP1jDHzseD8yxfqtWXth8Zj4NYA4OhPlI0x76GLncIj8GBBlpFDpN53pAlw8rr6dRYVxBaaILmtuBTAEQOL9nm9zXhCnlfiixf_UgWK3iLdoz99tRop8QeO6nJxRtSojfkjOYlKymLLG8CInbhnv5oA3sw6HK4jHBLM--iDQvDMvCTANMFfG3iTKZWL-oeetkhDvXXTYQ_Vfh69j_qewcPehH_ZlM6WR2qUhb6CMWvEVir4RpJBclZqv4a51IPPmkpdAMMWujxEUmO5YpP6wkIE3B3Ugz_EZlbLOdn0lsZsL7urhYKVlAsZY_S4uy6mrWFBgAJSHidZfmgZqCF-rNdhDIFtasq7M5VtNmkQ-NffutukXSVso4D6EJPjUMRHoye-sSXVjoPiN0fCO5YrbCB2H8Db-s-xN00AlU1WcH-r2G1aYjhWmb-pshX1Rz0QgjzzCvzcITEVMRFD5pncA8OYMID-1YCtFbxRwXvXc_0xz4Xgib2NyRB_nBjEtLN-dgpQX_E2O6Rbd_gPFOezbgdHrHeeQ4NzvImyPo7QTdJ8BiLwEZ80PwDMCvKo2cWvbBYaEetDCC8f88ZHCsiSHHYCijRbvezqw1_YVi1rWvSp7sFqN3gxeSgVvffZvH96XE4aaFgqobfu5BwWkKsTTKOIl_qFftBg4F8By6Itd1K0E1GZI_22vEQMGYAs27XY4maNwYFVOCsZiT_GZAwg6j8AOHOWg8v6QObiV50uTaS5r_-4U8mcEY9ualzoCTRpQTiIBKjAyUFit5uTrjIuLsIsevjzYsZ7qIiCUg3P_dJ4-5uRzzYq21H1N-wxheuW4JQW_iR219MP6DSy9enrOF9qgPvuDycMZ_QFchuzXbN-Ya9eZq1j3jeoQwsSrqlQkAbULd0p7uE6I3jGnQIWNfDpqKCMN_gnEXaMs_16u3MsSIwHvfh8AGTv-WUzJQ_opVPpraMEYxJvGEHpfSzMnUq_sYBMMZ6UXV13mBvri5BP6TIzI9BbBLN1L3BYd_n0s_0AN0UqcABS-PkXAoRMViB1fXpZGJycyWfnn2Z8OJSVUIFZrbhqT9m-LLvSykIimMOsVsMMwV46EQrwBMnpYjP3P7qr1xjPddoRfxRmcHG4iGLTkhqwaiEhGlJH6_A8N2PNZe84KGEcc5BQsAThkoaPAZ0gk1tnjOORBMI5DIVNKb9dS0UiYYd-Ky3SP54NcUNu4wxUg11O0aD_rMrFgywhJJ3cku9YBdWamzbWq8lTacpAi4-lZ6THj0nqNfcVXtEUkOppsZX4U6q-kIkxgdtQeO6LynGJy7oj5oPUy9LqwHTue5yyxMYtE0fTD0kI6KVlC3H_USpGZMjXUnGx6t2T7BG2r5q7ME9Q47rb5mUmf5_twLZU_a67Qv-CcJ1Wi2EWgRhWfcvqhsojUfLVUj4JpK5cWbqGanMAsNAMyrAej3Mw7wS-yapTKWC1Nav_A_bBMjm-5Wbp0orY2iCnOwXji1vny_kr1pEYrYU5IzeEObgLorNH0qGGpay56wbYlmFizfaGycIvTmMdt3symGgkQtqAZ18svQK-b9IqT1kfyxldwMGnj6uIapGVYZ8sEVp6v-lzQ5SG22knxO0Nxvc8EzclRkYB8HRUY5AHKOvEy8H5wW6pH9P3rQz3CS8lgrtZC06-ydReEQVsELjocj0TbJa_gWi3FbRvngCbG2l-wc0qkajjoYia72NDGiNLDkB27X3hhdcFN615dcdCG8QjWMzBq_Z_h2pBR6JzKOPaomx5-HmEnz2TE8fCG2HwOJisyhRtXiV9JO93tM1cwFfqcG0W0KXIo9Ckbq3Pv4w62BEm-4NFXMk0PR5Ae7g7T6LF__aTmH9MRxSK0DyeMrOolLcDSdXDOP2cgLsrDxH3P4fmm3mV3R9wr38me4mgxASVD1Qxc1raBDzMVUN1AUOFEXubeNrESb-ju3fcw0jJXAFtr5qLsi5rPdIeflfTSWVbBfY1LTwwq6kCkqS0sCk9kIjntOyd0xbPUUzFvV_s5rwC6zg4763G-BSpAvc7xGC98mMYSaGL0LsUYaNP_9RqWZEasMuunjYzUuYQaDGs_nOqq0pHITjUsJv6tGT6dv2aA145JCeLOLaA7mVZ8BMxGyq6O3sBWJJCMCLv1s1uPTY-6YzMqRaedKVmvLd6kTE5hR34xtXj9izNeGrfbrW0YoPuUD1UoKe6Ftb8E7rThkG0sb6hCCbAEl2xrB_5tSaMzJYKiK1zoBrGgPpIqaM1xKX6IP82hDhlKAO_OZxTBTSvpeKaVTgGGZflTzvoOEF0NucjQzTH4Ptm-jsA-6K6jByy7CWv8_4eOJbLFNj_n1shl--Wsz6_B52vv0m3CIgzYUNlq0Dltq-R8LkGCJ0SqmdJRJcOs6vbUHALkYRr59cM-Sku7ta-fvYORoSMtGZH6P5FMJIx-ZUv26w5QMCUJ6tTEAZb0LrkdX_QyBQBi8Pg2RuLPYqwDIVe7nAn-NaEpBLR5zw78WT94FssxHDsB60sxMVrAhkUK9durLafYP61FTiR9h4g7RAg4YMdJN7Bl4MALSbj8cbIhnmITpWOtxhtXo7gYnyFKoa7f00D_fr0Xzcp5wBNh8Y0kJS9QDNxJT5_dC3TrPPdoK4Vd30VtT4yI7gQpf0nrcYdaEb5qU8Vz7sCHLmOuM_dzPSuA-xSUkh3fr2reZ_VkvMPS3XLbK0alIh95q6VYT1pOCoLmd4zXHB27lnT8jvoVGTeExdq8jn6sORGI-Ip4VLKjVCMCDpUC1O1VvP58vJinhLLEjgQO5Te9vrG8q-pC8N_9oah__c35IzEj-hBCugLzGn2hT8HAwdMvYAk-F6AyyVdhZkZBq_-oU4i4RLPqNGasYAtiEXRuLSTNK08I0UvF93cr580sP3hiMF29szEegSzTTe3hMKY1MpZqs7fp5CqNlm92CcHB6i4ApF9K909hxtor8dKqCluYHBgpH7qvPk_5NDnMGM31HBYV3zi-Z_SKGTn4XX9ESyOAc_x_wfC46aYAZnnD4Yj3YmK-lYkPBVjEnG5I3hN5wP8fq3vi0jOLZfsAmzwXOfhmtLa-hy0aHc2TWM9&cid=CAASJeRovNZeSEdXmZZ5QpBs1bRgcRYEiUkj_u5ZVj-Kfp61PP5apX8&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 04:04:49 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame BA67 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Origin
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45086
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 May 2022 15:33:52 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/ Frame BA67 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8W-sV-_xtdl8Tp0ls5A4jioGMrKGmHjQkQyfrJBnMGeybkDtg-6p9MnqJxQ3aIf_zMjaGoSszl-EmLLMvPEd_96snZWxTXRSB-_xPkg99jZnC6u8zm4EglHK9NMJq8wEk5INwo5Wdb95kW7_JkYN1ujNr5w&dbm_d=AKAmf-Clr6WwfmhYhBzHoCqKf4auy9rT3i0fdcJt2067Vk2aHTPeUm4uWgcq6nS9nowG7d95IB8f0Uyg_OcfMilogTp43WBhjfOEU22hmWCayf8koTazhlTrFdScW2tcXF630Ggubk4zRo8GOL6gifsf-98YVhukFlx6N5pLQiqzc8LMB_PnGkVjJTOpOnDkejaq4iZUAOgaKyPSTygWEjTAS6qMLTA_KN6y77DdT2BibMeTPWKBXebM0H5EmKldhS4GjQwqsfLsQSRjBO1EOSf3MRZkVkw5YDO0piTJ1IqqIUv5pnc7MuREyH9QcvsfoO2wyW7abluw29Nh-P8Rm_IqBaPntC7j0KarszQ7dkTbxgfNNA2QVZHdG9RGoNghifA33PaqWiOG9toOxWwHbNnSsoNE2ROELmueAdj9qAvu5JO2YZ4BFoWeJmtr52sZtF3agMsxSHGE9ylknuWfm0pPKxOtot3tFtcM47wU1DUX2e2CJOmFzs_UaCVQ0qlupETP_tZYM5NYaQyWzXCr3gGe0Lvv2ui1bUZB9bRe9M0I_oBNT9PAr-5nWJQ0eCAVvpqG-JepuKVOdxcW-EILIseEVDR9RYC4igRfID44zayR33QMQo_q7M8NSiYteAuSN5hpITQxr2gDNm3Tobyqyi43Kfd-cB5AKCdhQdQwctNATEyj6n1djXmOhi4Bcx_4Jnjrn5pUW7aQ-SHPig4CTZbc_2a33EA2ow_xf8kgOgtLPlNFL5rSrtrm92Dr30jrJw9MEKBbo3vR56Sy70gpH_sywzspu_Zv9xIgPDX5cf54XOL8xlNUKs_zqceBOKnM70ebxkJ4e0kH54bBESpmC6PWfTaP0jgp3L5Hc8htOmwNrPXuHSPMArM3rhAYBcROC4RTVEiQJt2gCDXOKpOZHqYFtEIGEv9GhPV-XSNuLPSArhs6KmlwQL1iBLVuEkYYJTIBcgYs4KK9_5uS5_AD2QOYevxSQdefPPgsyEoFDmOq1gYW9sVt4DJ4E-h1efsl8KoK7O5qDoV1qjQPRbM9-LFBnWVM1lJlx0f9JRdhI9tLQ2LxzDJk5S2K0Fp9KcQdY1_uYVqiXLS-xPmr2durnDH2ro6HSCP7G7mEi3IrpzYpMBM72m6mIBfe7Re_rh0csDwTDmYSeCrWBrUSgXTA2G4lt-mgOUlfCa3oFLiFKwMt5UgVQ3MLc2az1UTWJbyd0-bQwuYg8jTjjKzywSx1BXPgCO6cVEKestfzl3qPFP63tRHPS4LTYvy0885k-9W0mshGRPDJUbL4TQFqOnSYp0NblwWSS6ospc2ns0IJnPVzvGoZlHP-kslxfMpXNYF8ix0mOjRFrkzb4xngGDTdjPeC4wJPGzMu7fsxfJB4Wz-6ZsmykVSCW5WyDe7V8u_m29wC6GdMNHq3HakbIyp8o8YGaDAggRENTeaAHEnhsassrPbYHQoNpOtUr_shd77W5QThASQF_KhR_31YsqivIBpQRQftvyupoPBYlTx14KBcWnO7-GenAHnxqkWwt6b-syqY7oseI4NABXDJBVYVX7h9bcFKE_fiwS2ZWINB59TJuFqO9cGQrgiiJ7mhudIwtAn5flsWZiGewJ5nt-mu-CE8ADUmqAOVuXoMtQLZYLcPbN83Eb8PNfd-s5eiSBG5e74uxM-x8ONWrPS7MBJB9h6OlGbWOeo-_107sbZ9VwMDyxN6luSbGuWqbyWvHNowFz_-oOV0qxapAjyF3F3HFuyoAbYJZXzin2r8uMmLRhhe2pqaHUSKRm3Z7Bdtn-114WT67uvDA5tJvb82Ls7KRsohbb50Dm4bn8WUTkJmWtSmFbU91Ep_XzJYfNB_uW34Ht6xnVGfV_Lsw_dV-nhDB5sU6MSGJvx-f7vSyc8DA7u9PbXFKcXrNULsL9x1gWnMEUhKHp0zjU3Cke61Nxy5kYg3YQ3uMbddnwpp8YgCvn6AcnMfYGlCBtUHRIf4AZGPfRKo-2n5tyDmO_IR5nTLjRSMjJZ5SKI_HfuH1Ow7UDlCFTW7Y1kV_jnOT2mx4VolI25EfOHrZyPYg3vNxWhrBXc7Ohylk_QC3dv8fJ7eR5C5UzIAzq-lJ0U9FYTNkKQshUVZwOJZjW9mjMYJXWUeG-1fwXQNfavaW4lGSgxaL3PX2Wsmo39p-uR2Ino9UIFNlaw5HM_ZQMhF6rFAKWz2WaGLwalv_Gi2_P4bjgKNkWQuFureMTC1V4FdVg-n-lSevKAnwkAOqERdrMqECU5PEME4tuin7a4udN3jLDFhX5zj0Jt2KcWurc9qiV9J2aYk7sjg1tK1SlAZkCDTMmJTD_bhBa77S-CiTc818vQh9L0z-abIS8QkuJb2V-UXbLXrDQMK-63NtCbdkYKDEy9VetLElZhyoTA-szD48R0DoLBwNExu8wy1Njl0XsfYeZ3rLl7xvFheA6jYkMvd4ahPWwMkTW-s_Ye2cvjtgFqJPwGdNcbgeQTqBlqFLki7e0j-kP0mlMqQuOD3l3k_n2Of16wHlMdcWwBPCHAAlKSiwdJYHfoE4pEkKVZHH5bzgnAnXW87-6xdNwMnjnk7_PeBYBWek2LHpsTYtP_56VdE0hpv-GayvXYuQuc1oEdcJ686nko2tVaJZGbRfXVTKUuMoTWiArZ5GpNVrZlvJu79Hrf0P7d4ajyb8jwJxOvsGbtoMa6MuNq_DV1UV9E28sIahVEscH8TKfYdia776F_6eLu0MbPCrsKj4XgEZh2qHPz_zNX3SInG1CImDNTbN02X7VdCUhDWOwVNebEpX9CFBcEkoH3vAGWw19c4Z2JAeEsDsNKnpNZ9FodRagWJYPlWst7O2dRPR7K6tS5445vAli14bRW1roqd6-Lcaljw2OSIUfFHmlZQszntblneKMRLszJ87VOeUAhLt0XoDi0Sh8aFxCwYXClVBtXEPSKyP0IQt6fQkWjxipfiVtAm0MOAElFLz0O_lJ45Wan-PsB1M0gBzADxwYTknyGK6A_YhX1v9GXLDGnJ8vZeW60x1IxhroF14WOgQ6nBsxuDXCAZvA93GpF-tHrVP8WfNZHw4dtmpOdGTO-_43UfAGcZRum_U0anHVw_bmstyQ&cid=CAASJeRoVzp3DzurX2y2IPbWae3v8M0Iw-I750KmryVAEnMwC4cGQ1E&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:03:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 04:03:38 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame BA67 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D8W-sV-_xtdl8Tp0ls5A4jioGMrKGmHjQkQyfrJBnMGeybkDtg-6p9MnqJxQ3aIf_zMjaGoSszl-EmLLMvPEd_96snZWxTXRSB-_xPkg99jZnC6u8zm4EglHK9NMJq8wEk5INwo5Wdb95kW7_JkYN1ujNr5w&dbm_d=AKAmf-Clr6WwfmhYhBzHoCqKf4auy9rT3i0fdcJt2067Vk2aHTPeUm4uWgcq6nS9nowG7d95IB8f0Uyg_OcfMilogTp43WBhjfOEU22hmWCayf8koTazhlTrFdScW2tcXF630Ggubk4zRo8GOL6gifsf-98YVhukFlx6N5pLQiqzc8LMB_PnGkVjJTOpOnDkejaq4iZUAOgaKyPSTygWEjTAS6qMLTA_KN6y77DdT2BibMeTPWKBXebM0H5EmKldhS4GjQwqsfLsQSRjBO1EOSf3MRZkVkw5YDO0piTJ1IqqIUv5pnc7MuREyH9QcvsfoO2wyW7abluw29Nh-P8Rm_IqBaPntC7j0KarszQ7dkTbxgfNNA2QVZHdG9RGoNghifA33PaqWiOG9toOxWwHbNnSsoNE2ROELmueAdj9qAvu5JO2YZ4BFoWeJmtr52sZtF3agMsxSHGE9ylknuWfm0pPKxOtot3tFtcM47wU1DUX2e2CJOmFzs_UaCVQ0qlupETP_tZYM5NYaQyWzXCr3gGe0Lvv2ui1bUZB9bRe9M0I_oBNT9PAr-5nWJQ0eCAVvpqG-JepuKVOdxcW-EILIseEVDR9RYC4igRfID44zayR33QMQo_q7M8NSiYteAuSN5hpITQxr2gDNm3Tobyqyi43Kfd-cB5AKCdhQdQwctNATEyj6n1djXmOhi4Bcx_4Jnjrn5pUW7aQ-SHPig4CTZbc_2a33EA2ow_xf8kgOgtLPlNFL5rSrtrm92Dr30jrJw9MEKBbo3vR56Sy70gpH_sywzspu_Zv9xIgPDX5cf54XOL8xlNUKs_zqceBOKnM70ebxkJ4e0kH54bBESpmC6PWfTaP0jgp3L5Hc8htOmwNrPXuHSPMArM3rhAYBcROC4RTVEiQJt2gCDXOKpOZHqYFtEIGEv9GhPV-XSNuLPSArhs6KmlwQL1iBLVuEkYYJTIBcgYs4KK9_5uS5_AD2QOYevxSQdefPPgsyEoFDmOq1gYW9sVt4DJ4E-h1efsl8KoK7O5qDoV1qjQPRbM9-LFBnWVM1lJlx0f9JRdhI9tLQ2LxzDJk5S2K0Fp9KcQdY1_uYVqiXLS-xPmr2durnDH2ro6HSCP7G7mEi3IrpzYpMBM72m6mIBfe7Re_rh0csDwTDmYSeCrWBrUSgXTA2G4lt-mgOUlfCa3oFLiFKwMt5UgVQ3MLc2az1UTWJbyd0-bQwuYg8jTjjKzywSx1BXPgCO6cVEKestfzl3qPFP63tRHPS4LTYvy0885k-9W0mshGRPDJUbL4TQFqOnSYp0NblwWSS6ospc2ns0IJnPVzvGoZlHP-kslxfMpXNYF8ix0mOjRFrkzb4xngGDTdjPeC4wJPGzMu7fsxfJB4Wz-6ZsmykVSCW5WyDe7V8u_m29wC6GdMNHq3HakbIyp8o8YGaDAggRENTeaAHEnhsassrPbYHQoNpOtUr_shd77W5QThASQF_KhR_31YsqivIBpQRQftvyupoPBYlTx14KBcWnO7-GenAHnxqkWwt6b-syqY7oseI4NABXDJBVYVX7h9bcFKE_fiwS2ZWINB59TJuFqO9cGQrgiiJ7mhudIwtAn5flsWZiGewJ5nt-mu-CE8ADUmqAOVuXoMtQLZYLcPbN83Eb8PNfd-s5eiSBG5e74uxM-x8ONWrPS7MBJB9h6OlGbWOeo-_107sbZ9VwMDyxN6luSbGuWqbyWvHNowFz_-oOV0qxapAjyF3F3HFuyoAbYJZXzin2r8uMmLRhhe2pqaHUSKRm3Z7Bdtn-114WT67uvDA5tJvb82Ls7KRsohbb50Dm4bn8WUTkJmWtSmFbU91Ep_XzJYfNB_uW34Ht6xnVGfV_Lsw_dV-nhDB5sU6MSGJvx-f7vSyc8DA7u9PbXFKcXrNULsL9x1gWnMEUhKHp0zjU3Cke61Nxy5kYg3YQ3uMbddnwpp8YgCvn6AcnMfYGlCBtUHRIf4AZGPfRKo-2n5tyDmO_IR5nTLjRSMjJZ5SKI_HfuH1Ow7UDlCFTW7Y1kV_jnOT2mx4VolI25EfOHrZyPYg3vNxWhrBXc7Ohylk_QC3dv8fJ7eR5C5UzIAzq-lJ0U9FYTNkKQshUVZwOJZjW9mjMYJXWUeG-1fwXQNfavaW4lGSgxaL3PX2Wsmo39p-uR2Ino9UIFNlaw5HM_ZQMhF6rFAKWz2WaGLwalv_Gi2_P4bjgKNkWQuFureMTC1V4FdVg-n-lSevKAnwkAOqERdrMqECU5PEME4tuin7a4udN3jLDFhX5zj0Jt2KcWurc9qiV9J2aYk7sjg1tK1SlAZkCDTMmJTD_bhBa77S-CiTc818vQh9L0z-abIS8QkuJb2V-UXbLXrDQMK-63NtCbdkYKDEy9VetLElZhyoTA-szD48R0DoLBwNExu8wy1Njl0XsfYeZ3rLl7xvFheA6jYkMvd4ahPWwMkTW-s_Ye2cvjtgFqJPwGdNcbgeQTqBlqFLki7e0j-kP0mlMqQuOD3l3k_n2Of16wHlMdcWwBPCHAAlKSiwdJYHfoE4pEkKVZHH5bzgnAnXW87-6xdNwMnjnk7_PeBYBWek2LHpsTYtP_56VdE0hpv-GayvXYuQuc1oEdcJ686nko2tVaJZGbRfXVTKUuMoTWiArZ5GpNVrZlvJu79Hrf0P7d4ajyb8jwJxOvsGbtoMa6MuNq_DV1UV9E28sIahVEscH8TKfYdia776F_6eLu0MbPCrsKj4XgEZh2qHPz_zNX3SInG1CImDNTbN02X7VdCUhDWOwVNebEpX9CFBcEkoH3vAGWw19c4Z2JAeEsDsNKnpNZ9FodRagWJYPlWst7O2dRPR7K6tS5445vAli14bRW1roqd6-Lcaljw2OSIUfFHmlZQszntblneKMRLszJ87VOeUAhLt0XoDi0Sh8aFxCwYXClVBtXEPSKyP0IQt6fQkWjxipfiVtAm0MOAElFLz0O_lJ45Wan-PsB1M0gBzADxwYTknyGK6A_YhX1v9GXLDGnJ8vZeW60x1IxhroF14WOgQ6nBsxuDXCAZvA93GpF-tHrVP8WfNZHw4dtmpOdGTO-_43UfAGcZRum_U0anHVw_bmstyQ&cid=CAASJeRoVzp3DzurX2y2IPbWae3v8M0Iw-I750KmryVAEnMwC4cGQ1E&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:04:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 22 May 2022 04:04:49 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D6B8 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 06 May 2022 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 May 2023 15:33:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9AED 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
52746
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 08 May 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame C660 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 06 May 2022 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 May 2023 15:33:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 13A4 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
52746
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 08 May 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame C660 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92597e248bc20d803a6999065b391b16057d84bd546d245e7c0375aab2395bbf

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame D6B8 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbb2505b06e08533923090ed6d0abda57fe85ef12756829e006d038b20ed10ff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTA5MTUzLzhkNTg3MTQzYjYzNjY0YmFmNjljYjczNWZjMzUyY2YxLmpwZWc.webp
s-img.idealmedia.io/n/10069582/492x328/0x0x622x414/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10069582/492x328/0x0x622x414/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTA5MTUzLzhkNTg3MTQzYjYzNjY0YmFmNjljYjczNWZjMzUyY2YxLmpwZWc.webp?v=1651982718-ccY72FYr9wug20WQsEjI57pY7aJq8W6i2u2xqdIhu6U
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2d8df5d1e57c625a957971d571a7dbccff3ac747d4797e6c1830b630141cdc7

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
cf-cache-status
HIT
last-modified
Thu, 24 Mar 2022 17:20:19 GMT
x-mg-request-uuid
0663d9f9-b0d6-43e5-99c9-45e6d9bac1aa
age
66609
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
707f50f63f324057-LHR
content-length
16178
server
cloudflare
expires
Sun, 08 May 2022 09:35:09 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNDI1OTc3LzRjODk4ZTI4OTk4NTQ0NTc4ZWE5ZTBlMDg3MmQ4OGM5LnBuZw.webp
s-img.idealmedia.io/n/10055452/492x328/62x0x673x448/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10055452/492x328/62x0x673x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNDI1OTc3LzRjODk4ZTI4OTk4NTQ0NTc4ZWE5ZTBlMDg3MmQ4OGM5LnBuZw.webp?v=1651982718-Vc4kyEcyfTgbiHwknIGLLqswaSfrsRC5NsLnA9nzCQk
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a57a75047723c81b2b6edf992cdec50618d8548907169fc1fe01c3089a8a89f

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
cf-cache-status
HIT
last-modified
Sun, 06 Mar 2022 10:30:47 GMT
x-mg-request-uuid
ada3f875-2490-4593-b4a1-67ea59a019b5
age
39196
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
707f50f63f334057-LHR
content-length
7456
server
cloudflare
expires
Sun, 08 May 2022 17:12:02 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTA5MTUzL2NlYjFiNjM4YzIzNWY5ZWNjZTNjNTQ3MWQ2OGI5NWRmLmpwZw.webp
s-img.idealmedia.io/n/10075771/492x328/0x0x600x400/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10075771/492x328/0x0x600x400/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTA5MTUzL2NlYjFiNjM4YzIzNWY5ZWNjZTNjNTQ3MWQ2OGI5NWRmLmpwZw.webp?v=1651982718-rfHT5_CkE9yhouqHUYRtGL6MAscTmPl6p-8HS7-KETE
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1155babc36d23b8ab96647f5977cc63e50eebe3e48415c8a3ea6cf0a3bdcb70

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
cf-cache-status
HIT
last-modified
Thu, 31 Mar 2022 11:10:20 GMT
x-mg-request-uuid
d30d3889-650f-4163-85f2-be2a70ceab7f
age
5480
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
707f50f63f344057-LHR
content-length
18160
server
cloudflare
expires
Mon, 09 May 2022 02:33:58 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2A08 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 06 May 2022 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 May 2023 15:33:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 69E6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
52746
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 08 May 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BA67 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 06 May 2022 15:33:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
131486
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 May 2023 15:33:52 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame EAF8 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
52746
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 07 May 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 08 May 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BA67 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7f1eeef241cb5ed6974f1af3fb0b96efbd36e389073a3ac30e1f2ddedad9b06c

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=d9675bdf-cf85-4051-92db-9ca047f83379
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 08 May 2022 04:05:18 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
i.js
cm.idealmedia.io/ 		0
133 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.idealmedia.io/i.js?&cbuster=1651982718499181183029
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
cf-cache-status
MISS
last-modified
Sun, 08 May 2022 04:05:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
707f50f71fae8861-LHR
content-length
0
truncated
/ Frame 2A08 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
27560c21aa1342b59feee50c926fea9a7f35ce85d3a9a15c96c9241304b6f5fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 9AED 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBRCbZv5YpIaXZBICuuTFbI&google_cver=1&google_push=AYg5qPJza3XRS2_SiwsjYejRHagvJpp2JpiXwN6VaEdBeSHE2mT5s7Ow-HHhnRizNcv6ha2CX7vQnyIfLrWoAMhIDEazKA5-4q3b
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9AED
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL0A2Q6...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL0A2Q6...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MDgwNDA1MTkwMDAxNjM1NDc3NDE1OA%3D%3D&google_push=AYg5qPL0A2Q6ABSVUv_FLkbCfdhF1k6KD-dras6PGKS6A6MrXRluBGvG-PBaNi8C7qj6UG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MDgwNDA1MTkwMDAxNjM1NDc3NDE1OA%3D%3D&google_push=AYg5qPL0A2Q6ABSVUv_FLkbCfdhF1k6KD-dras6PGKS6A6MrXRluBGvG-PBaNi8C7qj6UGP-EzGNI75L6H10zgISZp-JqjRk2Rb1
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MDgwNDA1MTkwMDAxNjM1NDc3NDE1OA%3D%3D&google_push=AYg5qPL0A2Q6ABSVUv_FLkbCfdhF1k6KD-dras6PGKS6A6MrXRluBGvG-PBaNi8C7qj6UGP-EzGNI75L6H10zgISZp-JqjRk2Rb1
pragma
no-cache
date
Sun, 08 May 2022 04:05:19 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Sun, 08 May 2022 04:05:19 GMT
sync
odr.mookie1.com/t/v2/ Frame 9AED 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEOIipIJvD7BJ595Si3yYnGI&google_push=AYg5qPKvYXtrcyzZNu45mHUyXaghbkX895APzfO60tkZO-9ir8ATyknh1exYidEY2fT9gWKrTKM65EZx_GWjjMu7umVTZ5AKR2g9&google_cver=1
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 9AED 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEPysYOsuBj1bDwMjKb1lOxo&google_cver=1&google_push=AYg5qPJMsi4TpoE5C5rgA7WTdInOMiZAyrVbvqkyABwtTQ9EQoCV4AGTKmt_MYCGxYpBZ9yWAk9lC8pxvjNeWEUFuG1G1Ir0XbUX
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ar0amcalu6ocitfii9b9cl07jiddugjj
pixel
cm.g.doubleclick.net/ Frame 9AED
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mdsYk9f4QB6NqLPWBYf68A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mdsYk9f4QB6NqLPWBYf68A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKHWgpv3WNVXbHBvdLQOMVpDhD817tS2yPKjMGXdbv9WcKtJKClwiq04rTuwWKSqejqbdHTet0KWh8v2HRb0RShZkXx4A4x
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=mdsYk9f4QB6NqLPWBYf68A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKHWgpv3WNVXbHBvdLQOMVpDhD817tS2yPKjMGXdbv9WcKtJKClwiq04rTuwWKSqejqbdHTet0KWh8v2HRb0RShZkXx4A4x
date
Sun, 08 May 2022 04:05:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 9AED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDnA1yNQU5_pAfF3hxU8M_Q&google_cver=1&google_push=AYg5qPKlb5Q9PNPcoOoLsE0k2o2VBOAGys5mJ58etKlrLrGmiWxr3oFvD1YGHDNqGreQOPohmyY...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJXUlVWUEQtNy1NN0dX&google_push=AYg5qPKlb5Q9PNPcoOoLsE0k2o2VBOAGys5mJ58etKlrLrGmiWxr3oFvD1YGHDNqGreQOPohmyYo_mIJkYM9XswWzbERhWDaNuUm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJXUlVWUEQtNy1NN0dX&google_push=AYg5qPKlb5Q9PNPcoOoLsE0k2o2VBOAGys5mJ58etKlrLrGmiWxr3oFvD1YGHDNqGreQOPohmyYo_mIJkYM9XswWzbERhWDaNuUm
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJXUlVWUEQtNy1NN0dX&google_push=AYg5qPKlb5Q9PNPcoOoLsE0k2o2VBOAGys5mJ58etKlrLrGmiWxr3oFvD1YGHDNqGreQOPohmyYo_mIJkYM9XswWzbERhWDaNuUm
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9AED
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOOPSebpkh1sSRJA5EHDjl8&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YndBfsrfggpviMHbQYFmZgAAB1IAAAAB&google_cver=1&google_push=AYg5qPJAwFqQ8W_YQn0QBGYbjxFTHwLLmdMOwSbkp_eSanhwGI9M0OX4lxd7GmnC1Vgs-RufyY_F...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YndBfsrfggpviMHbQYFmZgAAB1IAAAAB&google_cver=1&google_push=AYg5qPJAwFqQ8W_YQn0QBGYbjxFTHwLLmdMOwSbkp_eSanhwGI9M0OX4lxd7GmnC1Vgs-RufyY_FutCumirU4OAs-xrZEFkDng4w&google_gid=CAESEOOPSebpkh1sSRJA5EHDjl8
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:18 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YndBfsrfggpviMHbQYFmZgAAB1IAAAAB&google_cver=1&google_push=AYg5qPJAwFqQ8W_YQn0QBGYbjxFTHwLLmdMOwSbkp_eSanhwGI9M0OX4lxd7GmnC1Vgs-RufyY_FutCumirU4OAs-xrZEFkDng4w&google_gid=CAESEOOPSebpkh1sSRJA5EHDjl8
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Sun, 08 May 2022 04:05:18 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9AED 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IKQgPiHMoX-dqkpdFepimQO7cfG5i5CgW6_92KVR5MkbwVd0bxZEemyCLDqsKW3YdgHhUJ
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
i-noref.js
cm.idealmedia.io/ Frame 6400 		0
40 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.idealmedia.io/i-noref.js?cbuster=1651982718580700532697
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
cf-cache-status
MISS
last-modified
Sun, 08 May 2022 04:05:18 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
707f50f73fc58861-LHR
content-length
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E2A6 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
131483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 May 2022 15:33:55 GMT
expires
Sat, 06 May 2023 15:33:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
google2waycm.netmng.com/cm/ Frame 13A4 		0
0
pixel
cm.g.doubleclick.net/ Frame 13A4
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEKQ-Dm-COQPwUPb-m79Pq4w&google_cver=1&google_push=AYg5qPL2lru5oXQIMLCLO43mwb3Uof_OQ0kmjhPfScw0Vt8n4O0SfeHURg9-ZnnIWbgxlH37xsXBkLkws8wFR9ZVu-ZGsakY8A
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4795233297704EAFB9D7F94409BC51AE&google_push=AYg5qPL2lru5oXQIMLCLO43mwb3Uof_OQ0kmjhPfScw0Vt8n4O0SfeHURg9-ZnnIWbgxlH37xsXBkLkws8wFR9Z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4795233297704EAFB9D7F94409BC51AE&google_push=AYg5qPL2lru5oXQIMLCLO43mwb3Uof_OQ0kmjhPfScw0Vt8n4O0SfeHURg9-ZnnIWbgxlH37xsXBkLkws8wFR9ZVu-ZGsakY8A
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 08 May 2022 04:05:18 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=4795233297704EAFB9D7F94409BC51AE&google_push=AYg5qPL2lru5oXQIMLCLO43mwb3Uof_OQ0kmjhPfScw0Vt8n4O0SfeHURg9-ZnnIWbgxlH37xsXBkLkws8wFR9ZVu-ZGsakY8A
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 07 May 2022 04:05:18 GMT
pixel
cm.g.doubleclick.net/ Frame 13A4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEHmW7ThEl2G8JLEaknM8jOk&google_cver=1&google_push=AYg5qPKBxZJTAxOm5IT3jnNMw3WvlVKHJyyGsd8iBI9x-QzZxFnaHVfnNJ9xUAb2mC_o60LjQHDKo9gg86YeKB...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5NTIxMTc0NzM3ODEzMzEzOQ%3D%3D&google_push=AYg5qPKBxZJTAxOm5IT3jnNMw3WvlVKHJyyGsd8iBI9x-QzZxFnaHVfnNJ9xUAb2mC_o60LjQHDKo9gg86YeKBWucE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5NTIxMTc0NzM3ODEzMzEzOQ%3D%3D&google_push=AYg5qPKBxZJTAxOm5IT3jnNMw3WvlVKHJyyGsd8iBI9x-QzZxFnaHVfnNJ9xUAb2mC_o60LjQHDKo9gg86YeKBWucEkehwPUzA
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5NTIxMTc0NzM3ODEzMzEzOQ%3D%3D&google_push=AYg5qPKBxZJTAxOm5IT3jnNMw3WvlVKHJyyGsd8iBI9x-QzZxFnaHVfnNJ9xUAb2mC_o60LjQHDKo9gg86YeKBWucEkehwPUzA
Date
Sun, 08 May 2022 04:05:18 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 13A4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFS9GALllGOsbv-Hms6Gtr0&google_cver=1&google_push=AYg5qPLZ3eCdUxjoOv1WhLZ6NmcU5DcLRIu79qqBl0z5xeUDALBXefyFNcg8Adk93FoInpRt0GE8L_f14-98TYZKc7Zf...
  • https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=528bf83d-865f-4af7-a1fd-f247a8c667fb
  • https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=google&bsw_custom_parameter=528bf83d-865f-4af7-a1fd-f247a8c667fb
  • https://x.bidswitch.net/sync?dsp_id=4&user_id=48b8b3b0-fb48-4fd6-86d3-b3826d87ab30&ssp=google&expires=30&user_group=5&bsw_param=528bf83d-865f-4af7-a1fd-f247a8c667fb
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK0XmCfdv3kA-QVx0w6eQ_ob7PvsS0TJB6jUpRLTmN4F1Rnkoc1I-WtIkZVAf7qvfCPGC4dk_Mcd-RceqgLwGqVA40wBgltRQ&google_hm=Uov4PYZfSveh_fJHqMZn-w==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK0XmCfdv3kA-QVx0w6eQ_ob7PvsS0TJB6jUpRLTmN4F1Rnkoc1I-WtIkZVAf7qvfCPGC4dk_Mcd-RceqgLwGqVA40wBgltRQ&google_hm=Uov4PYZfSveh_fJHqMZn-w==
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK0XmCfdv3kA-QVx0w6eQ_ob7PvsS0TJB6jUpRLTmN4F1Rnkoc1I-WtIkZVAf7qvfCPGC4dk_Mcd-RceqgLwGqVA40wBgltRQ&google_hm=Uov4PYZfSveh_fJHqMZn-w==
Date
Sun, 08 May 2022 04:05:19 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
dot.gif
s0.2mdn.net/ Frame 13A4 		43 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEEtwazzwRdIIYrXbkWTd7JM&google_cver=1&google_push=AYg5qPJbiWq9xbanF707v9Glp9PhFz2BiXOZ_UR1myksm2_Mxd3hrmoXJgW1zvMYCm95e6_Ro_H0-eGjIxl4XV5wduALjHTSY-k
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 09 May 2022 04:05:18 GMT
pixel
cm.g.doubleclick.net/ Frame 13A4
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEKILB07EsMF5FVaqOmS-UNM&google_cver=1&google_push=AYg5qPL9NGkd87_HbztFUlzBZxZOLmrJxpbujnG0Fk0Dp0chhfkmLtVSSj0YlvebME_I_uq9VTOP-GFU...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEKILB07EsMF5FVaqOmS-UNM&google_cver=1&google_push=AYg5qPL9NGkd87_HbztFUlzBZxZOLmrJxpbujnG0Fk0Dp0chhfkmLtVSSj0YlvebME_I_uq9VTO...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY1NTAzNjY4MTM4ODgyNTAzOA&google_push=AYg5qPL9NGkd87_HbztFUlzBZxZOLmrJxpbujnG0Fk0Dp0chhfkmLtVSSj0YlvebME_I_uq9VTOP-G...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY1NTAzNjY4MTM4ODgyNTAzOA&google_push=AYg5qPL9NGkd87_HbztFUlzBZxZOLmrJxpbujnG0Fk0Dp0chhfkmLtVSSj0YlvebME_I_uq9VTOP-GFUBMm5tTSSHl6r2BxzBqY
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjY1NTAzNjY4MTM4ODgyNTAzOA&google_push=AYg5qPL9NGkd87_HbztFUlzBZxZOLmrJxpbujnG0Fk0Dp0chhfkmLtVSSj0YlvebME_I_uq9VTOP-GFUBMm5tTSSHl6r2BxzBqY
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 13A4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEEXV4s1auNxIdoBCYV0DgeE&google_cver=1&google_push=AYg5qPJLDpl8UYEMHpTfzagzxzkPFl73Op3abdjEVPFAjpvGQAlkCSum7_a-zxvAtKDzcETcOvw6T_qG_i0BniYpDVZm0qS37Fo
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPJLDpl8UYEMHpTfzagzxzkPFl73Op3abdjEVPFAjpvGQAlkCSum7_a-zxvAtKDzcETcOvw6T_qG_i0BniYpDVZm0qS37Fo...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjA3NTM2NjU3ODE2MzQyODE0MzAyNg%3D%3D&google_push=AYg5qPJLDpl8UYEMHpTfzagzxzkPFl73Op3abdjEVPFAjpvGQAlkCSum...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjA3NTM2NjU3ODE2MzQyODE0MzAyNg%3D%3D&google_push=AYg5qPJLDpl8UYEMHpTfzagzxzkPFl73Op3abdjEVPFAjpvGQAlkCSum7_a-zxvAtKDzcETcOvw6T_qG_i0BniYpDVZm0qS37Fo
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjA3NTM2NjU3ODE2MzQyODE0MzAyNg%3D%3D&google_push=AYg5qPJLDpl8UYEMHpTfzagzxzkPFl73Op3abdjEVPFAjpvGQAlkCSum7_a-zxvAtKDzcETcOvw6T_qG_i0BniYpDVZm0qS37Fo
date
Sun, 08 May 2022 04:05:18 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 13A4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZi3M-Yg3VjPn9TI5Km4vkALel5ZeiA8ZaUwZ0LDv7ODKp_Z8-HJ3YpFP_XbR0JVrZNL8a
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5AEE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
131483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 May 2022 15:33:55 GMT
expires
Sat, 06 May 2023 15:33:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
current
dclk-match.dotomi.com/match/bounce/ Frame 69E6 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEDT4StWG6SeM_VfRw9zZNhc&google_cver=1&google_push=AYg5qPITKx5dFplGMQ3WERzn_QyozOKV1fGwLVqI48Ql3H_er85p8ICi65zMzh2wMwhgC8lyuWlExkHOTH08sYZVx_DVYQ49DKds
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 69E6
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKJoO3cgAZ7FpTG5iFoaNEE&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEKJoO3cgAZ7FpTG5iFoaNEE&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZzR4S0pvUVkxTk55YXk1&google_gid=CAESEKJoO3cgAZ7FpTG5iFoaNEE&google_cver=1&google_push=AYg5qPLWO0qWmbvVKffU4blQZRizwrQolM9u59ho_bcZhYZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZzR4S0pvUVkxTk55YXk1&google_gid=CAESEKJoO3cgAZ7FpTG5iFoaNEE&google_cver=1&google_push=AYg5qPLWO0qWmbvVKffU4blQZRizwrQolM9u59ho_bcZhYZ-PUu0cjPsy0P_ZnPW1Ssiqz9iVfhpmcBrai40xNrXyvTxudp5NRtk
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 08 May 2022 04:05:18 GMT
Server
PingMatch/68b9f5e#68b9f5e54dfc641b3d4f527e43216a87a5c6cf08 i-030b4f650890e7587@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZzR4S0pvUVkxTk55YXk1&google_gid=CAESEKJoO3cgAZ7FpTG5iFoaNEE&google_cver=1&google_push=AYg5qPLWO0qWmbvVKffU4blQZRizwrQolM9u59ho_bcZhYZ-PUu0cjPsy0P_ZnPW1Ssiqz9iVfhpmcBrai40xNrXyvTxudp5NRtk
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 69E6
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEGPRx83HtUaxvu9quln-6uA&google_cver=1&google_push=AYg5qPIokzV8CWNf6Tu2wWt3G6aUBtbqf8q4Z7Rea0t9XQ1B7iCRMHFZ6loqg1-Kb8HXZzBh5fwrh8WXFFmFpmjx5i3t-Hoe3IMnRQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AD62B334C4214F37BAFC13552BA0FA45&google_push=AYg5qPIokzV8CWNf6Tu2wWt3G6aUBtbqf8q4Z7Rea0t9XQ1B7iCRMHFZ6loqg1-Kb8HXZzBh5fwrh8WXFFmFpmj...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AD62B334C4214F37BAFC13552BA0FA45&google_push=AYg5qPIokzV8CWNf6Tu2wWt3G6aUBtbqf8q4Z7Rea0t9XQ1B7iCRMHFZ6loqg1-Kb8HXZzBh5fwrh8WXFFmFpmjx5i3t-Hoe3IMnRQ
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 08 May 2022 04:05:18 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=AD62B334C4214F37BAFC13552BA0FA45&google_push=AYg5qPIokzV8CWNf6Tu2wWt3G6aUBtbqf8q4Z7Rea0t9XQ1B7iCRMHFZ6loqg1-Kb8HXZzBh5fwrh8WXFFmFpmjx5i3t-Hoe3IMnRQ
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 07 May 2022 04:05:18 GMT
pixel
cm.g.doubleclick.net/ Frame 69E6
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENZ610xxbMjn_IUtsGW75u0&google_cver=1&google_push=AYg5qPK5dpjg1WdVCWeTah8D-hgWOXaLTZfU8Bcsujt8lncpW7AxPH5JanLtAfh06GuI2syyiNfbq5FXUc9...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK5dpjg1WdVCWeTah8D-hgWOXaLTZfU8Bcsujt8lncpW7AxPH5JanLtAfh06GuI2syyiNfbq5FXUc9NBq1opkOdmTkbHG_MDg&google_hm=BesOEYP-QLey_AB9cD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK5dpjg1WdVCWeTah8D-hgWOXaLTZfU8Bcsujt8lncpW7AxPH5JanLtAfh06GuI2syyiNfbq5FXUc9NBq1opkOdmTkbHG_MDg&google_hm=BesOEYP-QLey_AB9cDaXbWU
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK5dpjg1WdVCWeTah8D-hgWOXaLTZfU8Bcsujt8lncpW7AxPH5JanLtAfh06GuI2syyiNfbq5FXUc9NBq1opkOdmTkbHG_MDg&google_hm=BesOEYP-QLey_AB9cDaXbWU
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 69E6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAMOO6tPl3lefkSe9HQbnV8&google_cver=1&google_push=AYg5qPK0XmCfdv3kA-QVx0w6eQ_ob7PvsS0TJB6jUpRLTmN4F1Rnkoc1I-WtIkZVAf7qvfCPGC4dk_Mcd-RceqgLwGqV...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK0XmCfdv3kA-QVx0w6eQ_ob7PvsS0TJB6jUpRLTmN4F1Rnkoc1I-WtIkZVAf7qvfCPGC4dk_Mcd-RceqgLwGqVA40wBgltRQ&google_hm=Uov4PYZfSveh_fJHqMZn-w==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK0XmCfdv3kA-QVx0w6eQ_ob7PvsS0TJB6jUpRLTmN4F1Rnkoc1I-WtIkZVAf7qvfCPGC4dk_Mcd-RceqgLwGqVA40wBgltRQ&google_hm=Uov4PYZfSveh_fJHqMZn-w==
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPK0XmCfdv3kA-QVx0w6eQ_ob7PvsS0TJB6jUpRLTmN4F1Rnkoc1I-WtIkZVAf7qvfCPGC4dk_Mcd-RceqgLwGqVA40wBgltRQ&google_hm=Uov4PYZfSveh_fJHqMZn-w==
Date
Sun, 08 May 2022 04:05:18 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 69E6
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEASVeGcut9X3-K_Ghnu1qO0&google_cver=1&google_push=AYg5qPJEzWijrgXdCd9qo5MHpap3RkiKAK7L1tMEHfNYot9O42e8qY7Q3yJJNBbiFbuf9qxceHGWpzVa...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEASVeGcut9X3-K_Ghnu1qO0&google_cver=1&google_push=AYg5qPJEzWijrgXdCd9qo5MHpap3RkiKAK7L1tMEHfNYot9O42e8qY7Q3yJJNBbiFbuf9qxceHG...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2ODQzNTU5MTU3MjE5OTg3NQ&google_push=AYg5qPJEzWijrgXdCd9qo5MHpap3RkiKAK7L1tMEHfNYot9O42e8qY7Q3yJJNBbiFbuf9qxceHGWpz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2ODQzNTU5MTU3MjE5OTg3NQ&google_push=AYg5qPJEzWijrgXdCd9qo5MHpap3RkiKAK7L1tMEHfNYot9O42e8qY7Q3yJJNBbiFbuf9qxceHGWpzVaFUMpkNxj-L0XBO40mWnN4A
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE2ODQzNTU5MTU3MjE5OTg3NQ&google_push=AYg5qPJEzWijrgXdCd9qo5MHpap3RkiKAK7L1tMEHfNYot9O42e8qY7Q3yJJNBbiFbuf9qxceHGWpzVaFUMpkNxj-L0XBO40mWnN4A
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 69E6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEH9ih6FRrUGYr1i-g-TkKe4&google_cver=1&google_push=AYg5qPIZxyYpjksJ8bjV7CWqiEF3IhYqSwfqOd2JUQ50tfWhRZlAuMDL3yoT2sLXFoG31zMtjPx...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJXUlVWUUktUS0yVzRY&google_push=AYg5qPIZxyYpjksJ8bjV7CWqiEF3IhYqSwfqOd2JUQ50tfWhRZlAuMDL3yoT2sLXFoG31zMtjPxkALg92iiX3hEgolip9Ii3Q7DTZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJXUlVWUUktUS0yVzRY&google_push=AYg5qPIZxyYpjksJ8bjV7CWqiEF3IhYqSwfqOd2JUQ50tfWhRZlAuMDL3yoT2sLXFoG31zMtjPxkALg92iiX3hEgolip9Ii3Q7DTZg
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJXUlVWUUktUS0yVzRY&google_push=AYg5qPIZxyYpjksJ8bjV7CWqiEF3IhYqSwfqOd2JUQ50tfWhRZlAuMDL3yoT2sLXFoG31zMtjPxkALg92iiX3hEgolip9Ii3Q7DTZg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 69E6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L20s4ctox-fIDNy8gNJNXdN8O7p71pD96OiUCCnRBxqEtFqzrFBY0GZn24TsvKZ0Ok3CZm
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C6BC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
131483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 May 2022 15:33:55 GMT
expires
Sat, 06 May 2023 15:33:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 650A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
131483
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 06 May 2022 15:33:55 GMT
expires
Sat, 06 May 2023 15:33:55 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame EAF8
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEO2_kpNOW0IG6arCn-3ZFLM&google_cver=1&google_push=AYg5qPKTmGSIRZ_RgtTYkPZsTwDFu5w12uO5jBFiQwO2419FYyeKEmJcO5B3akE2LN4DjD15p-FJsonNzvJw6vOM...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKTmGSIRZ_RgtTYkPZsTwDFu5w12uO5jBFiQwO2419FYyeKEmJcO5B3akE2LN4DjD15p-FJsonNzvJw6vOMZYIWHNL1j_erWw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKTmGSIRZ_RgtTYkPZsTwDFu5w12uO5jBFiQwO2419FYyeKEmJcO5B3akE2LN4DjD15p-FJsonNzvJw6vOMZYIWHNL1j_erWw
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 08 May 2022 04:05:19 GMT
Server
MT3 4390 fb8620d master pao-pixel-x19 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPKTmGSIRZ_RgtTYkPZsTwDFu5w12uO5jBFiQwO2419FYyeKEmJcO5B3akE2LN4DjD15p-FJsonNzvJw6vOMZYIWHNL1j_erWw
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 08 May 2022 04:05:18 GMT
i.match
s.tribalfusion.com/z/ Frame EAF8
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPVlpD1YHtJCDeD-gy0Yc5U&google_cver=1&google_push=AYg5qPKlhpGbVbKNErPkPNMU5mAt8qylEF2-1o0BGe6Dch_vSiJWGmJQBHu-iovQ8GIQXSUWx3mtrD9lI8tVOts02TxKJe1N6PmEP...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPVlpD1YHtJCDeD-gy0Yc5U&google_cver=1&google_push=AYg5qPKlhpGbVbKNErPkPNMU5mAt8qylEF2-1o0BGe6Dch_vSiJWGmJQBHu-iovQ8GIQXSUWx3mtrD9lI8tVOts02TxKJe1N6Pm...
43 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPVlpD1YHtJCDeD-gy0Yc5U&google_cver=1&google_push=AYg5qPKlhpGbVbKNErPkPNMU5mAt8qylEF2-1o0BGe6Dch_vSiJWGmJQBHu-iovQ8GIQXSUWx3mtrD9lI8tVOts02TxKJe1N6PmEPg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKlhpGbVbKNErPkPNMU5mAt8qylEF2-1o0BGe6Dch_vSiJWGmJQBHu-iovQ8GIQXSUWx3mtrD9lI8tVOts02TxKJe1N6PmEPg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:19 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
707f50f99ed58873-LHR
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
3
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
707f50f7fd7f8873-LHR
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPVlpD1YHtJCDeD-gy0Yc5U&google_cver=1&google_push=AYg5qPKlhpGbVbKNErPkPNMU5mAt8qylEF2-1o0BGe6Dch_vSiJWGmJQBHu-iovQ8GIQXSUWx3mtrD9lI8tVOts02TxKJe1N6PmEPg&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPKlhpGbVbKNErPkPNMU5mAt8qylEF2-1o0BGe6Dch_vSiJWGmJQBHu-iovQ8GIQXSUWx3mtrD9lI8tVOts02TxKJe1N6PmEPg%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
5w3jqr4k
sync-tm.everesttech.net/upi/pid/ Frame EAF8 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMyrQIK3gzp43Z22Mn_jizM&google_cver=1&google_push=AYg5qPLcuW-k29tuvajWxEiM2D4JsZIuOyO9Qwi44xa-9KusUsbxXYrOuLLC-4PdbcEHG9HChrTYiexGMkB7orKDavHb6rAtUSbJFQ
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
via
1.1 varnish
server
Varnish
x-timer
S1651982719.712567,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-lhr7324-LHR
pixel
cm.g.doubleclick.net/ Frame EAF8
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEERmnR8ItliSg3ZjLxsKvg8&google_cver=1&google_push=AYg5qPKJqWao1oy__39yfPXPj_3ZRdV4CgIlT6LbiyzbZUFkZwJ_2imbklKjVwsneB7_tKbjF4WnYHrW55CQCTqjdxn-rku9OgKyAw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=048856DC97BA4E43A9528C204FD0F8B2&google_push=AYg5qPKJqWao1oy__39yfPXPj_3ZRdV4CgIlT6LbiyzbZUFkZwJ_2imbklKjVwsneB7_tKbjF4WnYHrW55CQCTq...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=048856DC97BA4E43A9528C204FD0F8B2&google_push=AYg5qPKJqWao1oy__39yfPXPj_3ZRdV4CgIlT6LbiyzbZUFkZwJ_2imbklKjVwsneB7_tKbjF4WnYHrW55CQCTqjdxn-rku9OgKyAw
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 08 May 2022 04:05:18 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=048856DC97BA4E43A9528C204FD0F8B2&google_push=AYg5qPKJqWao1oy__39yfPXPj_3ZRdV4CgIlT6LbiyzbZUFkZwJ_2imbklKjVwsneB7_tKbjF4WnYHrW55CQCTqjdxn-rku9OgKyAw
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sat, 07 May 2022 04:05:18 GMT
pixel
cm.g.doubleclick.net/ Frame EAF8
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FW7xJsoLT8W74xXWRapaNg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FW7xJsoLT8W74xXWRapaNg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK9AU5G4yY6jY4ouPKpv599UA3Q5R8Vhr8AC9Sqt6g5uFXUPHDYKKROw_PT_XToHmB7kANfzZLxD-GqdlkB4-H55evQBSqIyw
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:19 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=FW7xJsoLT8W74xXWRapaNg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPK9AU5G4yY6jY4ouPKpv599UA3Q5R8Vhr8AC9Sqt6g5uFXUPHDYKKROw_PT_XToHmB7kANfzZLxD-GqdlkB4-H55evQBSqIyw
date
Sun, 08 May 2022 04:05:19 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame EAF8
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOfjJ53Qcrg49Nhqvxp-yIo&google_cver=1&google_push=AYg5qPIRDTRzHUDxFCCwvHZf4qlyHAvz3pXaxAerw-W0CpjYibHE-de9TAxwhoPKavmDDD2lN7qe7DUZ1yZQ2ibbA...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEOfjJ53Qcrg49Nhqvxp-yIo&google_cver=1&google_push=AYg5qPIRDTRzHUDxFCCwvHZf4qlyHAvz3pXaxAerw-W0CpjYibHE-de9TAxwhoPKavmDDD2lN7qe7DUZ1yZQ2ibbA...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIRDTRzHUDxFCCwvHZf4qlyHAvz3pXaxAerw-W0CpjYibHE-de9TAxwhoPKavmDDD2lN7qe7DUZ1yZQ2ibbA3Nbod_3zokVEw&google_hm=Emq1qGZHvPr3UxO9SRO1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIRDTRzHUDxFCCwvHZf4qlyHAvz3pXaxAerw-W0CpjYibHE-de9TAxwhoPKavmDDD2lN7qe7DUZ1yZQ2ibbA3Nbod_3zokVEw&google_hm=Emq1qGZHvPr3UxO9SRO1okk3
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 08 May 2022 04:05:18 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPIRDTRzHUDxFCCwvHZf4qlyHAvz3pXaxAerw-W0CpjYibHE-de9TAxwhoPKavmDDD2lN7qe7DUZ1yZQ2ibbA3Nbod_3zokVEw&google_hm=Emq1qGZHvPr3UxO9SRO1okk3
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
/
onetag-sys.com/sync/i,19/ Frame EAF8
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENpWxy0Yc5h2k0cVl2tYl7U&google_cver=1&google_push=AYg5qPLhL70x2TyMbMKN0CTmzehS1CA8EzYx4Pd7JjC8_7lWRxIkT9NLSupv18ywJpBBZ3AAICDns6AK9lR...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPLhL70x2TyMbMKN0CTmzehS1CA8EzYx4Pd7JjC8_7lWRxIkT9NLSupv18ywJpBBZ3AAICDns6AK9lRGuI-6DqlgEB0FdeErQw
  • https://onetag-sys.com/sync/i,19/?google_error=5
0
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/sync/i,19/?google_error=5
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip253.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/sync/i,19/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame EAF8 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2IGtQBPZZonWzZD7zMlrEU7U9b9Wwqz0TjLW9W0kk-thUR2u42p-Nb3KurNwzZIRuLlcBNQ
Requested by
Host: eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
URL: https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
counter.php
autocounter.idealmedia.io/autocreative/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autocounter.idealmedia.io/autocreative/counter.php?id=466737&pid=49813&referer=&cxurl=https://ivona.ua/&undefinedh2=4_Jqnpsfz37q43EAzBLIEib4OMC00T8Kxkc8aD1_ISE*&cbuster=1651982718641121785455
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
707f50f7a83c8861-LHR
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
index.html
s0.2mdn.net/sadbundle/8973273479436986886/300x250/ Frame D0BD 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74687156bbf77faeae4076e4839a13d27f5be3104316f1818aa84265cc0a0dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
232991
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1522
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 05 May 2022 11:22:07 GMT
expires
Fri, 05 May 2023 11:22:07 GMT
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame D6B8 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvr_0fBZtrsvzjV2d-sQIf1rQ3zyPld4Tq5Lu8_sSURdWycdLm73v8Cv3suvcdHT-npeI-n0q5-kucf422YSk9K7LxgYp69fosvqdqhui3iumsreesBWCXqRet5ty57yju3Hy3y2kEjnuoO3dkpJ_d6fUslnpG3vASB5YnolDC7JePw9OpZ0d65qGNmr6wRgfHr3G4kLyxtJMdVS5ESXM5uO8NzDPRQ5L9WbS0WNwlZabVr1FGSVzz9xUw3Qr5Htb79Jne8VRMvC1E_emTK7unl6IghMqPuS_Cke9WzIeef_qcE93riA7EhgqUikrx0mqZR3svYstTnv0dZ5ipF9_zr3D-GxZ46l1_yXP77AIB47So40m3j9IwZN6enUXw8AS_y1p5NDTPyDgujJn3uZS8Cv8VccKxOzExwlr_6qdh0TR9VYU5aHP1QU5rY71LBO4cyEpNR7MIC6NYJGk1qCPjtVT6xmfAjNqPw0GbS5UnXr-dTPaX2iWme-KqvMyKz_SaRaGY-pDlv_MwDzES4dMXityaDLb47Mu45EkXToUZgMv3AecPQn1RALuExvT_xuG4utCvArE6oVG-cBjg7rHm6HFP5-dt0nlW1vgeSeivKv7jRQNobARgXl40xa1V1tDhJsneTyjXfQha_VCNjsZEuQwpdhDYO-jMNjpePlGCgbQ27oDhk-Rp3j44fGIsAgKWvqEYMvEKeFQDkeCubfVsUR_7pdtNWqGI_QEStGRQO-V0lrnwTm7ogk-R0DD5fO_af0ysCDbuUUMW85CuDKdzTh3nLTDkocG7J5mmtw3N1MbZbxgXjOzqq8MVf4AiSCiBZM0DGNWt7FjitLOBPht2JhSnkjpIH7EPaE_pYJQSKAcwtX2M7aAnZ_8vAQ8j_1uOUQwwCMIdWXUob3UboRXTe4NV3ukHr7gFmkGbpihUb8r9PW-D0RpEShAL53pdGN2Lmt1wepWE3VuAfSuGKugZZg7TR1mDbodtEFVZca-sGC-RXBHtr7_svIAIhsgl9rCJfoMgyDalLQaZAB3EoeqxHlVuzuhs20zut_FjjDIdc0f3n9MAeZgEyq4tQDrcOBFi52C5D-uxAUzwaCt4bScQIONlxnurJOHpRF5wuvpg6v7td3pIQM3MpkeZmYQGKFfBVIvscthwwhQDHQ9jHfKlQhLiZYTGreDZ7&sai=AMfl-YQbL3yrqd_uYpd9FO_qE0ba5zDgnPzNrtNcCswWbX-9HFDmJPsK8bYM8BC1ftag-HsgBcYLa5H5Avh6s9q6yGlRHNNE2yOjNf5CyNDNyDZVe_1FohgenXgf0-myuF8I99UajR_0pPXPA2LNaSnM7fmIN6HN963JCq8T0WZqPQBh82gtNVj7OrBaaZgPRHLm_D9hlCeJ8L2_WdOFriNPcuuv&sig=Cg0ArKJSzGuy9t97ju9FEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=361&cbvp=1&cstd=358&cisv=r20220504.73526&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 08 May 2022 04:05:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/16097841811363312699/300x250/ Frame 6DBB 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edaea1ade0d27c61fc40916024b87d91f365023df3c0c880c8114b3add281426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
233038
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1503
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 05 May 2022 11:21:20 GMT
expires
Fri, 05 May 2023 11:21:20 GMT
last-modified
Wed, 27 Apr 2022 13:08:20 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame C660 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssRuRdBL-hCwsHfwvZY857NVtkKNLOYkhjvy2mZgaPeHVBK4Ld6NNVK8XWPtb5_4lTEuAnpcl3b3nVbYc8Yp91v6kjdndY4S0qaq7I3n4QDAlJ6d7TRBpFqLMPIZ67f4akWhwVCput7ZhZbSd_KgeO1Gpp9F-i5lhYslS9ZbBZKovMTgPBI8EIZlfqu-IACuAHmCW0Xy4db3xy5H0VpNI9SFY1qzHOHuUPH0vHksEONXgmyyrzotMc0z815s6XhaXy4TbfudJ7qn7JpmuWiEPrWLBOojVPNjb6dSGJ6b3vNgPbjZmkPBizwkxY_cgfPxDnLLxi3tRCu6KlFzJesVvusC0CxlAuurT6Lc7kQH6P37cwlX_jvzP27VzjEBFGOhICY5h-PA_kr0PKYAbTWUKZv8BJj9Ol-CoLUIkb1YFnAZjGFoiXJT8o68KRkenKxApw-cv4jhONYJbxiB_9wzHQwadzpUioGc-k9tMQJrMQVHMD4GMaycZhruyY1CrM9jV1BEdBV4jmNTfwgBiVz79Uvjg1ipAp-x-KtLIsY-8T5gWlhY-mb-kn6x3IQS2PYDz7Rcvi2R1MmUkkrkFPaj9geneTPnUF_RzkiSUYbGBNVPVicNeKgadb7inc44qewa2rot_lYfL-E6QfqIkCFFSAxiLYJouQtxpIkI9rlEMkiMsiVLx4oGD2NlELr65Lwv02Oh97d4m5EycOM5SdpjOgD6xHa4ephcw6Oc6exoAYzWubb20_RzQ3o9F5MkZ_jYuXj2uW3GqrHbrmWX6-7JehaRHHdczLsN_aGhmqpR-fWOl8-tdDKa2JcvmisEgbSKUZQXRo5iDYhqoATXdsyy-HeqXGzQPc9NZHkoGhwYDvsFBJodNI73y6CSPeQ9GaqwowwslwftxSWv4tq9LyPCLh-zM7yDtTTQSKpCWBG0xo0PZ5ilne7c2h-qcq0utXbqp-Y8fmFEYC3_-e4H4HGuvnKaY-fUkCAZNMfxmYecOGLuwaQEbnW3ge-0z7GNEV98uR6X08vcIe39F2axJiQukLbOtDpqKM7SaGuPaBI5aLbiDuiBF4vj9gv9SaDG-JguQhUl7EcK_4Cs9qKzyYWDvtrO9_xWznRCDgubxugwet4yaqt8sDtIFtB9mDRZdCGX7Xeu15pgymbYcRjdX36EkoV379zd7wfANMTNiDHfj9HtaW33A&sai=AMfl-YQYAgz7Bd5ROyb49Kxs_Q27wI-Xs9LLUPk7YaMXcVvMe6lKoThQ2x4I7XplagVKFpuLNebmnRT-5Zw-hbhKhVO3Fcye03oEnsmvZolg5L66lnO06bZorrUMhHW5FFiVMr9mAsEv2ccTBiKWM4_mwR35ID8astTYbOZlFyQvUFUM2c819YjeTCpX1vbp9t12wBwH-Lm7EjDgWUaIMxYTLSmL&sig=Cg0ArKJSzJyjqM_cjuOCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=380&cbvp=1&cstd=378&cisv=r20220504.09163&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 08 May 2022 04:05:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/8973273479436986886/300x250/ Frame 0837 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74687156bbf77faeae4076e4839a13d27f5be3104316f1818aa84265cc0a0dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
232991
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1522
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 05 May 2022 11:22:07 GMT
expires
Fri, 05 May 2023 11:22:07 GMT
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2A08 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssz0TcVgpDygk9UebzkqDqc1nVtD2CM9ZCtb4YQUU6trq10mwVWbonuOfPdxiAIQftPQM4hyJGKursKQt9gg5s_MDeVlls1Db7RGnS1OkkTxpu60i1q7R9bJmgNUVqUUvXPCQc0yW13A7K0lesz5J41h8gztDkDvVm8t6Z8ViWM3TK_AEwKhdyXW2GYUESEP9kFnl8Eqe0SQa80I169khSe5UxG2_1SiCADHCreZ4ezgcP2onJE1ai8kptUku2hOEZG6Wm3T2QgBCP4zuFyukpt_6oIDtP1Yqj6l13PEW5a8ldPbjLkI9ZX2a3XbbLJsJvZcTsVT7IRjJY5QBZktTpb5jHotpqU7tWV-S6AAy6vjU6DTsf7yftqEjntGJedehyEu434Ud4OLj5cwZ-onxFoKSLhCC3MDPMNDFWNb_HdC-okshVxMbutAVQuYK8iUr4JnkjTeWlObd4ptarCQreQ3aOUHOIrytDZMRV1gjmD9mQR3Kq25P3FIAREXc3Tr_mqLddaJ6U5BmtANFPrI405hQLJdAIfvdELySDuhi12XAl_hTdk2zQbqR56OnOuL5arvM4J87aPTWxqJrwELszqpiqHKF-JjAiGLhcfbJrLg7SFTt6yTlHXU_RQtL16UMjgovJPoTk6ezhk9MJI42bNk2mYq2p03cAD2p5uE7a70DQyXxtqukpdHsTTpfagIDt_OxCFqvk1fA-fVaJZgMLflVNHCNJqNy9Pgsce50pXfN63Wykx_Y4qNTCPzJpIijkvRlBpcFFa5czjjb15xLgEVADmW9dLkUMqpsRrrrz8XIaz9x3UsH6XKopbEzUC2zKpGPD4s9bj_guskOvc2UowNeq4bUr_79yAFe4CZzlhuhT2s3bMs7Jay5XjjDWbOWUAkV6ZiC5TlHz3if05XcwmbhoVxSjTnPh-iHVhx4g7Udp43an0RnuU-jQFwfRp8jeOeKBzSAJgW-8lAwCLs7KsxOqLpar1OHgn9_9llFsI0wuUpArMIOElGoYYMwA3-Zf4xtuTECTWo7j02Xn4YRod7LBn8bw6fZJ4-NJShBD8ID4-_3c80ZoLiEwChXEgzDtP1YLb7Gpi_TqCaDbe1_p32za3EvDohE9lekuI7LtxM2CneUkBtNepo5XUecZqfrUo5RNbe0rtao-Nuy9vN7KdrbHUOOhuhC9z4P0Ju3h-YdKkN28&sai=AMfl-YQjGeUbPqM7t4gJ1xGH9-A8Oo5gJCsyMKO40J36pmK2oKc1oau44PuUTPWgGSivVSRwrXZ33IJyeMUX4R3FjTf0ilg1ZG-MUmNXA56Cwi5e4n7lcLIsHjOMFh9aT2NgaeefQyEHqsCHn6b1MgCsce1skg5K0xm17ETotGjj-qaOtEtI0m9WyIdLh7MMRgaNM1ejwDHbtMj0hIqtMpZC1tIE&sig=Cg0ArKJSzGRX76tmi0DMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=375&cbvp=1&cstd=373&cisv=r20220504.98452&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 08 May 2022 04:05:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/sadbundle/8973273479436986886/300x250/ Frame 383C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74687156bbf77faeae4076e4839a13d27f5be3104316f1818aa84265cc0a0dc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
232991
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1522
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 05 May 2022 11:22:07 GMT
expires
Fri, 05 May 2023 11:22:07 GMT
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame BA67 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7Z-tmw7Kago15wI-aaarnGQqi6MTyhiEWf91A5VK6wiwBxEPVVFubchbufG2Uy8jinD4iE70BLQS2zXV-nt4eHedbePkCyymLtPUslj94JQQsl6GKPAsyKPAKu7jZMH2PFTQ1mGxJL-6V5eOVbCalDw6iut9FqQwEfnNR_qu0KP0BtRVta6cZE_xiXbHmYkkFkl53qIvUDZuRU0FnTDt0BtUu-aHSzo8UXS_P1MkGcgjfBH21EprOa7FGZeQ2FNNoV6UlE_sQBwvHMx8BVnXgjuJvovdjmeuSocJ5F8sFkBIjKoPwdMXl_7CSS9w8SpA_vTAVzCuC3MIZodpBzKNEN_Y6z91dELzqiqXI5h3alfxwHz5S_rQi6oHwV-RtgZJPsVVxS5HkCR6HhkeRp9Y6EwhsWxVGAONEdz0fklx0DrJylSoXl_B9cJi-oAVd9e1qQV2iIUA_tdC1MfX1lJqbxXOkoLNlAtML82zf0er7OO6smBhnEIo2a_g62SWeV83upNZMuF0iFj7dG5kST4-Io_6Hf0202s7xzDloj2Ru1kukn-RwUXtcSXZSYjq-UHciSMtovh5l3mCz25IqIWG5cS33SwcTohZwolWWFB-R8WVjzsKr4bgLK3cRWSSbwTQ5O7LWD7PXwjasQsGFZSHngCGvlklAQ55Tez0J1V-XeuKAFYM2vRzYVARd_c-bD1M8dQfnW6VLfHmMlJawnkYWnv3xYfw8wX1ZlQMU986LNCgcmD0lVm5s6tFR1oem2onBgC7VdPp5hFn6Wbyq6eFMt1prppQMaW_044GvyeuUWumaoCb8oH-01ZBQzR9UX_Z_F6vDW1JDC0Mh6VgV2kFLUrVd06BK4T7wKHD2rlVvMFMBSLwR0PBV_kQLxkr05PK6DyxZlWmlAXkefnCTB6vMyt8RSzDHMuVwodaN-wKvZkuqBPDpiMzdEiTr983n4Wa5rhrRPTvFfthZny_F3zqt-ZIMYMsB6oSnV1-Oj7GE9Dcl4dXfNVYHryraHCGowMKXTQQjrRuYpZDsycYu_bPeh2MkCq0EzHAQiIAfpgXZ0iq5x4RdkGZlIXHRvLhKGj3IR_Nf079PC1VBRppQSya_fcUJ5SgXvHZN0VQh0wGCx5CEsFfVgGA_mOaU7SAPGsdSXv4YNzgCcxROidtEsuDV5smNbVqdGjpzrljbErlP_KsLIg&sai=AMfl-YSxAtm_1ZuH56_GfYI2GUUjv2IQUaXWQ6CJNVy2X_EyWSFIQgmbAxLOJW_EpynMdsQAUnif1boMH9xqxY8dU07lii2NHjk62bA1EfEoFy_mOXmgMna_GRnCnZ0diiUzVeFjz8a4HOLCaYm4k-3ISUWXhzNoY0K_0_Uh4iFqHgkuvnmsbY3Mtq8Kzya77PIhYkt5WJ10dzX-uJgRdmyV79ts&sig=Cg0ArKJSzPM8ek8rszs1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=359&cbvp=1&cstd=356&cisv=r20220504.64139&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 08 May 2022 04:05:18 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
pagead2.googlesyndication.com/bg/ Frame E2A6 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 03 May 2022 19:59:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
374732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13628
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 May 2023 19:59:46 GMT
2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
pagead2.googlesyndication.com/bg/ Frame 5AEE 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 03 May 2022 19:59:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
374732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13628
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 May 2023 19:59:46 GMT
2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
pagead2.googlesyndication.com/bg/ Frame C6BC 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 03 May 2022 19:59:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
374732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13628
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 May 2023 19:59:46 GMT
2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
pagead2.googlesyndication.com/bg/ Frame 650A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 03 May 2022 19:59:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
374732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13628
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 May 2023 19:59:46 GMT
style.css
s0.2mdn.net/sadbundle/8973273479436986886/300x250/styles/ Frame D0BD 		2 KB
822 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/styles/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2b35a1051110619344500a806b8812688a853034982cd74e865b6c57347f96e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
793
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/ Frame D0BD 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
881205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22334
timing-allow-origin
*
last-modified
Thu, 25 Mar 2021 07:56:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"605c4223-f455"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B39l1Id9ZWvnN%2BArkvxmXAO52dH2FCWbB6eI2Y1SJBJ9FUlAT3EZwSajYisCF2ao0%2F8SqdEPFwX48uh2Dw8sae03up8b%2Fq6b0A7ztIb6PdORSETvhlL0b%2BJyE3WP9yPrqryfHreKX2QWEnCMrdh%2FUTIL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
707f50f84efb71bc-LHR
expires
Fri, 28 Apr 2023 04:05:18 GMT
motionpathplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame D0BD 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/motionpathplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
670b4574ac00792fb78909b383658833cd5c776a7f5715b9e9a5670668506db8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9193
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 May 2022 04:05:18 GMT
script.js
s0.2mdn.net/sadbundle/8973273479436986886/300x250/scripts/ Frame D0BD 		1 KB
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/scripts/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e040f7040ed36b5be89cedb753ae079b27d1c3a70d06948d4261951c958f0b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
500
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
img1.jpg
s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/ Frame D0BD 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/img1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c019a027baab418f2ad966d8dd7dbd0516abdffc824a6e89ee4dc05308e74214
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42196
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
img2.jpg
s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/ Frame D0BD 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/img2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5f2192ad7a896414c629f4330b8314c6dd37d1fe2d7a5a94f0b2aca399ed979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41315
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
pandora.svg
s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/ Frame D0BD 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/pandora.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af7f35bdbc4972dc96fae24d69ad71fe52d6fa46c849d565a8e75708eb182ccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1425
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
style.css
s0.2mdn.net/sadbundle/16097841811363312699/300x250/styles/ Frame 6DBB 		2 KB
820 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/styles/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ced4c5b4a349edac810642a2dead9f8adc4cdaceee97b199df3177c42fdb3386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
791
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:08:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:21:20 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/ Frame 6DBB 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
881205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22334
timing-allow-origin
*
last-modified
Thu, 25 Mar 2021 07:56:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"605c4223-f455"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BPYDk116lCu%2BiBdXSpk73%2BfWnV7VQpiW%2FVaDyA1pgIGs7YYnE9GPom9PrHsTQMZk2sX0aWRDjw1luF5%2FHzOCikTkUa9Ec4nYjhoNxF%2BK6JF8cGMIgrwWuQv%2Fzt29ovB4hxL1DoJWyqK8Cd6iom%2FTtui"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
707f50f85f1571bc-LHR
expires
Fri, 28 Apr 2023 04:05:18 GMT
motionpathplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 6DBB 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/motionpathplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
670b4574ac00792fb78909b383658833cd5c776a7f5715b9e9a5670668506db8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9193
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 May 2022 04:05:18 GMT
script.js
s0.2mdn.net/sadbundle/16097841811363312699/300x250/scripts/ Frame 6DBB 		1 KB
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/scripts/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e040f7040ed36b5be89cedb753ae079b27d1c3a70d06948d4261951c958f0b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
500
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:08:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:21:20 GMT
img1.jpg
s0.2mdn.net/sadbundle/16097841811363312699/300x250/images/ Frame 6DBB 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/images/img1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c019a027baab418f2ad966d8dd7dbd0516abdffc824a6e89ee4dc05308e74214
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:21:20 GMT
x-content-type-options
nosniff
age
233038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42196
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:08:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:21:20 GMT
img2.jpg
s0.2mdn.net/sadbundle/16097841811363312699/300x250/images/ Frame 6DBB 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/images/img2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5f2192ad7a896414c629f4330b8314c6dd37d1fe2d7a5a94f0b2aca399ed979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:21:20 GMT
x-content-type-options
nosniff
age
233038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41315
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:08:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:21:20 GMT
pandora.svg
s0.2mdn.net/sadbundle/16097841811363312699/300x250/images/ Frame 6DBB 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/images/pandora.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af7f35bdbc4972dc96fae24d69ad71fe52d6fa46c849d565a8e75708eb182ccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:21:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1425
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:08:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:21:20 GMT
style.css
s0.2mdn.net/sadbundle/8973273479436986886/300x250/styles/ Frame 0837 		2 KB
822 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/styles/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2b35a1051110619344500a806b8812688a853034982cd74e865b6c57347f96e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
793
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/ Frame 0837 		61 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
881205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22334
timing-allow-origin
*
last-modified
Thu, 25 Mar 2021 07:56:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"605c4223-f455"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4j8hXuPRsREn%2FtrakKlOew6RPV7QGmaIvE6nseEggdVBPnD%2F%2FDaM%2BC017vB4%2FV2H2ZpzILVZ%2F%2Bjj4kp%2BWQhZEiq0XMe%2BwvsyDGJYybzZFYyRjn7%2FScXrm7BhpYZ3ougpA%2FBzuNAtw64p9w3bcUW8j9At"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
707f50f86f1b71bc-LHR
expires
Fri, 28 Apr 2023 04:05:18 GMT
motionpathplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0837 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/motionpathplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
670b4574ac00792fb78909b383658833cd5c776a7f5715b9e9a5670668506db8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9193
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 May 2022 04:05:18 GMT
script.js
s0.2mdn.net/sadbundle/8973273479436986886/300x250/scripts/ Frame 0837 		1 KB
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/scripts/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e040f7040ed36b5be89cedb753ae079b27d1c3a70d06948d4261951c958f0b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
500
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
img1.jpg
s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/ Frame 0837 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/img1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c019a027baab418f2ad966d8dd7dbd0516abdffc824a6e89ee4dc05308e74214
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42196
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
img2.jpg
s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/ Frame 0837 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/img2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5f2192ad7a896414c629f4330b8314c6dd37d1fe2d7a5a94f0b2aca399ed979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41315
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
pandora.svg
s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/ Frame 0837 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/pandora.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af7f35bdbc4972dc96fae24d69ad71fe52d6fa46c849d565a8e75708eb182ccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1425
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
style.css
s0.2mdn.net/sadbundle/8973273479436986886/300x250/styles/ Frame 383C 		2 KB
822 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/styles/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2b35a1051110619344500a806b8812688a853034982cd74e865b6c57347f96e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
793
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/ Frame 383C 		61 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.6.1/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
881205
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22334
timing-allow-origin
*
last-modified
Thu, 25 Mar 2021 07:56:19 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"605c4223-f455"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKmB%2BZ4wmJ3NYnYtYh%2B1ZwBdXBDQzUZ5jpO1WuYFYBz1E7U1rr2qOCOqZhFsKvkrFsGr2hJYK35phL46mtzqZCKtjbiBLcH5Ty97jVFPKfu%2Ba1hgChYoLDVhiBynirhPuo3W9XadYJ4lojHuGBsFkD0R"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
707f50f86f1c71bc-LHR
expires
Fri, 28 Apr 2023 04:05:18 GMT
motionpathplugin_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 383C 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/motionpathplugin_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
670b4574ac00792fb78909b383658833cd5c776a7f5715b9e9a5670668506db8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9193
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 08 May 2022 04:05:18 GMT
script.js
s0.2mdn.net/sadbundle/8973273479436986886/300x250/scripts/ Frame 383C 		1 KB
529 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/scripts/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e040f7040ed36b5be89cedb753ae079b27d1c3a70d06948d4261951c958f0b1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
500
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
img1.jpg
s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/ Frame 383C 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/img1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c019a027baab418f2ad966d8dd7dbd0516abdffc824a6e89ee4dc05308e74214
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42196
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
img2.jpg
s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/ Frame 383C 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/img2.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5f2192ad7a896414c629f4330b8314c6dd37d1fe2d7a5a94f0b2aca399ed979
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41315
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
pandora.svg
s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/ Frame 383C 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/images/pandora.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af7f35bdbc4972dc96fae24d69ad71fe52d6fa46c849d565a8e75708eb182ccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1425
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
PanTextTT-Bold.woff
s0.2mdn.net/sadbundle/8973273479436986886/300x250/fonts/ Frame 383C 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/fonts/PanTextTT-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8164593b54914bff7b1f455f3920cedb76412a78e7a8917a68692d47a35c0139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/styles/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
PanTextTT-Bold.woff
s0.2mdn.net/sadbundle/16097841811363312699/300x250/fonts/ Frame 6DBB 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/fonts/PanTextTT-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8164593b54914bff7b1f455f3920cedb76412a78e7a8917a68692d47a35c0139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16097841811363312699/300x250/styles/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:21:20 GMT
x-content-type-options
nosniff
age
233038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:08:20 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:21:20 GMT
PanTextTT-Bold.woff
s0.2mdn.net/sadbundle/8973273479436986886/300x250/fonts/ Frame D0BD 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/fonts/PanTextTT-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8164593b54914bff7b1f455f3920cedb76412a78e7a8917a68692d47a35c0139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/styles/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
PanTextTT-Bold.woff
s0.2mdn.net/sadbundle/8973273479436986886/300x250/fonts/ Frame 0837 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/fonts/PanTextTT-Bold.woff
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8164593b54914bff7b1f455f3920cedb76412a78e7a8917a68692d47a35c0139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/8973273479436986886/300x250/styles/style.css
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 05 May 2022 11:22:07 GMT
x-content-type-options
nosniff
age
232991
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 13:07:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 05 May 2023 11:22:07 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D6B8 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvr_0fBZtrsvzjV2d-sQIf1rQ3zyPld4Tq5Lu8_sSURdWycdLm73v8Cv3suvcdHT-npeI-n0q5-kucf422YSk9K7LxgYp69fosvqdqhui3iumsreesBWCXqRet5ty57yju3Hy3y2kEjnuoO3dkpJ_d6fUslnpG3vASB5YnolDC7JePw9OpZ0d65qGNmr6wRgfHr3G4kLyxtJMdVS5ESXM5uO8NzDPRQ5L9WbS0WNwlZabVr1FGSVzz9xUw3Qr5Htb79Jne8VRMvC1E_emTK7unl6IghMqPuS_Cke9WzIeef_qcE93riA7EhgqUikrx0mqZR3svYstTnv0dZ5ipF9_zr3D-GxZ46l1_yXP77AIB47So40m3j9IwZN6enUXw8AS_y1p5NDTPyDgujJn3uZS8Cv8VccKxOzExwlr_6qdh0TR9VYU5aHP1QU5rY71LBO4cyEpNR7MIC6NYJGk1qCPjtVT6xmfAjNqPw0GbS5UnXr-dTPaX2iWme-KqvMyKz_SaRaGY-pDlv_MwDzES4dMXityaDLb47Mu45EkXToUZgMv3AecPQn1RALuExvT_xuG4utCvArE6oVG-cBjg7rHm6HFP5-dt0nlW1vgeSeivKv7jRQNobARgXl40xa1V1tDhJsneTyjXfQha_VCNjsZEuQwpdhDYO-jMNjpePlGCgbQ27oDhk-Rp3j44fGIsAgKWvqEYMvEKeFQDkeCubfVsUR_7pdtNWqGI_QEStGRQO-V0lrnwTm7ogk-R0DD5fO_af0ysCDbuUUMW85CuDKdzTh3nLTDkocG7J5mmtw3N1MbZbxgXjOzqq8MVf4AiSCiBZM0DGNWt7FjitLOBPht2JhSnkjpIH7EPaE_pYJQSKAcwtX2M7aAnZ_8vAQ8j_1uOUQwwCMIdWXUob3UboRXTe4NV3ukHr7gFmkGbpihUb8r9PW-D0RpEShAL53pdGN2Lmt1wepWE3VuAfSuGKugZZg7TR1mDbodtEFVZca-sGC-RXBHtr7_svIAIhsgl9rCJfoMgyDalLQaZAB3EoeqxHlVuzuhs20zut_FjjDIdc0f3n9MAeZgEyq4tQDrcOBFi52C5D-uxAUzwaCt4bScQIONlxnurJOHpRF5wuvpg6v7td3pIQM3MpkeZmYQGKFfBVIvscthwwhQDHQ9jHfKlQhLiZYTGreDZ7&sai=AMfl-YQbL3yrqd_uYpd9FO_qE0ba5zDgnPzNrtNcCswWbX-9HFDmJPsK8bYM8BC1ftag-HsgBcYLa5H5Avh6s9q6yGlRHNNE2yOjNf5CyNDNyDZVe_1FohgenXgf0-myuF8I99UajR_0pPXPA2LNaSnM7fmIN6HN963JCq8T0WZqPQBh82gtNVj7OrBaaZgPRHLm_D9hlCeJ8L2_WdOFriNPcuuv&sig=Cg0ArKJSzGuy9t97ju9FEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=837&vt=11&dtpt=476&dett=3&cstd=358&cisv=r20220504.73526&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 May 2022 04:05:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 2A08 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssz0TcVgpDygk9UebzkqDqc1nVtD2CM9ZCtb4YQUU6trq10mwVWbonuOfPdxiAIQftPQM4hyJGKursKQt9gg5s_MDeVlls1Db7RGnS1OkkTxpu60i1q7R9bJmgNUVqUUvXPCQc0yW13A7K0lesz5J41h8gztDkDvVm8t6Z8ViWM3TK_AEwKhdyXW2GYUESEP9kFnl8Eqe0SQa80I169khSe5UxG2_1SiCADHCreZ4ezgcP2onJE1ai8kptUku2hOEZG6Wm3T2QgBCP4zuFyukpt_6oIDtP1Yqj6l13PEW5a8ldPbjLkI9ZX2a3XbbLJsJvZcTsVT7IRjJY5QBZktTpb5jHotpqU7tWV-S6AAy6vjU6DTsf7yftqEjntGJedehyEu434Ud4OLj5cwZ-onxFoKSLhCC3MDPMNDFWNb_HdC-okshVxMbutAVQuYK8iUr4JnkjTeWlObd4ptarCQreQ3aOUHOIrytDZMRV1gjmD9mQR3Kq25P3FIAREXc3Tr_mqLddaJ6U5BmtANFPrI405hQLJdAIfvdELySDuhi12XAl_hTdk2zQbqR56OnOuL5arvM4J87aPTWxqJrwELszqpiqHKF-JjAiGLhcfbJrLg7SFTt6yTlHXU_RQtL16UMjgovJPoTk6ezhk9MJI42bNk2mYq2p03cAD2p5uE7a70DQyXxtqukpdHsTTpfagIDt_OxCFqvk1fA-fVaJZgMLflVNHCNJqNy9Pgsce50pXfN63Wykx_Y4qNTCPzJpIijkvRlBpcFFa5czjjb15xLgEVADmW9dLkUMqpsRrrrz8XIaz9x3UsH6XKopbEzUC2zKpGPD4s9bj_guskOvc2UowNeq4bUr_79yAFe4CZzlhuhT2s3bMs7Jay5XjjDWbOWUAkV6ZiC5TlHz3if05XcwmbhoVxSjTnPh-iHVhx4g7Udp43an0RnuU-jQFwfRp8jeOeKBzSAJgW-8lAwCLs7KsxOqLpar1OHgn9_9llFsI0wuUpArMIOElGoYYMwA3-Zf4xtuTECTWo7j02Xn4YRod7LBn8bw6fZJ4-NJShBD8ID4-_3c80ZoLiEwChXEgzDtP1YLb7Gpi_TqCaDbe1_p32za3EvDohE9lekuI7LtxM2CneUkBtNepo5XUecZqfrUo5RNbe0rtao-Nuy9vN7KdrbHUOOhuhC9z4P0Ju3h-YdKkN28&sai=AMfl-YQjGeUbPqM7t4gJ1xGH9-A8Oo5gJCsyMKO40J36pmK2oKc1oau44PuUTPWgGSivVSRwrXZ33IJyeMUX4R3FjTf0ilg1ZG-MUmNXA56Cwi5e4n7lcLIsHjOMFh9aT2NgaeefQyEHqsCHn6b1MgCsce1skg5K0xm17ETotGjj-qaOtEtI0m9WyIdLh7MMRgaNM1ejwDHbtMj0hIqtMpZC1tIE&sig=Cg0ArKJSzGRX76tmi0DMEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=830&vt=11&dtpt=455&dett=3&cstd=373&cisv=r20220504.98452&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 May 2022 04:05:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame BA67 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7Z-tmw7Kago15wI-aaarnGQqi6MTyhiEWf91A5VK6wiwBxEPVVFubchbufG2Uy8jinD4iE70BLQS2zXV-nt4eHedbePkCyymLtPUslj94JQQsl6GKPAsyKPAKu7jZMH2PFTQ1mGxJL-6V5eOVbCalDw6iut9FqQwEfnNR_qu0KP0BtRVta6cZE_xiXbHmYkkFkl53qIvUDZuRU0FnTDt0BtUu-aHSzo8UXS_P1MkGcgjfBH21EprOa7FGZeQ2FNNoV6UlE_sQBwvHMx8BVnXgjuJvovdjmeuSocJ5F8sFkBIjKoPwdMXl_7CSS9w8SpA_vTAVzCuC3MIZodpBzKNEN_Y6z91dELzqiqXI5h3alfxwHz5S_rQi6oHwV-RtgZJPsVVxS5HkCR6HhkeRp9Y6EwhsWxVGAONEdz0fklx0DrJylSoXl_B9cJi-oAVd9e1qQV2iIUA_tdC1MfX1lJqbxXOkoLNlAtML82zf0er7OO6smBhnEIo2a_g62SWeV83upNZMuF0iFj7dG5kST4-Io_6Hf0202s7xzDloj2Ru1kukn-RwUXtcSXZSYjq-UHciSMtovh5l3mCz25IqIWG5cS33SwcTohZwolWWFB-R8WVjzsKr4bgLK3cRWSSbwTQ5O7LWD7PXwjasQsGFZSHngCGvlklAQ55Tez0J1V-XeuKAFYM2vRzYVARd_c-bD1M8dQfnW6VLfHmMlJawnkYWnv3xYfw8wX1ZlQMU986LNCgcmD0lVm5s6tFR1oem2onBgC7VdPp5hFn6Wbyq6eFMt1prppQMaW_044GvyeuUWumaoCb8oH-01ZBQzR9UX_Z_F6vDW1JDC0Mh6VgV2kFLUrVd06BK4T7wKHD2rlVvMFMBSLwR0PBV_kQLxkr05PK6DyxZlWmlAXkefnCTB6vMyt8RSzDHMuVwodaN-wKvZkuqBPDpiMzdEiTr983n4Wa5rhrRPTvFfthZny_F3zqt-ZIMYMsB6oSnV1-Oj7GE9Dcl4dXfNVYHryraHCGowMKXTQQjrRuYpZDsycYu_bPeh2MkCq0EzHAQiIAfpgXZ0iq5x4RdkGZlIXHRvLhKGj3IR_Nf079PC1VBRppQSya_fcUJ5SgXvHZN0VQh0wGCx5CEsFfVgGA_mOaU7SAPGsdSXv4YNzgCcxROidtEsuDV5smNbVqdGjpzrljbErlP_KsLIg&sai=AMfl-YSxAtm_1ZuH56_GfYI2GUUjv2IQUaXWQ6CJNVy2X_EyWSFIQgmbAxLOJW_EpynMdsQAUnif1boMH9xqxY8dU07lii2NHjk62bA1EfEoFy_mOXmgMna_GRnCnZ0diiUzVeFjz8a4HOLCaYm4k-3ISUWXhzNoY0K_0_Uh4iFqHgkuvnmsbY3Mtq8Kzya77PIhYkt5WJ10dzX-uJgRdmyV79ts&sig=Cg0ArKJSzPM8ek8rszs1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=810&vt=11&dtpt=451&dett=3&cstd=356&cisv=r20220504.64139&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 May 2022 04:05:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame C660 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssRuRdBL-hCwsHfwvZY857NVtkKNLOYkhjvy2mZgaPeHVBK4Ld6NNVK8XWPtb5_4lTEuAnpcl3b3nVbYc8Yp91v6kjdndY4S0qaq7I3n4QDAlJ6d7TRBpFqLMPIZ67f4akWhwVCput7ZhZbSd_KgeO1Gpp9F-i5lhYslS9ZbBZKovMTgPBI8EIZlfqu-IACuAHmCW0Xy4db3xy5H0VpNI9SFY1qzHOHuUPH0vHksEONXgmyyrzotMc0z815s6XhaXy4TbfudJ7qn7JpmuWiEPrWLBOojVPNjb6dSGJ6b3vNgPbjZmkPBizwkxY_cgfPxDnLLxi3tRCu6KlFzJesVvusC0CxlAuurT6Lc7kQH6P37cwlX_jvzP27VzjEBFGOhICY5h-PA_kr0PKYAbTWUKZv8BJj9Ol-CoLUIkb1YFnAZjGFoiXJT8o68KRkenKxApw-cv4jhONYJbxiB_9wzHQwadzpUioGc-k9tMQJrMQVHMD4GMaycZhruyY1CrM9jV1BEdBV4jmNTfwgBiVz79Uvjg1ipAp-x-KtLIsY-8T5gWlhY-mb-kn6x3IQS2PYDz7Rcvi2R1MmUkkrkFPaj9geneTPnUF_RzkiSUYbGBNVPVicNeKgadb7inc44qewa2rot_lYfL-E6QfqIkCFFSAxiLYJouQtxpIkI9rlEMkiMsiVLx4oGD2NlELr65Lwv02Oh97d4m5EycOM5SdpjOgD6xHa4ephcw6Oc6exoAYzWubb20_RzQ3o9F5MkZ_jYuXj2uW3GqrHbrmWX6-7JehaRHHdczLsN_aGhmqpR-fWOl8-tdDKa2JcvmisEgbSKUZQXRo5iDYhqoATXdsyy-HeqXGzQPc9NZHkoGhwYDvsFBJodNI73y6CSPeQ9GaqwowwslwftxSWv4tq9LyPCLh-zM7yDtTTQSKpCWBG0xo0PZ5ilne7c2h-qcq0utXbqp-Y8fmFEYC3_-e4H4HGuvnKaY-fUkCAZNMfxmYecOGLuwaQEbnW3ge-0z7GNEV98uR6X08vcIe39F2axJiQukLbOtDpqKM7SaGuPaBI5aLbiDuiBF4vj9gv9SaDG-JguQhUl7EcK_4Cs9qKzyYWDvtrO9_xWznRCDgubxugwet4yaqt8sDtIFtB9mDRZdCGX7Xeu15pgymbYcRjdX36EkoV379zd7wfANMTNiDHfj9HtaW33A&sai=AMfl-YQYAgz7Bd5ROyb49Kxs_Q27wI-Xs9LLUPk7YaMXcVvMe6lKoThQ2x4I7XplagVKFpuLNebmnRT-5Zw-hbhKhVO3Fcye03oEnsmvZolg5L66lnO06bZorrUMhHW5FFiVMr9mAsEv2ccTBiKWM4_mwR35ID8astTYbOZlFyQvUFUM2c819YjeTCpX1vbp9t12wBwH-Lm7EjDgWUaIMxYTLSmL&sig=Cg0ArKJSzJyjqM_cjuOCEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=852&vt=11&dtpt=472&dett=3&cstd=378&cisv=r20220504.09163&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 May 2022 04:05:19 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
www.facebook.com/login/ Frame F170
Redirect Chain
  • https://www.facebook.com/v3.1/plugins/page.php?adapt_container_width=true&app_id=1797034293858937&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df39...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df39f64e77786%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff22e64b88645e04%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=9f60dd423d87d8eb51b21ff34c8c9a85
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
about:blank
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sun, 08 May 2022 04:05:19 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
oHPOMb2R8gim+ppZUzQvnU1Swia8urvASWMV7En9+xIFZfaIalQGRh/zcNo8KbWLgJWy7otGzP2Vvjylr+6w7w==
x-fb-rlafr
0
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sun, 08 May 2022 04:05:19 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v7.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df39f64e77786%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff22e64b88645e04%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline
pragma
no-cache
priority
u=0
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
smHLENTtiwmo3zRBbtuXHnjCMXnRUWy/dvdG07Jc+h155z0GF78sHnn089WjiebiTljjqBPz5jwhg6OYKur6tg==
x-fb-rlafr
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220504&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c67d9c0d82d1247169481087317a6ef3b2584948d73a0a2dfcb1f01b7dda33b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 08 May 2022 04:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10678
x-xss-protection
0
truncated
/ 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
gen_204
pagead2.googlesyndication.com/pagead/ Frame E2A6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsjZ-fkF3YsCSCoHT3gP5jYzQAgAAAAA4AeAEAg&bg=!zs2lzYnNAAZX5TVhd-U7ACkAdvg8WqEvIBwBxeSIyCsdRW63fTlDO2Ihm-5f3xdt3uutHqHJSkyxewIAAAFtUgAAAAJoAQeZAvFADAe6-1a8GL6hCxTL4QcTerWlBSv5zpq4z3nztmTTaDX0Jl5kUyJjb-kaR7Tmxsx7bYKFGVvqjgpTJxdo7w-66EcIh9-URSB5YPmdDCnR11CY05qUDjsSVYoTvo04VKHJqD5D9gnszP0OnzcszBXN4BS4atGWAffjmw6iLmcr9Astet4jjAs-yQM4gtWF-b4X-bqCYOc1K3i79kG59sxoWElS6w9cjY_1s7VTwc9amzMVfkiJ8eGzBhKoGpw_mDcKH2ZX6uOiWvRo3XMQMS2tbxhHowSTck9kmdxpZdGhpx7rpyB2H8rdWLq5SGYHqruAjv6DqeVjRWD_e7HWc5apuowXNvRUtQbQYmjDX9F0qs_pV1CW_yV_sRuFqrkE6XRDzfgOgONtlkpIYnBiIkqmoOm0rpBHBSxMaAa8d6Y5fYltFIM5El5eJ29gWtPAHFa0fMvXz4IE2daK4VXAipVbwu-NEcYfp6kZX-HHTPAyl7btXDkgFamuCJ3Pz93USbzvj9Qc-IBzaEYdIYVRYtHEbQKqBrkPSH3dc7zavFDXGrgqymrgkru2IWFj_1hvX6wEkv1rDh7aAFW6tpocpzJ4vsohkapvpjJrqsBnNkt7SY8QnE0-PhaaLj-IaH0-QRC8MKof0g026es5gYtS5WdF8ERI6QcizP2cHFmAQBPn-dnIiBluf32_7FvYR-6iZvLzT6WeDrDuCW5k7PamUHcP_I2ozHOowMnOtRZxcd50p7mPV1e7lztGK4uVCPeVoAvBmCpTWDaQrY15raa1dxnXeBZ3tw88S_OHOaXqScsVU4tQ4CpXpSGK1UI-ARRvXPaVDgk0c3lpNVGq6UDyg-j4fc_uRXJ_9JLiQNsZjvY-MyTunv6gGzGkdzWBc-jK3E3sex60uDt9uznWCs9sF08uVi-mzWADJl-EniWCdz9Sk9qT-lfx7QGz36PeomzwAD0G9XNfQJEdKB-NZJxO6COe-GNnt5AtmSlSK3D4GWiKg0U
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5AEE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQX4UfkF3YrO0CZu33wP7lZ2ACwAAAAA4AeAEAg&bg=!PD-lP3vNAAZX5TVhd-U7ACkAdvg8WunKottyDT13Gseem-vKXjMO2awMiZzc-bQ9SONbliqwyfkQFgIAAAFmUgAAAAJoAQcKAKVqpnKHo1voY31uuCx-qmyTdff1EsnRlIvF73bt12KUt3Pk6YfUR0rY6drk-a8I1euKtHV769dAoABHd2AFX7TYvsmieFcFpA-0vzT7CA9kp82AS5qzKWNINkra2LORVClolSR5mgmCNJ7Nt4bBwhXEovlUQJTYbDOACW82gz9yjF33uNV5MyGJke-T-SnLJoNUmGlShBUyC6F_l5LrqJj9u9ZKU-aZAvLuIZsgrn5XwBa-s-EaC6F-M84y-klceAb8TsaTZhn3YCjRPoty3QvD6MoPhx-lb81xYWu3Bf4TdxQ3xBxwqmFepzrCzqaLIuil0lzvCW_hLX695an8YCSvYsY0jB1LIGaOmJX75rMHPntQtb1NGgtuH_KsojFwCdVXmXvnR4kRahTgIrchctgG5CX9fCJbgznfL-NPx13aj4FZBP6oWGQ3ae9ZUvn3bPshzLqBOrMA3CjWqCSUxheiADGbFdJ8RJjADTh76d61-Z0yI7Ycj00s8tbKGvyb5kdf9nMmbiFLzTJi0fA0qAWkFbCqHz82lxagQkdUymQtvaunWmrhGy9pNpdXufovdeNPtvYfeaJP7LaB6dg6vAaOZfkoiqyRRHl4BtqL9UCEGt7_b4HvByJRL_94IPcrromaPEPpVljH-8iPAvw44tTqXGNth_Ie-yXnNznCVFhb-fw_QRrwAlA8axnCpWGv5XMpXfW8Eq0SU64RDcw343LWQdeyPlumWqr6VF-WVixQCW6-rcUjmNGZc_-FNNZ0NGYFsS8mvFZUhMBiaC6nwbtR3U8bZuvp6hJAqWpn-Tlqomr25AlNd4041eP7Eo-FvwYIDCibfMFY6B1Fz2uJKL3CGG0rZnEs-31FiaTOSqowAg2KTAKD48RtSU0fy22uTfyV_uXraGQ_FjDX0vHFThwNp2TW6AiqnGL6xvfuFH7IeuOCmE4ku1ThzX2yAGyKQN-lTgub6AQtXbWlQ6pgr0aPOF3nrzxP0tunyTfuQpUKOKndIaz0pcQAn5VkqJvVBNfXFTo-mvqmaTChstGq9rc02HEbwDD6RWZNd5qlhIAOfeKXPxfsgPAjSuZmF1h60TFHL4p1umk4nghfmSU4db1D5B9P62-ZW6fslREFv3Gt6vAnZQKoECYR2bdQRrxwNROopPCtdo2s7lg1loMXyhMuCzqabcYHAcMPYvfAragARgFmte1FjoPPcRFEoBc6zo2fV4sZDBS7lQZI
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C6BC 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bt-6xfkF3YvzWCofu3wOcy7nQCgAAAAA4AeAEAg&bg=!5eal5qLNAAZX5TVhd-U7ACkAdvg8WgjinPmQDx429_nNLXtIIhV6uVOeeKOsTI35aFAHcPR9OkH5YAIAAAFWUgAAAAJoAQeZAuj16qjtyyxR41bHqhvgw99Q2i6kqrAfjIWWDEGbECv64-9rxokO9QPzeNm9-l-XYIGCk8NZWCkWiSpl0MH6xxUzVQDFM7LeAYEEm0DtpV-hnJTX4rRDZC0zynyGnq7nwReoHWdtJrQZ8Gkt-3uGJG4TJDrVIrP0DsGuSVD1psrA2pe-T9B_odR53fwnoGFwNMRTACYHgDzjSV_uIBkqK3ebuX7mS5q49wDw5HdEI9JZne_VdbcpHfhpoljhkvD8-RTCABw3GzQ4_gfHCJme6N_n7YE6UfihnZtUs3Orz7IWsWzihSeLj9ATa1bPAjD6oG88AM9X3AUau3cyEQIEdjvQ-MkxpA6iw-M0DWhprKKSjtOqbjm_KS0hyx7e04ruQuVxzW1LzOfo9ykyM5d7yUWkkYvCXqDwpbVuHSrc9VaOiArj0HkdT6uKjNfhw26dB4QWlBZRNi8LhOLcVDzsD-JGWZuUNrJQpjAiDZrJ3S4M-QSUcbxwAbMc9MUCBAqAG70o5V0rSv2r7OIFo2n3ow8DFAhCtm-7XiSPkiIaUI1MAv3VvA5-2ej0YgMICucAMcNCSg143AXvyPmDPusMGrg9OxaAWXNwUjZGh3OFggyDsD8tArpADHsXNIuPTLFFZpRnclGfuIjK96nEicNg1_eOjjwlxYU3YYedPNOzjJ40UqEG6WxNe6IbgNrtk-i2q0IzDsxed69iCaAtWmmXtXgKrqHhf0zuvE0vKjThaJajSJYDPw9i70i6qSclcjrruSfJDn3g-0iueX9m668qwrcXQTBvFbbVkP5ikW9rVJ2N79uZWAO3nNS7cNTFDb80R7ZBFYnNYjWEuV8z8ArDY70hjmktLSejyzx1KVpTYVVmhWOw6VW93aYU4MPr-ByhUoHvExg_WnVsIqQVm83fYJ165X5ZblkzR8eebgbFLjJTOjKqgxy8e6nkDUITWbmsgsaqBOfgiZlnsPbf4joQdPZ19jaEYLcZQFA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 650A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bt1amfkF3YrfrCYj63gOa3qOQDgAAAAA4AeAEAg&bg=!p6SlpODNAAZX5TVhd-U7ACkAdvg8WpZc5w5X5J_k_AhgxUCSMofR3aJF2Vfre_UfIrzS-03EA1vRqAIAAAGIUgAAAAFoAQeZAuj5eSNoxgPH5Xm6SpjHbR8qmI_zC9uxQpUY_V02SZ1Z9VuVnWN51Wyvq0BliGzVAQVQ8g_La2V5m--kbH8YOWRN6uuWT1jo42wWRS6brJFVS5ezCVOibdqzRYM-XXNDREguTaBvWDRC03PFHwPZlbGJCx_ppgD2oKklSxqhBYA8DSXBzQjq3LGO_aEhWg_6qGqdNah8cWVyXpdlU7L00ACtlrijwnJpktQfXhiB7Ufw09M9flSIxBh2eQJo0BxG7KzjLrcBwep2k1DjGEFYJWX2wCLpYvbL03StBGlXGGqAeeeHVOM0BD1SnmnhoUH8n6Eyf6I0AixTNv3VmlnMxaaDUXQOWYEFUoSCnQbEJrhqiUdWZHRU5jFWZt7vgbkKlv-BMn2fQ9qmlIJ8MeaE9R-hyTl1UzARVI46-2V6wLowFi4jYpBiSFyq0zA55Hn_qclsohBWf1TFLlQDW-mciWgnYJC2nTwcnW8pLLPH1JYxmNYCMLEcinIidy7yGAbm16-4UmhmpeFPKW2iUzIV9WefZW-5RzgJgw0OFO7BN-mYlJHF8AZU5BN8wonpgwhoG5wC_7cz0AEnwSETiH7QFDm3nyKuu5yyLrt16lW1PeJsdUnKAbmgDUdEA1oUuON3yVmJLemYZwIWKEHOBeEjaUbAnNpOm859er67HUxqJiiDXQ5EGdgZhErRgiQfzyoM8P7VhGLH7BACTUXVzAxWKxhZxmTkZQIJgN3kEV-Go7hmXQFUdM8x2r5NAYDGYn1PmZFZdXeuwqG6Gesz4aLuEEivk-fgerg2dy8AC6UCGTZsYtjZMEBk87NR43OTL486h8iLYaTLUYoBDtsH3IgUhZWFs8AJKvedoWP0xsRS2aMigwu51w9u3Nh8RgL6VJoDPMziQVZfU-en-6YivWZm1Fw5z9pdU2kMJhpqDe9KKD4pEejkcJwUIX7sEE8Nmy0VhQW0CUQ8kV8t8qw_ep4L59asOh9mqw_6Cos
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067426
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 08 May 2022 04:05:19 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CFAD 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
11220
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 00:58:19 GMT
expires
Mon, 08 May 2023 00:58:19 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3B1D 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e09c0bef003154cc4d4fc74048a8b3b61d5a1961c0463fef789b1ecc2bea6dff
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xvRZZAHHDf3mynkVE5WsjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-xvRZZAHHDf3mynkVE5WsjA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 08 May 2022 04:05:19 GMT
expires
Sun, 08 May 2022 04:05:19 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
activeview
pagead2.googlesyndication.com/pcs/ Frame C660 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst08FTc8rQi28lOroZV537x19aYvX5NE9IhA0LDHQJrVhmzN-LgiAF2-p41Xv56s1EqxzFJ5gGeMuO1n-AVu1X6uJYRvpAa64wpVtJbBlHKHyjbB5HO0gNe33c7&sai=AMfl-YRy3sN8c34Ugotisx5ETSALtWDmECjKeuGPD8xTRQuX8XwldfKzAC0FZCk74_ZEDM7-s3QkoL6BiLD8Vy9pRZXHKFVUtXwhFcMlRI3d13HmTee0APXa9M4e-5vd&sig=Cg0ArKJSzI1e6DoRnSo_EAE&cid=CAASJeRoF-SbrwimfIfyZPOLstc-oJY25Ft7yjj7GRqGysEYDFW6EEA&id=lidar2&mcvt=1001&p=950,0,1200,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3119778438&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651982718010&rpt=402&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
pagead2.googlesyndication.com/bg/ Frame CFAD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 03 May 2022 19:59:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
374733
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13628
x-xss-protection
0
last-modified
Mon, 02 May 2022 13:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 03 May 2023 19:59:46 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3B1D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220504&jk=3789903359041081&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
c
c.idealmedia.io/ 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.idealmedia.io/c?f=1&pv=3&v=314|96|12|-xmLOZBa6m5hFGLnQEAr03ZBY597eO3ENfITEc5mo8UZOW0w-ie6JAY1_mugxaeA&fw=1&extjs=66044&cid=1296181&h2=4_Jqnpsfz37q43EAzBLIEib4OMC00T8Kxkc8aD1_ISE*&rid=1277ce09-ce84-11ec-98cd-e43d1a2a04aa&tt=Direct&iv=11&pageImp=1&pvid=180a1d7d486a2522137&cbuster=1651982719543394273985
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:19 GMT
cf-cache-status
DYNAMIC
x-mg-request-uuid
67140f0f-f253-48bf-a988-9a90181cddfd
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
707f50fd3d468861-LHR
content-length
43
server
cloudflare
generate_204
tpc.googlesyndication.com/ Frame CFAD 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?n06Enw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 08 May 2022 04:05:19 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220504&jk=3789903359041081&bg=!lZalltLNAAZX5TVhd-U7ACkAdvg8Wn_O1mG3vrtW1ZYylfmtC_LLOtef59Y1VylCufIGK6Dvi9F0GgIAAABmUgAAAAJoAQeZApTRLg2TBZjjipy7FraEL-BzmBmwXTXEBpQWKdpFWG4Mdz_3V27vBl3SK2NALcJCTg_2BNHhL_PfCk5x6XJn4HOCZ7c_oz33AKwOrD0tGrlbyztCHDUGoHIUbJO_xnddqqsLFYesXujlRueNIomIZVUDSS8u5jNAcXwLSQacEiOe7s49H1lmpt7QfqjtTi2Qz9QFpLChQLDVgnCL0x7tHG3qjp6Z8dafw22OM17e6vI_Q_B9lcVOGa1LpFxPpIRtAuFCbBk-YilM9ojYYt2IPjifnOS9FJGzBhfp0-q5keAmdAV96XU3YBtaYuJnHjDNTyzYqKfa5oqwLvUsYgXlQDVmUPinCxDYEjKKRh4BQmHi1FYb5455RLERjRWIfHi96cy4VowzWvaeNbsPXxPC--Jler50kgtSavOQCZNHj04wDcmt6wpbTN9m86Zs_yYN5obm3Y1SkWlB5Vf6lRnR2ZOPhayK0Nx5wRzhhyKvLQd1MUAgauOtljsMpQvuNWxKvZTPiY_EU4d9kvh3aF6NTiWnMA28n_FyKVOFREX_h4cAAm1ALG9skEFVCBY0wgO-0VYdmr510IfhQnnw8jIEPhMFqJKVB5op2xIjqM4NirxKeIKJ_3iYWY61KT_hDHcvh08mu3oMdPUMG9YnjE0blqyVNPC1Qam60upH297Qy4PX-VnTP1JL0f_ODr6-td27fGJ6ataaQd_a0JqRskfDin9TPi9sN2o69UjKZdGqUD0chh7CQCqaHfZivtyhAHBdnIMBVSh2U3VKHRlNDMq-yzD856NaRqTBCirN2j9Mk2fK6IuGJFB0PEJdJMRAxTF-dZlD7EURCDuyH__tqgL6yXZygaabia2-mI_0wa7KXGSPMNCK28I
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
https://ivona.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 08 May 2022 04:05:22 GMT
server
nginx/1.18.0
content-length
36
content-type
application/json
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=B975C028E6724236A853F003CA132373&time=1651982722686&location=https%3A%2F%2Fivona.ua%2F&referrer=&is_flash=0&session_id=792008575&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=holder&param1=~cm_timer~&param2=5&param3=1200&param4=3250&param5=7&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ivona.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 08 May 2022 04:05:22 GMT
server
nginx/1.18.0
content-length
36
content-type
application/json
dd58b8522fe8bfa6761e8fb43bebd8fc-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
i.ivona.ua/i/54/46/68/1/5446681/image_main/ 		105 KB
105 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/54/46/68/1/5446681/image_main/dd58b8522fe8bfa6761e8fb43bebd8fc-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-125.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
59c69b554d0f9e16eddf5aaddaa2355adb2c073c3ee6d8c687761e44400f2bf3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 07 May 2022 15:39:52 GMT
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
last-modified
Sat, 07 May 2022 15:25:30 GMT
server
AmazonS3
age
44731
etag
"2ae7c81fa64e5ce1ed5561044786bbfa"
x-cache
Hit from cloudfront
x-amz-version-id
iVwfDLNu7xzcsrcI.lgDbtk7TLRcVUIu
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
107316
x-amz-cf-id
9CYj-pxNdIqz5DoO7ONfGWz9OoSzgxcNRAIMyGAISDeiUau5Nu0UZQ==
activeview
pagead2.googlesyndication.com/pcs/ Frame 2A08 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstx3h3jh3OZDONVXM9ncWFzswe0UbmPavpmnOXkhxPEB9n61jvlewfp5VcwTLLajz_TDoxn8PyKS_GHdRczCbYkwc7KkWDvumE8sSdHhNIdL_TuXrgkD7JumDVw&sai=AMfl-YS25KKMIWTKaRpL27nPGSz62i7cHHRWuWq6duYQ6q_T5vuWbLngTAaLm9EZPR4dp7waRPwiJX55xv0iQbnwc7MJ2oicF7wEf2Ao5QAyy3oHM5toTFFsB67nxLxJ&sig=Cg0ArKJSzDfY8Pa4mHCfEAE&cid=CAASJeRovNZeSEdXmZZ5QpBs1bRgcRYEiUkj_u5ZVj-Kfp61PP5apX8&id=lidar2&mcvt=1000&p=950,300,1200,600&mtos=649,915,1000,1033,1033&tos=649,266,85,33,0&v=20220504&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1056675244&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651982718071&rpt=389&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 08 May 2022 04:05:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEPVEnOXUF98BOg6rgz6n_9E&google_cver=1&google_push=AYg5qPJrMCV3j-eeyk27k15WgEuoWHRhxRJSEw6kNt2V3w-uwKn0nLfn5Hbhlh_THCv-thGl_brAM1078dfD6Nx9K_e4feldzw8

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails number| H_DEV object| holderPlaces function| holder function| gtag object| dataLayer function| $ function| jQuery string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| ABNS string| ABNSh object| ABNSl function| Popper object| bootstrap object| jQuery112408453340706003891 function| lazyload function| LazyLoad function| phnx_frontend_get_var function| setUMHBibbCode function| loadUMHBranding function| admixerLisBrndMsg function| runZoneJS object| UMH function| ABN object| pr number| pos string| k number| v object| e object| b function| phnx_article_stat_view_complete function| phnx_article_stat_view_add function| md5 object| toastr function| phnx_set_data_message function| phnx_notice function| phnx_notice_session_save function| phnx_notice_session_start function| phnx_scroll_to object| name120now object| FB object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga object| timeout object| gemius_cmpclient object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt boolean| admixerLisBrndMsgSet object| globalAmlAds object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| gaplugins object| gaGlobal object| gaData object| hb_dmx_res function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| regeneratorRuntime object| mwayss object| googletag object| s object| p string| bn_url function| setImmediate function| clearImmediate function| Achernar object| pbjsChunk object| pbjs object| _pbjsGlobals function| Swiper number| tns_already object| tnscm_adn string| tnscm_pak object| cm_events function| html2canvas function| _open function| idCoreOnReady function| tnsOnStatResult object| IDCore object| __cm object| _mgIntExchangeNews object| IdealmediaInfC1296107 function| IdealmediaCContextBlock1296107 function| IdealmediaCMainBlock1296107 function| IdealmediaCInternalExchangeBlock1296107 function| IdealmediaCRejectBlock1296107 function| IdealmediaCInternalExchangeLoggerBlock1296107 function| IdealmediaCObserverBlock1296107 function| IdealmediaCSendDimensionsBlock1296107 function| IdealmediaCRtbBlock1296107 function| IdealmediaCDiscountBlock1296107 function| IdealmediaCIframeSizeChangerBlock1296107 function| IdealmediaCContentPreviewBlock1296107 boolean| mg_loaded_466737_1296107 object| IdealmediaInfC1211636 function| IdealmediaCContextBlock1211636 function| IdealmediaCMainBlock1211636 function| IdealmediaCInternalExchangeBlock1211636 function| IdealmediaCRejectBlock1211636 function| IdealmediaCInternalExchangeLoggerBlock1211636 function| IdealmediaCObserverBlock1211636 function| IdealmediaCSendDimensionsBlock1211636 function| IdealmediaCRtbBlock1211636 function| IdealmediaCIframeSizeChangerBlock1211636 function| IdealmediaCContentPreviewBlock1211636 function| IdealmediaCResponsiveBlock1211636 boolean| mg_loaded_466737_1211636 function| CrossDomainStorage object| onClickExcludes function| mgReject1296107 function| mgLoadAds1296107_038ea function| IdealmediaCReject1296107 function| IdealmediaLoadGoods1296107_038ea function| mgReject1296181 function| mgLoadAds1296181_038ea function| IdealmediaCReject1296181 function| IdealmediaLoadGoods1296181_038ea object| _mgq function| _mgqp number| _mgqt number| _mgqi function| mgReject1211636 function| mgLoadAds1211636_02fdd function| IdealmediaCReject1211636 function| IdealmediaLoadGoods1211636_02fdd object| _mgPageViewEndPoint466737 string| _mgCanonicalUri object| _mgPageView466737 string| _mgPvid boolean| IdealmediaCSvsdsFlag boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgRequests object| GoogleGcLKhOms object| _mgwcapping object| _mgPageImp466737 object| google_image_requests

101 Cookies

Domain/Path Name / Value
ivona.ua/ Name: b
Value: b
.cdn.umh.ua/ Name: AU
Value: fd24684c64b27fc5
ivona.ua/ Name:
Value: store.test
.ivona.ua/ Name: __gfp_64b
Value: y.1lO3Vjr1RjfExku_A_e7glZTs6Pq4Uu_1iuKRw_Gv.27|1651982716
.ivona.ua/ Name: _ga
Value: GA1.2.697972760.1651982717
.ivona.ua/ Name: _gid
Value: GA1.2.1489439959.1651982717
.ivona.ua/ Name: _gat_gtag_UA_206274582_1
Value: 1
ivona.ua/ Name: cbtYmTName
Value: G2A5cn85ITl6eCwoKS0sLyl4fSkqeSsuOWat
.hit.gemius.pl/ Name: Gtest
Value: KlSVBMGGQMQGX3cXmj9tTacissGMXP8c25nSGYvi1UYPgp1isG..
ad.mox.tv/ Name: moxuuid
Value: 70cd728a-cbef-4ac2-9ace-32bba2377b1d
ad.mox.tv/ Name: _mwayss_zone_imp[4730][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[4730][frequencyPeriodEnd]
Value: 1652069117
ad.mox.tv/ Name: _mwayss_imp[15455][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15455][frequencyPeriodEnd]
Value: 1652069117
ad.mox.tv/ Name: _mwayss_camp_imp[4847][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4847][frequencyPeriodEnd]
Value: 1652069117
ad.mox.tv/ Name: _mwayss_imp[15595][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15595][frequencyPeriodEnd]
Value: 1652069117
ad.mox.tv/ Name: _mwayss_camp_imp[3877][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[3877][frequencyPeriodEnd]
Value: 1652069117
ad.mox.tv/ Name: _mwayss_imp[15442][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15442][frequencyPeriodEnd]
Value: 1652069117
ad.mox.tv/ Name: _mwayss_camp_imp[4418][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4418][frequencyPeriodEnd]
Value: 1652069117
ad.mox.tv/ Name: _mwayss_imp[15792][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15792][frequencyPeriodEnd]
Value: 1652069117
ad.mox.tv/ Name: _mwayss_camp_imp[4942][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4942][frequencyPeriodEnd]
Value: 1652069117
ad.mox.tv/ Name: _mwayss_imp[15362][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15362][frequencyPeriodEnd]
Value: 1652069117
ad.mox.tv/ Name: _mwayss_camp_imp[1954][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[1954][frequencyPeriodEnd]
Value: 1652069117
.admixer.net/ Name: am-uid
Value: be3583c419214685aef9345d7a5bdc23
ivona.ua/ Name: am-uid
Value: be3583c419214685aef9345d7a5bdc23
loadercdn.net/ Name: vui
Value: ccf1409c53e648dc99a8ba2d15139b3f
.hit.gemius.pl/ Name: Gdyn
Value: Klx3sMMGQMQGX3cXmj9tTacissGMXP8c25nSGYvi1UYPgpMiGsRPIQlGvGGp5Mg8SsGT8SpGDlnaxFLWXRSG
.quantserve.com/ Name: mc
Value: 6277417d-46351-5c658-58b77
.bidswitch.net/ Name: tuuid
Value: 528bf83d-865f-4af7-a1fd-f247a8c667fb
.bidswitch.net/ Name: c
Value: 1651982717
.bidswitch.net/ Name: tuuid_lu
Value: 1651982717
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: d43ed2f2-42b2-5280-ba6a-3b0bd81d7a76
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: YndBfQAKMWCqtlNPzUXF3qkQb1lYefJm3GVPFw==
ad.mox.tv/ Name: bdswtch_sync
Value: 528bf83d-865f-4af7-a1fd-f247a8c667fb
ad.mediawayss.com/ Name: bdswtch_sync
Value: 528bf83d-865f-4af7-a1fd-f247a8c667fb
ad.mediawayss.com/ Name: moxuuid
Value: 70cd728a-cbef-4ac2-9ace-32bba2377b1d
ad.outstream.today/ Name: bdswtch_sync
Value: 528bf83d-865f-4af7-a1fd-f247a8c667fb
ad.outstream.today/ Name: moxuuid
Value: 70cd728a-cbef-4ac2-9ace-32bba2377b1d
.ivona.ua/ Name: __gads
Value: ID=de2ffcaf26b8bfcc:T=1651982717:S=ALNI_MYUwd8ss343hRS-oT64cKGo2a3rIQ
.doubleclick.net/ Name: IDE
Value: AHWqTUmKh0MTYo1IGaRJLyUtqStfcx72brqPncTuzB-5Rl8sVv0khgzHTPUNS-YQo2w
ad.adopx.net/ Name: bdswtch_sync
Value: 528bf83d-865f-4af7-a1fd-f247a8c667fb
ad.adopx.net/ Name: moxuuid
Value: 70cd728a-cbef-4ac2-9ace-32bba2377b1d
ad.invamia.com/ Name: bdswtch_sync
Value: 528bf83d-865f-4af7-a1fd-f247a8c667fb
ad.invamia.com/ Name: moxuuid
Value: 70cd728a-cbef-4ac2-9ace-32bba2377b1d
.adnxs.com/ Name: uuid2
Value: 1903896658729787591
ad.vidverto.io/ Name: bdswtch_sync
Value: 528bf83d-865f-4af7-a1fd-f247a8c667fb
ad.vidverto.io/ Name: moxuuid
Value: 70cd728a-cbef-4ac2-9ace-32bba2377b1d
.advertising.com/ Name: APID
Value: UP12873b28-ce84-11ec-a783-0283112e4064
ivona.ua/ Name: IdealmediaStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%2C%22TejndEEDj%22%3A%223YN.HNN5%2B%22%7D%2C%22C1296107%22%3A%7B%22page%22%3A1%2C%22time%22%3A1651982718307%7D%2C%22C1211636%22%3A%7B%22page%22%3A1%2C%22time%22%3A1651982718424%7D%7D
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2ImNJp>]X!@wnfH8K6pQK`!5=E<*L5?%L`1eaE>68].>0sZSI8Mt1_/uY`i?wH%6m<xMK%nugO%v4VB%nn]B*6=LY
.casalemedia.com/ Name: CMPS
Value: 685
ad.vidver.to/ Name: bdswtch_sync
Value: 528bf83d-865f-4af7-a1fd-f247a8c667fb
ad.vidver.to/ Name: moxuuid
Value: 70cd728a-cbef-4ac2-9ace-32bba2377b1d
.spotxchange.com/ Name: audience
Value: 1294fdd9-ce84-11ec-ac65-141922060206
.quantserve.com/ Name: d
Value: EDUBCQGLJoEA
.yahoo.com/ Name: A3
Value: d=AQABBH5Bd2ICEDEziWcb9-KKgEp-lIlVe9kFEgEBAQGSeGKBYgAAAAAA_eMAAA&S=AQAAAo28QtqpKpBPT6AWF_RwCR8
.casalemedia.com/ Name: CMST
Value: YndBfmJ3QX4A
.ctnsnet.com/ Name: cid_05eb0e1183fe40b7b2fc007d7036976d
Value: 1
.ctnsnet.com/ Name: gid_CAESENZ610xxbMjn_IUtsGW75u0
Value: 1
.simpli.fi/ Name: suid
Value: 048856DC97BA4E43A9528C204FD0F8B2
.adfarm1.adition.com/ Name: UserID1
Value: 7095211747378133139
.3lift.com/ Name: tluid
Value: 2075366578163428143026
.analytics.yahoo.com/ Name: IDSYNC
Value: 1762~24rg
.lijit.com/ Name: ljt_reader
Value: Emq1qGZHvPr3UxO9SRO1okk3
.casalemedia.com/ Name: CMRUM3
Value: 2d6277417e2760CAESEBNEXKoxEel5aWz4HC63tYQ
.adform.net/ Name: C
Value: 1
.w55c.net/ Name: wfivefivec
Value: g4xKJoQY1NNyay5
.adform.net/ Name: uid
Value: 4168435591572199875
.w55c.net/ Name: matchgoogle
Value: 5
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.creative-serving.com/ Name: tuuid
Value: 48b8b3b0-fb48-4fd6-86d3-b3826d87ab30
.creative-serving.com/ Name: c
Value: 1651982718
.creative-serving.com/ Name: tuuid_lu
Value: 1651982718
.casalemedia.com/ Name: CMID
Value: YndBfsrfggpviMHbQYFmZgAA
.casalemedia.com/ Name: CMPRO
Value: 1874
.tribalfusion.com/ Name: ANON_ID
Value: amnsIHy4ZawEBA9MAJP7dwaA7UyqpONS0xurduV7EOByZaFTuHhkOqreZbLTvZdTtugR2e8RPF1GbreQbcMdvgf8x4V5
.addthis.com/ Name: na_id
Value: 2022050804051900016354774158
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 6277417f0f1c9d66
.addthis.com/ Name: ouid
Value: 6277417f00015091f41db334be653624269156e886a33a4d5bef
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220508
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.facebook.com/ Name: sb
Value: f0F3YtH-nA2TXcnM-Cc9B4Br
.facebook.com/ Name: fr
Value: 0pViE2Sd69ZIZN7QY..Bid0F_.sj.AAA.0.0.Bid0F_.AWX4uHhLq4c
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 156EF126-CA0B-4FC5-BBE3-15D645AA5A36
.mathtag.com/ Name: uuid
Value: 0ff76277-417f-4400-85df-04859a46dc2e
.mathtag.com/ Name: mt_mop
Value: 4:1651982719

7 Console Messages

Source Level URL
Text
network error URL: https://ad.mediawayss.com/ad/mwayss_invocation.min.js?pzoneid=1022&height=250&width=300&tld=ivona.bigmir.net&ctype=div&ch=ivona.bigmir.net
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://ad.mediawayss.com/ad/mwayss_invocation.min.js?pzoneid=1023&height=90&width=728&tld=ivona.bigmir.net&ctype=div&ch=ivona.bigmir.net
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://h.holder.com.ua/s?ta&bholder_320x100_4084&c1&r82720310&dholder1217097366&hhttps%3A//ivona.ua/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://h.holder.com.ua/s?ta&bholder_320x100_5759&c1&r82720310&dholder2068016217&hhttps%3A//ivona.ua/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMyrQIK3gzp43Z22Mn_jizM&google_cver=1&google_push=AYg5qPLcuW-k29tuvajWxEiM2D4JsZIuOyO9Qwi44xa-9KusUsbxXYrOuLLC-4PdbcEHG9HChrTYiexGMkB7orKDavHb6rAtUSbJFQ
Message:
Failed to load resource: the server responded with a status of 503 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.adopx.net
ad.invamia.com
ad.mediawayss.com
ad.mox.tv
ad.outstream.today
ad.vidver.to
ad.vidverto.io
ads.betweendigital.com
ads.creative-serving.com
adservice.google.co.uk
adservice.google.com
ap.lijit.com
autocounter.idealmedia.io
bgstats.mox.tv
c.idealmedia.io
c1.adform.net
cdn.admixer.net
cdn.idealmedia.io
cdn.jsdelivr.net
cdn.umh.ua
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cms.quantserve.com
connect.facebook.net
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
eb2.3lift.com
eb478b2c1011e7a425a74e8d8cb3505c.safeframe.googlesyndication.com
exchange.informer.ua
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
gcm.ctnsnet.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h.holder.com.ua
i.holder.com.ua
i.ivona.ua
ib.adnxs.com
image6.pubmatic.com
inv-nets.admixer.net
ivona.ua
jsc.idealmedia.io
kolobok.ua
loadercdn.net
ls.hit.gemius.pl
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
rtb.openx.net
s-img.idealmedia.io
s.tribalfusion.com
s.zmctrack.net
s0.2mdn.net
securepubads.g.doubleclick.net
servicer.idealmedia.io
source.mmi.bemobile.ua
sslpagestat.mmi.bemobile.ua
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
z.cdn.umh.ua
google2waycm.netmng.com
104.111.242.245
104.16.199.73
104.36.113.23
104.92.72.137
142.250.184.194
142.250.185.130
142.250.185.162
142.250.185.66
143.204.215.125
145.239.237.56
146.0.227.110
146.59.10.80
151.101.194.49
159.122.14.34
167.71.9.19
18.156.0.31
185.132.133.134
185.165.240.175
185.180.220.208
185.180.223.221
185.187.81.41
185.33.221.90
185.94.180.125
188.42.196.115
193.29.200.142
193.29.200.162
194.247.175.26
194.247.175.38
2.20.85.164
212.8.250.228
212.8.250.83
2606:4700:4400::ac40:98f5
2606:4700::6810:5514
2606:4700::6810:7aaf
2606:4700::6811:180e
2606:4700::6812:bcf
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:827::2001
2a00:1450:4001:827::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:400e:810::2003
2a00:1450:400e:811::2002
2a00:1450:4025:402::9d
2a02:fa8:8806:13::1370
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:90c0:41:2801::254
3.121.17.132
3.122.49.139
3.124.9.195
34.98.64.218
34.98.67.61
35.157.174.33
35.186.193.173
35.186.253.211
37.157.2.236
51.89.9.253
65.9.63.58
69.173.144.138
72.251.249.13
74.121.143.240
76.223.111.18
78.159.118.240
85.114.159.93
91.198.36.26
91.198.36.35
015e4b567c96c225b5aa2fdb9990d4464bd60bf5611c41897e59ac1237b17b7e
0330a0898abe8caef0f06be08f760ef75cafcc56941a8accaa28943217b0da34
06460bf7c5f4dca446e79cb15c7de70cfbb2f31a6bc55b49ef2f8a7c7463488e
080431b0d2ed7669bbdfb77ae3c5fbbca5f5c49e43f520c396d5f0f9ee5b7497
086a975ac822168f5668c2af7b9d8e0d810c86ab13eac0952a07b1131bc9b344
08a17ca9bcfece46e069e7a74d3b5bddbd1c7cd254b11f32311baee1c1919ca9
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0aa3da6f6cfc9bca498309db855293bafd6558ff87eaa650863dddb63218be7d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c816db78c9677581e1a5944e4822496ff397e2fdba0df34a2f809b49562f3cf
0d291f822cdb185df7637c64caf28f0394f5436a1dc3c44a1199a85ab44b19dc
0e9f925476cd82f39e2183a6765ff68e02fbfba3b0c30846e8564e7440b7c002
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
14bda2a65f2a9a08295f65b3aac194f99614522a6cdf8b95ce0d9b629332644c
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
18b6670e07249a713ae14f473537778fa319942a3eaabaf1534fe186910f5ec4
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1d53683ab7784f6a0d77c41959d76037efcf1a3e340a6d40fc1617e84b01df4c
1d6da5b2d9dcb7f54dd07bd3ccd7b3fb8620b679c6923378f79604285f9dd346
1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88
211f7410704189d6e68894621ca2adf74d6b81a093c23491790aa77f87f805d3
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
2398bf1724098cd83c9183e68a382ec695bea12a4fb51db4e79c8c1c9b8aa312
24b8dee038e42eb0a35f5f2250385a6e7821a0410a4c55f4afaab79dad56b470
258648f036b2724ed8b9868d5e04d05d6f76b6a9aed313da504c76e436a127c8
27560c21aa1342b59feee50c926fea9a7f35ce85d3a9a15c96c9241304b6f5fb
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a5ffc4b5364d3c9b497b0358cec59b47658cdbb7455e840977d80dffcc4c37b
2ba54c2c0ee422e605c0a01ab06fd224af56017507c345ee988b2d66658ba69d
2c87d3e2f818ba84a6d76a422499b997d743c05d936adfd84539290a8f0fec42
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2ff7bab8af8a346d7c3f611bad6645a5578f2d9e678aceff6070c0787d0dedb2
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ba16e1b1d8a7bd9b5fd855dbe3db459460d39b818944c98fa56efc03d04070
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3fbfb06e63fa579fed72ece8aa20f93ff47ce40613d3e0e5a12326874e34ca5f
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
463f3a36ad85e31f7b490397a006aeb2b9ebcaa9929f50c35fb766e6ee3005a6
4743c6992e1e6c3e4f51231f76d888109fd6c73d443226688e0f1b48b84158d5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d2ef2d592f177d6008f995b944cda8c3111800e828e3aedb3919d22ce2e4755
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e52e4f3a1ae80182e6e89ee7aeca40bc41370a0f511e0211cbb85cc60484803
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
4fbb19b8f5aebbc171196f2f6c83eb9a9750af2a838005b0af20b76561b0ae20
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
564ac34413ba02e14b2b0929c2db111e6973a52ed3e7575cd945a357fc6d486e
56f472a78bb26cb01bac9a695e9b30e89b87f5e070b51532992f037b2d20fcb8
586d7b4b743133e06789ce98a3a49ebbf23f1e002279438c2e377b541b93ede9
59c69b554d0f9e16eddf5aaddaa2355adb2c073c3ee6d8c687761e44400f2bf3
59fe052fa30275b48b087c29ee1e47022c320d5f4081d8e15015caee0f2a6283
5bd01542a1cf26a2e3c0ae28b4fd11fe33bd63cca61bf55243c2008e30aec925
5c69d76cd9d8b7383aa7eeea1df3c34e37fbd04a624488ea7db5e7d6c476593e
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
6056ffc424715134bc8cb5583ce0af5e2bb6c2eb772550a0519e1afd163eb4d6
607a088bcfabb3c9f9913512a27c9e600869e4b7f9730ee06ec54747f8870e53
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
670b4574ac00792fb78909b383658833cd5c776a7f5715b9e9a5670668506db8
674dfab03d4ce9bf29aa896cf93cdf6875b068bd7097a3a90657651bc48e4862
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
74687156bbf77faeae4076e4839a13d27f5be3104316f1818aa84265cc0a0dc2
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b
7a00f8e4f124e4cd2b5c64004c37469fbaed0be5d0b2624e1b6977178985e458
7a3e2211e9bf114d049bb17ffdab66a889f20a55770d462a3136b573e23c439c
7b4b07d23354c543dc43e161b5abe841f026ebaf1d53ac0cce0e3884b970f871
7b8e36274e8930a38a94c85117c749376c2a1d7a219fe1558e2a58dd39e9e1dd
7ce75b11f8c0a2820306e881c1764088d16e4e73e52b94572ab9c668440396da
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
7f1eeef241cb5ed6974f1af3fb0b96efbd36e389073a3ac30e1f2ddedad9b06c
813e00e93ee3876232674bfb1e27eebbeebc4a9494fbe02aff87c00aa6834ee9
8164593b54914bff7b1f455f3920cedb76412a78e7a8917a68692d47a35c0139
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
889627c3043f5e9bca49c89c75505b33ac7cd36cba8a4bc8a6861daca3c93290
897df19b5abf52d0fe3f004ab86b862b587a72ce3bb06565eb17556a6767bab1
8a57a75047723c81b2b6edf992cdec50618d8548907169fc1fe01c3089a8a89f
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bb484309d784bba01a1ff715f7d423af33702fc47ea5c796ecf69e522c9f600
8c49566661e25a56098710ae7c23c306a8cd94bf3ac3614686aa7f9a3afb1c32
8d7832681fefe96364c5125961411b92444f84368fe0c6097c4ebe2777c831d8
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
92597e248bc20d803a6999065b391b16057d84bd546d245e7c0375aab2395bbf
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac
98b2cf187a1b22f55c63f13408c83865d0377b181768439c7d118b5f7edbcd53
98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b8bc82efed6ab5687af2f31504453af4e229e4b8d88466534709dcc229070ef
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9ea0e377e7aae7d3dc96cdbf930aafd610462f072b2461fc9608b126267fee32
9ff109c4e57422f8a036056b925a05bda1bb347a7ad921a1911f8975afa91c4b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10e7064bf6a788c67304be2dacba454fca986a3bac0d0de71c79fb6a54bd1bc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a50bc86507d138f13723003cdb2386fac5e5bf6cf5b09ad82f0f42042b8b230c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa3acc2c005d6a53519d71912ebd1d465039dcb920d52dfa93a14b5f3a289763
ab5749bdc8f7d93af52475e10351459bea68841c0bc9c498ba716497eb77f539
abecbd5e11f3f3dab2178ecff1946d64faad970349f64134d385171c18d6f419
af7f35bdbc4972dc96fae24d69ad71fe52d6fa46c849d565a8e75708eb182ccf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17707fd3962e62b1399de6f42bc7abe06af681821524b5e52bc4bde4468e2e9
b5f2192ad7a896414c629f4330b8314c6dd37d1fe2d7a5a94f0b2aca399ed979
b6ce302111de6cc0467e584ea54cd79e186e2c2d2872c1809ff7548ed750ce96
bc1488787d3cf709f889ff69ac672838198868852d9a7a6ae5bf3cd2f3ec6786
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d
be705c134d98e7a215275e82ed9d928f4361b65143517f9809ae1c9e113eeb42
c019a027baab418f2ad966d8dd7dbd0516abdffc824a6e89ee4dc05308e74214
c0e7c44952ddcc2591ef2fc3ef2b99fc6623fa8a02e8f4c04957362695f91dcf
c228cfe6b3ebb46f183eda1d08be68dfc80fd7680ce97ec6daef9b3d81f52b44
c30b014e3192d3d0d52b07e96b08e53ae72996798717bd8a46eeecfb353e7f16
c65e72277456100de4e033cd12dd87cbf0e10a47d68af7d198689dffbc76f66a
c67d9c0d82d1247169481087317a6ef3b2584948d73a0a2dfcb1f01b7dda33b5
c76d5e2046acda81a2a3ef977a12f20192ec17dd6168b241db47cedce7c18829
c81545d9563ab48d53fcab50bb75af59524e88a2a2c0de861f54588c9c2e9761
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
c90a99bbac9772de85d6ad1923be2c53c4e1ca74e30d64ae341b9aa6de9d1c24
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ca18a695aa649c8be202136c7e83fe201f90b7c3391d45fbe971689d9bb3ebcd
caa6ff303a43dc709e7cdc38637d434ba077374a0ed8e06f7fe30c89dcbbb338
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399
ced4c5b4a349edac810642a2dead9f8adc4cdaceee97b199df3177c42fdb3386
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2b4784c4c5222aeeb8184754ecf53fadbf0d75d3d633ef473b222afd955b766
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d46d546adb8eb4f0e1c016bf923e54b4602e57409e473ac32a8a2c14ed2cc06d
d69048ad742259a1dc28fad3bd232ae0098b2f64b9e9e4183b4abe6cc3749a71
d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
dbb2505b06e08533923090ed6d0abda57fe85ef12756829e006d038b20ed10ff
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46
dce03f3336254bd93ae523da00dc35de7a9851eb33fb6fbe20d94d4d32612a2a
de020618ba00c1a723cf7ce18fade73ea0ee4c5ddc05d6eaf9ccea87ebaf6cf6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e040f7040ed36b5be89cedb753ae079b27d1c3a70d06948d4261951c958f0b1a
e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98
e09b2dd8838df37e9abab83c276821dce1d4484bf03e0b2d6bdea6a454e8657d
e09c0bef003154cc4d4fc74048a8b3b61d5a1961c0463fef789b1ecc2bea6dff
e0aa33565d329e1218a6d190b0aa8c20e73d637429df09713949330e4632d7cd
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e33fcd75e8f23bd4e15ab2082cc106c6ed8c6a6c491b11280d8df7818afb585d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4240d53f3c103801982992bf1d459bdd3778b476ef996f2cd92da06d668c295
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
edaea1ade0d27c61fc40916024b87d91f365023df3c0c880c8114b3add281426
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1155babc36d23b8ab96647f5977cc63e50eebe3e48415c8a3ea6cf0a3bdcb70
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
f2b35a1051110619344500a806b8812688a853034982cd74e865b6c57347f96e
f2d8df5d1e57c625a957971d571a7dbccff3ac747d4797e6c1830b630141cdc7
f422efe56fd00e94c49dfbad74dfd0a73e72dcdc632da922b401115b25c6fe67
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
f8e48919c1f242f07f5a269245622483a7fc806b79339601356ded6c0021b9a4
fbbbfa131cfc336e66492225585abaaa19e3ce31e2329a4738d2e9e0446ac8bc
fbdae4a5e845acb71cabb54e61f38111822ad317b5c3d66ac29f90dd8a04e5ad
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc