urlscan.io logo urlscan.io
SecurityTrails logo

ivona.ua Open in urlscan Pro
143.204.98.18  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ivona.ua/
Effective URL: https://ivona.ua/
Submission: On March 29 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 74 IPs in 12 countries across 66 domains to perform 413 HTTP transactions. The main IP is 143.204.98.18, located in United States and belongs to AMAZON-02, US. The main domain is ivona.ua.
TLS certificate: Issued by Amazon on June 27th 2021. Valid for: a year.
This is the only time ivona.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 143.204.98.18 16509 (AMAZON-02)
1 91.198.36.26 43405 (DIGITAL-V...)
13 2a03:90c0:41:... 199524 (GCORE)
1 2a00:1450:400... 15169 (GOOGLE)
40 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 54.37.238.28 16276 (OVH)
11 78.159.118.240 28753 (LEASEWEB-...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 185.187.81.40 43332 (IDSTRATEG...)
17 143.204.215.64 16509 (AMAZON-02)
8 91.198.36.35 43405 (DIGITAL-V...)
24 146.0.227.110 20773 (GODADDY)
11 2a00:1450:400... 15169 (GOOGLE)
1 146.59.30.104 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
1 3 2a03:2880:f12... 32934 (FACEBOOK)
1 185.86.137.114 201081 (SMARTADSE...)
4 185.184.8.65 204995 (RTB-HOUSE...)
2 185.86.138.121 201081 (SMARTADSE...)
6 193.29.200.142 197203 (UMHAS)
2 194.247.175.38 196831 (BEMOBILE-AS)
12 104.16.199.73 13335 (CLOUDFLAR...)
2 142.250.184.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 13 212.8.250.83 49981 (WORLDSTREAM)
1 12 54.38.197.123 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 193.29.200.162 197203 (UMHAS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
4 7 2620:116:800d... 16509 (AMAZON-02)
2 167.71.9.19 14061 (DIGITALOC...)
3 3 3.124.249.183 16509 (AMAZON-02)
1 1 103.229.206.241 30419 (MEDIAMATH...)
2 2 185.180.223.67 49981 (WORLDSTREAM)
2 2 190.2.151.10 49981 (WORLDSTREAM)
1 190.2.153.150 49981 (WORLDSTREAM)
3 194.247.175.19 196831 (BEMOBILE-AS)
28 2a00:1450:400... 15169 (GOOGLE)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 31.220.27.134 39572 (ADVANCEDH...)
1 136.243.84.74 24940 (HETZNER-AS)
1 34.120.139.69 15169 (GOOGLE)
1 2 193.232.150.68 48061 (UMA-TECH-AS)
1 37.18.16.23 205675 (HYBRID-AS)
1 217.65.2.150 29076 (CITYTELEC...)
6 6 195.201.243.71 24940 (HETZNER-AS)
2 2 157.90.179.218 24940 (HETZNER-AS)
4 4 23.111.200.118 7979 (SERVERS-COM)
2 2 144.76.118.233 24940 (HETZNER-AS)
13 142.250.181.226 15169 (GOOGLE)
3 6 54.155.69.185 16509 (AMAZON-02)
2 54.73.39.178 16509 (AMAZON-02)
9 26 142.250.186.130 15169 (GOOGLE)
3 5 2.18.234.21 16625 (AKAMAI-AS)
2 3 185.33.221.15 29990 (ASN-APPNEX)
4 194.247.175.26 196831 (BEMOBILE-AS)
7 2600:9000:224... 16509 (AMAZON-02)
32 52.26.244.156 16509 (AMAZON-02)
5 2a00:1450:400... 15169 (GOOGLE)
1 142.250.186.134 15169 (GOOGLE)
6 142.250.186.66 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 52.29.167.104 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2 35.244.174.68 15169 (GOOGLE)
1 34.98.67.61 15169 (GOOGLE)
1 35.186.253.211 15169 (GOOGLE)
1 1 69.173.144.139 26667 (RUBICONPR...)
1 1 141.95.66.118 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.244.159.8 15169 (GOOGLE)
2 104.89.28.165 16625 (AKAMAI-AS)
3 6 2001:678:cb4:... 56396 (AMOBEE)
3 3 35.190.0.66 15169 (GOOGLE)
3 4 185.94.180.125 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
413 74
17    143.204.98.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-18.fra50.r.cloudfront.net
ivona.ua
1    91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua
i.holder.com.ua
13    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
40    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    54.37.238.28 (France)

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu
gaua.hit.gemius.pl
11    78.159.118.240 (Munich, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com
cdn.umh.ua
z.cdn.umh.ua
10    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zmctrack.net
loadercdn.net
17    143.204.215.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-64.fra53.r.cloudfront.net
i.ivona.ua
8    91.198.36.35 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
h.holder.com.ua
24    146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
11    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu
ls.hit.gemius.pl
3    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
ww251.smartadserver.com
4    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
prebid-eu.creativecdn.com
2    185.86.138.121 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
6    193.29.200.142 (Ukraine)

ASN197203 (UMHAS, UA)
exchange.informer.ua
2    194.247.175.38 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
source.mmi.bemobile.ua
12    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.idealmedia.io
c.idealmedia.io
cdn.idealmedia.io
servicer.idealmedia.io
s-img.idealmedia.io
cm.idealmedia.io
autocounter.idealmedia.io
2    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
3    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
13    212.8.250.83 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.mox.tv
ad.outstream.today
12    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
8    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
1    193.29.200.162 (Ukraine)

ASN197203 (UMHAS, UA)
kolobok.ua
2    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
8    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
2    167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
bgstats.mox.tv
3    3.124.249.183 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-249-183.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    185.180.223.67 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-67.hosted-by-worldstream.net
ad.mediawayss.com
ad.vidverto.io
2    190.2.151.10 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-151-10.hosted-by-worldstream.net
ad.adopx.net
ad.invamia.com
1    190.2.153.150 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
ad.vidver.to
3    194.247.175.19 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
pa.tns-ua.com
28    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com
t.trafmag.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
1    136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de
recreativ.ru
1    34.120.139.69 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 69.139.120.34.bc.googleusercontent.com
dsp-trk.eskimi.com
2    193.232.150.68 (Russian Federation)

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp12.sender.ltmse.com
px.adhigh.net
1    37.18.16.23 (Russian Federation)

ASN205675 (HYBRID-AS, RU)
dm.hybrid.ai
1    217.65.2.150 (Moscow, Russian Federation)

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)
match.new-programmatic.com
6    195.201.243.71 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ingolstadt.aucourant.info
www.acint.net
acint.net
2    157.90.179.218 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: hz1407628.sapientru.net
ssp-rtb.sape.ru
4    23.111.200.118 (Russian Federation)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    144.76.118.233 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.233.118.76.144.clients.your-server.de
exchange.buzzoola.com
13    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net
6    54.155.69.185 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-69-185.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
2    54.73.39.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-39-178.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
26    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
5    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    185.33.221.15 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
4    194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)
sslpagestat.mmi.bemobile.ua
7    2600:9000:2246:cc00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
32    52.26.244.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-26-244-156.us-west-2.compute.amazonaws.com
dt.adsafeprotected.com
5    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
1    142.250.186.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net
ad.doubleclick.net
6    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
3    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    52.29.167.104 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-167-104.eu-central-1.compute.amazonaws.com
d.agkn.com
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    141.95.66.118 (France)

ASN16276 (OVH, FR)
PTR: ns3206961.ip-141-95-66.eu
googlecm.hit.gemius.pl
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
mts0.google.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    104.89.28.165 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-28-165.deploy.static.akamaitechnologies.com
sync.teads.tv
6    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
3    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
Apex Domain
Subdomains		 Transfer
73 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 118
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
676 KB
56 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 61
stats.g.doubleclick.net — Cisco Umbrella Rank: 163
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 246
cm.g.doubleclick.net — Cisco Umbrella Rank: 276
ad.doubleclick.net — Cisco Umbrella Rank: 223
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 332
345 KB
47 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 989
pixel.adsafeprotected.com — Cisco Umbrella Rank: 725
static.adsafeprotected.com — Cisco Umbrella Rank: 717
dt.adsafeprotected.com — Cisco Umbrella Rank: 633
380 KB
37 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 37260
inv-nets.admixer.net — Cisco Umbrella Rank: 3989
215 KB
34 ivona.ua
ivona.ua
i.ivona.ua
500 KB
14 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 42162
bgstats.mox.tv — Cisco Umbrella Rank: 50248
111 KB
13 google.com
adservice.google.com — Cisco Umbrella Rank: 124
www.google.com — Cisco Umbrella Rank: 20
mts0.google.com — Cisco Umbrella Rank: 5175
54 KB
12 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 8098
15 KB
12 idealmedia.io
jsc.idealmedia.io — Cisco Umbrella Rank: 74267
c.idealmedia.io — Cisco Umbrella Rank: 64913
cdn.idealmedia.io — Cisco Umbrella Rank: 108691
servicer.idealmedia.io — Cisco Umbrella Rank: 74022
s-img.idealmedia.io — Cisco Umbrella Rank: 65810
cm.idealmedia.io — Cisco Umbrella Rank: 10485
autocounter.idealmedia.io — Cisco Umbrella Rank: 79433
108 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
279 KB
11 umh.ua
cdn.umh.ua — Cisco Umbrella Rank: 202331
z.cdn.umh.ua — Cisco Umbrella Rank: 216555
6 KB
9 holder.com.ua
i.holder.com.ua — Cisco Umbrella Rank: 212206
h.holder.com.ua — Cisco Umbrella Rank: 217443
9 KB
8 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 211
230 KB
8 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 333
148 KB
7 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 621
cms.quantserve.com — Cisco Umbrella Rank: 1519
2 KB
6 turn.com
ad.turn.com — Cisco Umbrella Rank: 1199
r.turn.com — Cisco Umbrella Rank: 3913
3 KB
6 acint.net
www.acint.net — Cisco Umbrella Rank: 25031
acint.net — Cisco Umbrella Rank: 19407
2 KB
6 bemobile.ua
source.mmi.bemobile.ua — Cisco Umbrella Rank: 130611
sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 132133
25 KB
6 informer.ua
exchange.informer.ua — Cisco Umbrella Rank: 634543
32 KB
6 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 34790
ls.hit.gemius.pl — Cisco Umbrella Rank: 9266
googlecm.hit.gemius.pl — Cisco Umbrella Rank: 9272
15 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 873
4 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 706
2 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 2242
3 KB
4 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4057
www.google.co.uk — Cisco Umbrella Rank: 2638
2 KB
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5878
680 B
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
3 KB
3 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 20993
995 B
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 2105
us-u.openx.net — Cisco Umbrella Rank: 606
716 B
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 316
193 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 322
3 KB
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 115351
4 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 380
2 KB
3 smartadserver.com
ww251.smartadserver.com — Cisco Umbrella Rank: 318094
prg.smartadserver.com — Cisco Umbrella Rank: 1836
990 B
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 94
437 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 98
40 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1260
344 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 893
888 B
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 14364
380 B
2 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 27779
1 KB
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 7758
729 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 1166
43 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 908
696 B
2 zmctrack.net
s.zmctrack.net — Cisco Umbrella Rank: 152784
24 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 188
85 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2956
41 KB
1 yahoo.com
ads.yahoo.com — Cisco Umbrella Rank: 1269
194 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 508
457 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1211
324 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 765
648 B
1 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 31456
215 B
1 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 23485
238 B
1 eskimi.com
dsp-trk.eskimi.com — Cisco Umbrella Rank: 31733
256 B
1 recreativ.ru
recreativ.ru — Cisco Umbrella Rank: 108028
62 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3754
242 B
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 8335
351 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 64600
483 B
1 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 51053
546 B
1 invamia.com
ad.invamia.com — Cisco Umbrella Rank: 68325
563 B
1 adopx.net
ad.adopx.net — Cisco Umbrella Rank: 70452
577 B
1 outstream.today
ad.outstream.today — Cisco Umbrella Rank: 69455
593 B
1 mediawayss.com
ad.mediawayss.com — Cisco Umbrella Rank: 67181
614 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 645
736 B
1 kolobok.ua
kolobok.ua
8 KB
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 314652
169 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 521
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 132
37 KB
413 66
Domain Requested by
40 pagead2.googlesyndication.com ivona.ua
pagead2.googlesyndication.com
cdn.admixer.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
ad.doubleclick.net
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
www.googletagservices.com
32 dt.adsafeprotected.com googleads.g.doubleclick.net
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
ivona.ua
28 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
ivona.ua
ad.doubleclick.net
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
26 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
ivona.ua
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
24 inv-nets.admixer.net cdn.admixer.net
ivona.ua
ad.mox.tv
17 i.ivona.ua ivona.ua
17 ivona.ua 1 redirects ivona.ua
cdnjs.cloudflare.com
13 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
ivona.ua
13 cdn.admixer.net ivona.ua
cdn.admixer.net
12 a4p.adpartner.pro 1 redirects h.holder.com.ua
a4p.adpartner.pro
ivona.ua
12 ad.mox.tv 1 redirects ivona.ua
ad.mox.tv
10 z.cdn.umh.ua cdn.umh.ua
10 fonts.gstatic.com fonts.googleapis.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
ivona.ua
8 www.googletagservices.com ad.mox.tv
googleads.g.doubleclick.net
fw.adsafeprotected.com
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
8 www.google.com ivona.ua
tpc.googlesyndication.com
googleads.g.doubleclick.net
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
8 h.holder.com.ua i.holder.com.ua
ivona.ua
8 cdnjs.cloudflare.com ivona.ua
cdnjs.cloudflare.com
7 static.adsafeprotected.com googleads.g.doubleclick.net
pixel.adsafeprotected.com
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
6 googleads4.g.doubleclick.net ad.doubleclick.net
googleads.g.doubleclick.net
6 fw.adsafeprotected.com 3 redirects googleads.g.doubleclick.net
6 exchange.informer.ua h.holder.com.ua
exchange.informer.ua
5 cms.quantserve.com 4 redirects googleads.g.doubleclick.net
5 fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 sslpagestat.mmi.bemobile.ua source.mmi.bemobile.ua
4 ads.betweendigital.com 4 redirects
4 www.acint.net 4 redirects
4 prebid-eu.creativecdn.com cdn.admixer.net
4 gaua.hit.gemius.pl 1 redirects ivona.ua
gaua.hit.gemius.pl
4 fonts.googleapis.com ivona.ua
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
3 ads.travelaudience.com 3 redirects
3 r.turn.com ivona.ua
3 ad.turn.com 3 redirects
3 s-img.idealmedia.io ivona.ua
3 s0.2mdn.net googleads.g.doubleclick.net
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 pa.tns-ua.com source.mmi.bemobile.ua
pa.tns-ua.com
ivona.ua
3 x.bidswitch.net 3 redirects
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.co.uk pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 www.facebook.com 1 redirects ivona.ua
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
a4p.adpartner.pro
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 cm.idealmedia.io jsc.idealmedia.io
2 mts0.google.com fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
2 id.rlcdn.com 2 redirects
2 www.gstatic.com fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
2 cdn.idealmedia.io ivona.ua
2 pixel.adsafeprotected.com googleads.g.doubleclick.net
2 exchange.buzzoola.com 2 redirects
2 acint.net 2 redirects
2 ssp-rtb.sape.ru 2 redirects
2 px.adhigh.net 1 redirects ivona.ua
2 bgstats.mox.tv ivona.ua
2 pixel.quantserve.com ivona.ua
ad.mox.tv
2 unpkg.com ad.mox.tv
2 partner.googleadservices.com pagead2.googlesyndication.com
2 jsc.idealmedia.io i.holder.com.ua
jsc.idealmedia.io
2 source.mmi.bemobile.ua h.holder.com.ua
source.mmi.bemobile.ua
2 prg.smartadserver.com cdn.admixer.net
2 s.zmctrack.net ivona.ua
2 connect.facebook.net ivona.ua
connect.facebook.net
2 stackpath.bootstrapcdn.com ivona.ua
1 ads.yahoo.com googleads.g.doubleclick.net
1 autocounter.idealmedia.io ivona.ua
1 googlecm.hit.gemius.pl 1 redirects
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 d.agkn.com googleads.g.doubleclick.net
1 servicer.idealmedia.io jsc.idealmedia.io
1 ad.doubleclick.net www.googletagservices.com
1 c.idealmedia.io jsc.idealmedia.io
1 match.new-programmatic.com ivona.ua
1 dm.hybrid.ai ivona.ua
1 dsp-trk.eskimi.com ivona.ua
1 recreativ.ru ivona.ua
1 s.uuidksinc.net ivona.ua
1 t.trafmag.com ivona.ua
1 ad.vidver.to ivona.ua
1 ad.vidverto.io 1 redirects
1 ad.invamia.com 1 redirects
1 ad.adopx.net 1 redirects
1 ad.outstream.today 1 redirects
1 ad.mediawayss.com 1 redirects
1 sync.mathtag.com 1 redirects
1 kolobok.ua exchange.informer.ua
1 www.google.co.uk ivona.ua
1 stats.g.doubleclick.net www.google-analytics.com
1 loadercdn.net ivona.ua
1 ww251.smartadserver.com cdn.admixer.net
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 cdn.umh.ua ivona.ua
1 cdn.jsdelivr.net ivona.ua
1 www.googletagmanager.com ivona.ua
1 i.holder.com.ua ivona.ua
413 99
Subject Issuer Validity Valid
ivona.ua
Amazon		 2021-06-27 -
2022-07-26		 a year crt.sh
holder.com.ua
R3		 2022-02-07 -
2022-05-08		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2021-06-08 -
2022-06-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
cdn.umh.ua
R3		 2022-02-08 -
2022-05-09		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-01-05 -
2022-04-05		 3 months crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-21 -
2022-04-25		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
exchange.informer.ua
R3		 2022-03-10 -
2022-06-08		 3 months crt.sh
*.mmi.bemobile.ua
Sectigo RSA Domain Validation Secure Server CA		 2022-01-14 -
2023-02-03		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
loadercdn.net
R3		 2022-02-11 -
2022-05-12		 3 months crt.sh
ad.mox.tv
R3		 2022-01-30 -
2022-04-30		 3 months crt.sh
adpartner.pro
R3		 2022-01-10 -
2022-04-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
kolobok.ua
R3		 2022-03-14 -
2022-06-12		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
bgstats.mox.tv
R3		 2022-01-29 -
2022-04-29		 3 months crt.sh
juke.mmi.tns-ua.com
R3		 2022-03-08 -
2022-06-06		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA		 2021-06-10 -
2022-06-22		 a year crt.sh
uuidksinc.net
R3		 2022-03-21 -
2022-06-19		 3 months crt.sh
*.recreativ.ru
Thawte RSA CA 2018		 2021-08-23 -
2022-09-06		 a year crt.sh
*.eskimi.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-04-12 -
2022-05-13		 a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA		 2020-07-07 -
2022-10-05		 2 years crt.sh
new-programmatic.com
R3		 2022-01-21 -
2022-04-21		 3 months crt.sh
fw.adsafeprotected.com
Amazon		 2021-08-11 -
2022-09-09		 a year crt.sh
static.adsafeprotected.com
Amazon		 2021-09-05 -
2022-10-04		 a year crt.sh
dt.adsafeprotected.com
Amazon		 2021-11-19 -
2022-12-18		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-21 -
2022-05-11		 2 months crt.sh

This page contains 47 frames:

Primary Page: https://ivona.ua/
Frame ID: 2BE557D2E8E49D0EBC86D5C6A6A33FDE
Requests: 199 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44714/c.html?b=44714
Frame ID: 9D4809E331BC87CCF7F87544E138D22E
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 8A2C2D0186874544BA0E0D7FD3D3D50C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44714/c.html?b=44714
Frame ID: E5174B9BA2E653B9E606A092B52FA25E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220324/r20190131/zrt_lookup.html
Frame ID: 72BBC348A8A0FFD79AD4C8F098C2F525
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: D90864A4CD493533DF6BB6DA24752103
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44714/c.html?b=44714
Frame ID: FCDBC4AB17700E67A9628FD040832504
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44714/c.html?b=44714
Frame ID: 9FAC33E006D7FF4FA214F91F129CFD01
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44714/c.html?b=44714
Frame ID: A788DDECD90FC67A8861D004630323CF
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=kolobok
Frame ID: B6662C50CE85B345FFE386F9BF9B0094
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1648526572&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fivona.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572255&bpp=3&bdt=606&idt=308&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6558247461018&frm=20&pv=2&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=676794910&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C44761044%2C31065741%2C31065859%2C31063247&oid=2&pvsid=3184350614233474&pem=967&tmod=1217976993&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=323
Frame ID: 59560EE92AF53444767783E613150F0B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 9B3B0A07FD6CBE755E2372C4BC59B84A
Requests: 8 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=e0f56bea-2b5d-43f6-8da9-ba8578653ecd&session_pageview=1&session_id=6cd0e4a5-d984-4d13-b7f8-9a0f01800667&site_visited=1&location=https%3A%2F%2Fivona.ua%2F&referer=
Frame ID: 9D251E7F889BFB1329BD706CBDC19469
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7161&unit_id=7161&shown=&session_pageview=1&session_id=6cd0e4a5-d984-4d13-b7f8-9a0f01800667&site_visited=1&apuid=e0f56bea-2b5d-43f6-8da9-ba8578653ecd&width=300&screen_width=1600&reload_count=0&banner_num=1648526572779379090&is_in_viewport=1&ref=&location=https%3A%2F%2Fivona.ua%2F
Frame ID: 9F100DC303F3DB9CA90B25E0729B5CFE
Requests: 3 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 8EDDF6264A6AA9D566643FBD7EF32F7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Frame ID: B4148B432034644F3105F4BB136EC7F2
Requests: 43 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22e0f56bea-2b5d-43f6-8da9-ba8578653ecd%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A965090%2C%22cost%22%3A0.000131529%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225149cfce-77e4-4963-89e7-b7e287d88dee%22%7D%5D%2C%22unit_id%22%3A7161%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fivona.ua%252F%22%7D
Frame ID: 97B40D26725E2444A9361DD58403EFC7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B37B89281958930ADC46B43DB1757B87
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 961783A1020CDB3D8448C27689671EE9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGJf4hMYBMAE&v=APEucNULusoxs0UDQsZaJOkdIBmIS5haWUQ-yZ1BCbh1xDSgvp6u0Y_SBthB-zxfOgM9BJnqgQT3DutegqCcOCqgYqkJn2ZNtdonwY7UPrcECOPwIs-nAcbgGD1EhhX5MXVYFCEvsmJJCiixEW0DUHm5nkXAgSt_d_Qq5jrlS6nBmJqlDasScXM
Frame ID: AFD7E4850D46D08813476379F076CCCC
Requests: 5 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: D2A37FEBF54E19EAEEE4DF8D12BB812D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AB7842981454E9688277DA2BB5B1B3B7
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: D60458189A259DF55AFD3FEF420E94A0
Requests: 1 HTTP requests in this frame

Frame: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AC25FA0BB09F94D56D0F538342B751A5
Requests: 1 HTTP requests in this frame

Frame: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F7C5030AE6120A5E4F617E6B6B20A4F5
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 06A66A1F667856633AC385EEA6047E32
Requests: 8 HTTP requests in this frame

Frame: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C287BAFD5FA2B4DAE525E4A217F0F6AB
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 856697BE549259494C369B39A5281357
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMY76qExAEwAQ&v=APEucNWwr6ffytdEVj_4oXM0fkP7ZWMDcPSV19-zfjmTIMKpsXIwWm5rs3tqEB1oHoO1A0CzDZPeZotBSFESgIX3dODCx9O5cNbY1Vfvc0U7KrzG-CRoCqAxJEuYQfdFlP-I6KOos_RqYxLVt9YnkiJxa_gLgkEK0A76Ebph1tYUh_x-30_W2fQ
Frame ID: F1512E3C1703D670BEBF2138D757888D
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 4A0700FC8842D60F576E12CDA3804887
Requests: 1 HTTP requests in this frame

Frame: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F0165606B41975661913979EE27626B7
Requests: 18 HTTP requests in this frame

Frame: https://cm.idealmedia.io/i-noref.js?cbuster=1648526574317794718319
Frame ID: D12A941234E775E117F1ECB094A98B2B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5906E9307627BF215E00AD4481360B90
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E24535CF49E62BA38B7AAD79627A4FCF
Requests: 3 HTTP requests in this frame

Frame: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FD12EBB1923A42621179B8503EA5F564
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 668851C0DDADF319902BAD48013D7604
Requests: 5 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 65926F4E8F5F8B2A6250FD7CEBCB952B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Frame ID: CF0945BF13136A2C45D07F565FA18E13
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CDDD710DA2168704904A93DC72667517
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMY76qExAEwAQ&v=APEucNUePJvSoH90TCOuWPjvsdw4Gp2OS1mHf7bNiHVeYn8rlpeWU2rfLu64awQ_x7s2tdk5piyy9kmBLFW3GawNgDQe61PMV5uiLfhuSIZ2493AFYuCLLcBAYD5dVkIxx9LwSsM5Sv5TRGr4Cv5zbrLQz-WfXXB6XWXh-ODHdBV2SinhJPVi_k
Frame ID: 59373D01DABCF125318EA20B23B3EE25
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Frame ID: 2E94358137CA258CE8310E21031782DA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4CE00A92598CF2CDA371D92BE4E78F63
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6577151AEC44145339AD82F11A1C13F2
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 5D56E02DEC73CD725A0E55E136AEC6C6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df314725eace276%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff1dc7bb952519c%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline
Frame ID: F00DC36764EA3EB12C9DD157B89110F7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7BA7538121FCA96F2C008BE64D4AE419
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AB01F87BE9E7C28C3D6697569A332B27
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Женский журнал IVONA

Page URL History Show full URLs

  1. http://ivona.ua/ HTTP 301
    https://ivona.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

413
Requests

92 %
HTTPS

33 %
IPv6

66
Domains

99
Subdomains

74
IPs

12
Countries

3639 kB
Transfer

8528 kB
Size

116
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ivona.ua/ HTTP 301
    https://ivona.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110
  • https://gaua.hit.gemius.pl/_1648526572620/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=345&lsdata=sNbQKnyu1dGOT1M7dbyVXf4LvlJaPIS5jnivQbpZClf.X78WDGq5Qyb51wn0oez1Y1C5Kp1wKyFFP9Jfop7f5u11QqHl/g.ZuIw9Ym2g.x/&fpdata=4A8rou0YZibwa3V1ArSLsyUdxPlruNx3MCji8eS7RL..p7&vis=1&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1648526572620/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=345&lsdata=sNbQKnyu1dGOT1M7dbyVXf4LvlJaPIS5jnivQbpZClf.X78WDGq5Qyb51wn0oez1Y1C5Kp1wKyFFP9Jfop7f5u11QqHl/g.ZuIw9Ym2g.x/&fpdata=4A8rou0YZibwa3V1ArSLsyUdxPlruNx3MCji8eS7RL..p7&vis=1&fpcap=
Request Chain 145
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=3106066f-55c1-4e5f-bfc3-24134808b296&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=3106066f-55c1-4e5f-bfc3-24134808b296&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3D3a0db163-c932-48bd-84d4-48775b180e5c&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=77576242-84ee-4b00-9ff6-e5ec22d80b65&expires=30&ssp=prodoohmox&bsw_param=3a0db163-c932-48bd-84d4-48775b180e5c&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.mox.tv/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c HTTP 302
  • https://ad.mediawayss.com/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8= HTTP 302
  • https://ad.outstream.today/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw== HTTP 302
  • https://ad.adopx.net/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
  • https://ad.invamia.com/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
  • https://ad.vidverto.io/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=YWQudmlkdmVyLnRv HTTP 302
  • https://ad.vidver.to/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=
Request Chain 166
  • https://px.adhigh.net/p/cm/adpdigital HTTP 302
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
Request Chain 169
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007FED8442623200ACA502002C22&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FED844262C307785B024304CC
Request Chain 170
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007FED8442623600C8A40274D635&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FED844262C307785B024304CC
Request Chain 171
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=a71929b6-60de-5158-a8b7-46cecaf5c223
Request Chain 172
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c496122b-ef93-5158-ab1e-7dfcc95cf911
Request Chain 173
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=52d114a3-bc6f-460e-6a30-d323a1ff280f
Request Chain 174
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=cba59736-afbc-4882-6ae8-3b9bfcc0c97a
Request Chain 175
  • https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id} HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLFA65zAXwWnX37xhRfv0s&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLFA65zAXwWnX37xhRfv0s&google_cver=1&C=1
Request Chain 196
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkKE7Z46PoB8N0qwNdGtnAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLFA65zAXwWnX37xhRfv0s&google_cver=1
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKMnzl0bnC3Z0gQNhu93Omk&google_cver=1
Request Chain 198
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0NjM4MDQ5NDQ4OTQ0OTkxNg%3D%3D
Request Chain 209
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/995085/61697697/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fivona.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fivona.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3755662197386269%26output%3Dhtml%26h%3D90%26slotname%3D1162504554%26adk%3D739537396%26adf%3D2751417948%26pi%3Dt.ma~as.1162504554%26w%3D728%26psa%3D0%26format%3D728x90%26url%3Dhttps%253A%252F%252Fivona.ua%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1648526572785%26bpp%3D3%26bdt%3D98%26idt%3D131%26shv%3Dr20220324%26mjsv%3Dm202203240101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D6c7be81ad532e759-228c3fdc67cd00a9%253AT%253D1648526572%253ART%253D1648526572%253AS%253DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog%26correlator%3D6558247461018%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D865945863.1648526572%26ga_sid%3D1648526573%26ga_hid%3D360553944%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D5%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D4020834182%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760474%252C31065921%26oid%3D2%26pvsid%3D3509201282370956%26pem%3D967%26tmod%3D70198816%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.6dmv0lolheqd%26fsb%3D1%26dtd%3D143&adsafe_type=d&adsafe_jsinfo=,id:b594bdda-c9c7-30cb-171d-ebe628589393,c:8dGSiG,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-79447dc6f8-k57rp,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.995085-61697697%7C1i11%7C1i12%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m%7C1n,idMap:1i1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:1b9a65ba-af15-11ec-b13a-66057b3a6667,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://www.googletagservices.com/dcm/dcmads.js
Request Chain 279
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL4aGG73N_OTqtATZLG6dYZt_DpMKlStyk2Sim4tIatFobdXW9fewYeaiuAppWr-JmIlo6U48u5wbR7M0CbCv39Yw6KcRub&google_gid=CAESEKTY4QJsaPwDketEett79rY&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO6JipIGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMNGFHRzczTl9PVHF0QVRaTEc2ZFladF9EcE1LbFN0eWsyU2ltNHRJYXRGb2JkWFc5ZmV3WWVhaXVBcHBXci1KbUlsbzZVNDh1NXdiUjdNMENiQ3YzOVl3NktjUnVi HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwOUowUW9ibHhqR3hlbHRzakhiaG04dnhEV3puNHhTUlYtT3VNdXRlRHM4TQ==&google_push
Request Chain 282
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENJLgv0CHiwTVHefV6Aos-4&google_cver=1&google_push=AYg5qPJgw4RrthurddmfmCxza4M2Y6Fk4GRb2daoZa1lVAHj1Zh17LUQ-abbf761fRup-CgnbHZ3-BWG4k5H5d0qIT_DLo1hAd9s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTTVQTlEtVC1LVjYz&google_push=AYg5qPJgw4RrthurddmfmCxza4M2Y6Fk4GRb2daoZa1lVAHj1Zh17LUQ-abbf761fRup-CgnbHZ3-BWG4k5H5d0qIT_DLo1hAd9s
Request Chain 283
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENFNxC-7F1mpi28PtcjBrc8&google_cver=1&google_push=AYg5qPJYW_GMLYZUUb9-_EPthoONAHkSm_wxji5XeFOWHFAiUFWUekttj-W9tdt7B1mPshfxz55FYSW0XldpOFhn3DuXQaCw7KCALQ HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJYW_GMLYZUUb9-_EPthoONAHkSm_wxji5XeFOWHFAiUFWUekttj-W9tdt7B1mPshfxz55FYSW0XldpOFhn3DuXQaCw7KCALQ&google_hm=gicbztikdyzysdlhyzmwwpsjyqor
Request Chain 291
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENfEJu0cHpsfMDKVQV7l3Gk&google_cver=1
Request Chain 293
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEAGJnbHQTm9aUo1AmzMmY2M&google_cver=1
Request Chain 332
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1&google_push=AYg5qPIueJk7nSjCjhbJZV9Yrrl0-skWwJI7imI_EtU0jddb5Q1mIXGtD9neVgnoLGtAEA90J4V9r29lT3MsIRGZZqazLKIp0uUf HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQxMzY4NDMwNzY1NjkwNzU1Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1
Request Chain 333
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC_9F3E5bhidDqy8MDN3ywY&google_cver=1&google_push=AYg5qPKcmV5Ve3SkwJFOmNaCsV46SuBczMoqcJYafBEWoNgzbRRpW16uV0FX3j82fqemXn3nyHM0jO_L8YaB71K6At9lvnnmoDse HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKcmV5Ve3SkwJFOmNaCsV46SuBczMoqcJYafBEWoNgzbRRpW16uV0FX3j82fqemXn3nyHM0jO_L8YaB71K6At9lvnnmoDse&google_hm=v6yOJjayfSGIBeLk0CjKoA
Request Chain 334
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEL8uMn8AixWqpeUaab1YK5o&google_cver=1&google_push=AYg5qPJh4GzUZeIGrsxqc-bs4mGPUMrji4vSDnszzI_A8Ofdh1slCe495ZR2SCAbPAc6b8ouJyjcqZWjKNMBNIlXZV-UEshmokA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qXqiHOiZSMa_gIIaQa98Tw2&google_push=AYg5qPJh4GzUZeIGrsxqc-bs4mGPUMrji4vSDnszzI_A8Ofdh1slCe495ZR2SCAbPAc6b8ouJyjcqZWjKNMBNIlXZV-UEshmokA
Request Chain 340
  • https://fw.adsafeprotected.com/rfw/st/974135/61365881/4.js?ias_dspID=3&ias_campId=27188786&ias_pubId=pub-3191289882045155&ias_chanId=1&ias_placementId=16513943423&bidurl=https://ivona.ua/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0j-THRc0bOCfZ8vfZKsMxG-&adContainerId=gcc_7oRCYor_DIqNrASw4YnIDA&cbFunctionName=goog_wrapCb_7oRCYor_DIqNrASw4YnIDA&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fivona.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ffb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ffb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:bf8a5836-cc21-8006-4566-fa89611e085b,c:8dGSyM,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-79447dc6f8-lschg,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:2,fm:t1rjvkC+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1i14%7C1i151%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p*.974135-61365881%7C1p1%7C1p2%7C1p3%7C1q1%7C1r%7C1s%7C1t,idMap:1p*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:19,oid:1c2cba13-af15-11ec-89bf-2e2365144d76,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 357
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1&google_push=AYg5qPLhV9MPh342SPVCCQAK6h_qCHOJNTzRlFznGiURUcVFMfIkd_J4SeNKLrWojrSZ3k0drQVwJ9uFaXotXqc4kPm4hMXHzfLc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQxMzY4NDMwNzY1NjkwNzU1Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1
Request Chain 358
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC_9F3E5bhidDqy8MDN3ywY&google_cver=1&google_push=AYg5qPKeYBll0CUxSKFzyAzjbPW835P_TsA6PiKDWSfyIJHVuGngQd78pkZawB9M377QaNB49QLskPSubbnPxfLRttSzlUU680Es HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKeYBll0CUxSKFzyAzjbPW835P_TsA6PiKDWSfyIJHVuGngQd78pkZawB9M377QaNB49QLskPSubbnPxfLRttSzlUU680Es&google_hm=v6yOJjayfSGIBeLk0CjKoA
Request Chain 359
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEL8uMn8AixWqpeUaab1YK5o&google_cver=1&google_push=AYg5qPKA_7S8qfekIUJjnJHglnLb7dxm6iSSvfnszIbw2XTMb6SNQ1ugG0NSq6hK6ey6EzWOjBbAIFk0I4zWWL8au7tvU2x_aTgP HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qXqiHOiZSMa_gIIaQa98Tw2&google_push=AYg5qPKA_7S8qfekIUJjnJHglnLb7dxm6iSSvfnszIbw2XTMb6SNQ1ugG0NSq6hK6ey6EzWOjBbAIFk0I4zWWL8au7tvU2x_aTgP
Request Chain 365
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1&google_push=AYg5qPLoRn2Xa0GjOSLHSsWHhdhYIK_1DrEAEMjWsW84vF6ciN875jg6VhcVD0McEsHqcPLiTPbu5tIHKeAk0ZCyi9_zja9LoKWF2g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQxMzY4NDMwNzY1NjkwNzU1Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1
Request Chain 366
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC_9F3E5bhidDqy8MDN3ywY&google_cver=1&google_push=AYg5qPLZ6gP5cJ5yWJIzDPg7LdUCAb7J_APkxk5ILk7C913GI29V2MhfiTFi-xliQr9ogBSGOTaTuWBXlL7JHXWUBdScfJH5zfry HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLZ6gP5cJ5yWJIzDPg7LdUCAb7J_APkxk5ILk7C913GI29V2MhfiTFi-xliQr9ogBSGOTaTuWBXlL7JHXWUBdScfJH5zfry&google_hm=v6yOJjayfSGIBeLk0CjKoA
Request Chain 367
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEL8uMn8AixWqpeUaab1YK5o&google_cver=1&google_push=AYg5qPIbDHlEOfsuh5KuIzcjVEWuTpGEnT4VsTHmmJj3tgEU84WsdHqz8pHs59f3NkWZFWowNxtC6olO_irCn23ZM-GXOGlLl0ZUdg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qXqiHOiZSMa_gIIaQa98Tw2&google_push=AYg5qPIbDHlEOfsuh5KuIzcjVEWuTpGEnT4VsTHmmJj3tgEU84WsdHqz8pHs59f3NkWZFWowNxtC6olO_irCn23ZM-GXOGlLl0ZUdg
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOjSXvVZIlSkpXqhRmw78wk&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOjSXvVZIlSkpXqhRmw78wk&google_cver=1&__user_check__=1&sync_id=1c954de7-af15-11ec-b03b-11372f1a0406
Request Chain 370
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=1c9543c7-af15-11ec-b9bb-1ac857eb0406 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MWM5NTRkYTUtYWYxNS0xMWVjLWIwM2ItMTEzNzJmMWEwNDA2
Request Chain 383
  • https://fw.adsafeprotected.com/rfw/st/974135/61365881/4.js?ias_dspID=3&ias_campId=27188786&ias_pubId=pub-8610050614645263&ias_chanId=1&ias_placementId=16506055354&bidurl=https://ivona.ua/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0grsgzL0V9Cbp2U8q6TOlQz&adContainerId=gcc_7oRCYq63KbmDjuwPzbessAw&cbFunctionName=goog_wrapCb_7oRCYq63KbmDjuwPzbessAw&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x250.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fivona.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ffb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ffb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:66fcae39-460a-8b26-a67b-cefd63296064,c:8dGSG4,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-79447dc6f8-pbksw,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1,nbld:0,mtim:3,fm:t1rjvrL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1p21%7C1p3%7C1p4%7C1q1%7C1q2%7C1r%7C1s1%7C1s2%7C1t*.974135-61365881%7C1t1%7C1t2%7C1t3,idMap:1t*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:28,oid:1c747202-af15-11ec-91c0-46c55e05bba5,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js
Request Chain 392
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC_9F3E5bhidDqy8MDN3ywY&google_cver=1&google_push=AYg5qPKFiz8-SpIClqgK-AotpXq30Kq4k6gTmGzuYRrCbbVuK0pVZGGLk_MxtvhZlT_1mr9MAB9oim3TDZVMxoGNJuu_AcC6TS4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKFiz8-SpIClqgK-AotpXq30Kq4k6gTmGzuYRrCbbVuK0pVZGGLk_MxtvhZlT_1mr9MAB9oim3TDZVMxoGNJuu_AcC6TS4&google_hm=v6yOJjayfSGIBeLk0CjKoA
Request Chain 398
  • https://www.facebook.com/v3.1/plugins/page.php?adapt_container_width=true&app_id=1797034293858937&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df314725eace276%26domain%3Divona.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fivona.ua%252Ff1dc7bb952519c%26relation%3Dparent.parent&container_width=320&height=600&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FIvona.bigmir.net%2F&locale=uk_UA&sdk=joey&show_facepile=true&small_header=true&tabs=timeline HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df314725eace276%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff1dc7bb952519c%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline

413 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ivona.ua/
Redirect Chain
  • http://ivona.ua/
  • https://ivona.ua/
101 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
b4401a7763fab4e88135158911f68155723d4064a51740d9b4a89446fe98a077

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

content-type
text/html; charset=UTF-8
server
nginx
date
Tue, 29 Mar 2022 03:59:44 GMT
cache-control
public, max-age=300
content-encoding
gzip
x-cache
Hit from cloudfront
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
8FtWsBlDwpmeLIzKZlrvP-JnpiN95qxFqg505u9ESa1vWgHX_IkgjQ==
age
235

Redirect headers

Server
CloudFront
Date
Tue, 29 Mar 2022 04:02:51 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://ivona.ua/
X-Cache
Redirect from cloudfront
Via
1.1 9ab847fabb8c9edbd39cff57c2a2f4c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
__mQeL9DKnVP170gYMWDswtSLwN6XemnvTU7REknlMqbgK3wPR_EpA==
holder.js
i.holder.com.ua/t/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.holder.com.ua/t/holder.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
i1.i.ua
Software
nginx /
Resource Hash
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:51 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2017 14:14:15 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Wed, 29 Mar 2023 04:02:51 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
49bf127b8aa313b260af91ab55a98cab24fcdef75b3a1790d2463b05e28bc452

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Tue, 29 Mar 2022 04:02:51 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 09:50:45 GMT
server
nginx
etag
W/"624184f5-2c0e6"
x-cached-since
2022-03-29T03:55:15+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Mon, 28 Mar 2022 10:02:58 GMT
js
www.googletagmanager.com/gtag/ 		95 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-206274582-1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
70bfc1c96f8c5227c62c6e519741e52083222743d6d55ae2887ff3cc20d16d10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37813
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 29 Mar 2022 04:02:52 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8233613c0e307e4d2e9c46e7b33888ec40c835a2eec32b8b39233338aa478fb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53854
x-xss-protection
0
server
cafe
etag
11712767476763946528
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Mar 2022 04:02:52 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0258e66eddc5ec291e7b9089c7c1897ae1b38c693f5627aaa3911f83d83d26e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 04:02:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 29 Mar 2022 04:02:51 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Mar 2022 04:02:51 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 		56 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
461377
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10022
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-de0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dlaraIu9kFFN8SfJUdCCQwKCHgYvxB6VBS9CQHmLaTc21YqL18mvgxkb7xPagRHVFU76ORDte4bJpICGey3xmGy6RTw2OujnEyMvTDaUuCXtpkLQMs33VxNcxjTudJeFhS87p%2BuN812j4wOQHM0yQKkg"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f35b661af090221-ZRH
expires
Sun, 19 Mar 2023 04:02:51 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
1171011
cdn-cachedat
12/27/2021 07:28:05
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c93bb13724f1916e0ec0f105adc4675a
cf-ray
6f35b661ac0b01eb-ZRH
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
v10
ivona.ua/css/style.css/ 		77 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/css/style.css/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
2c87d3e2f818ba84a6d76a422499b997d743c05d936adfd84539290a8f0fec42

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:24 GMT
content-encoding
gzip
age
4120718
x-cache
Hit from cloudfront
last-modified
Wed, 09 Feb 2022 11:22:20 GMT
server
nginx
etag
W/"6203a3ec-13503"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
*
x-amz-cf-id
WH6JMPWD7yZnFFYzYAUb9GmsB8KI-tRm_oG9zDvM8qUcFoyzh7Me3w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v10
ivona.ua/a-custom/custom.css/ 		970 B
839 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/a-custom/custom.css/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
8c49566661e25a56098710ae7c23c306a8cd94bf3ac3614686aa7f9a3afb1c32

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:24 GMT
content-encoding
gzip
age
4120719
x-cache
Hit from cloudfront
last-modified
Mon, 11 Oct 2021 09:24:29 GMT
server
nginx
etag
W/"616402cd-3ca"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
*
x-amz-cf-id
0G3vW2D88WFRlfDxJEfoHYuOLLOaZEXh7Iw2-69X73euHX5PrcvdYA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1666403
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQ068rKpuuCOAYw7QMHVtf4aM%2FLJf9fRxSxfhjvBPwWJYeuyz2qjKRN%2Fo5%2F77qHQNWJji9vln6mRaWkA3qAICR23APif0rIhjNHAR7S%2Bs3bKNEZC5VOjs2t7Hrit26s7LVUAZELbsN4VnYr2egiLW0q6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f35b661af0a0221-ZRH
expires
Sun, 19 Mar 2023 04:02:51 GMT
630x283.png
ivona.ua/img/ 		130 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/630x283.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
7b4b07d23354c543dc43e161b5abe841f026ebaf1d53ac0cce0e3884b970f871

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 20:57:57 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
age
2963110
x-cache
Hit from cloudfront
content-length
130
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-82"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
jBNqej5DHxdVLjtdIiaRvWvjiCcbNcpEJGxvKTt7TAPgff5apZwi7w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
4x3.png
ivona.ua/img/ 		96 B
552 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/4x3.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
a10e7064bf6a788c67304be2dacba454fca986a3bac0d0de71c79fb6a54bd1bc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:26:19 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
age
18462772
x-cache
Hit from cloudfront
content-length
96
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-60"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
LX1Hkj49iJf5LkQ2QTC_aLwFqXe4XlMFzx9fJItUqtXwQrsPt12o3g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
382287
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6646
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xoecok3fOqWgkEY8pkhGSm%2BTLVSHhDanDYETGGTILzmONsnYurLnb495uJOv0Um0MeqrnVJ2jfWOUHzZSrMTQFpCME%2Fc7pR%2Fw4FPXw9A1gzbPOTwa3OrcrfA3WgxU6lXroxEIVw5y7h2MRVD%2F%2FIUsGfr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f35b662795ccc4e-ZRH
expires
Sun, 19 Mar 2023 04:02:51 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
1784686
cdn-cachedat
2021-08-02 21:50:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
b15417b2c98f73e0910f14703189176f
cf-ray
6f35b662dfc02355-ZRH
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
458525
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19249
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-10a9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L9kSQFN981txm1%2FIKdIuExEhgOuBmM4SROvvk2dc1fbWi0wJnB1Fg7jX%2BNCLGCfSlYzFc4VLTUCy2ax7APN2VpON9eIJrJFYtEVDGiQrvi8VtE9LHNh4Rlo5tK9OWCxEDeV%2B1S3WaPxMNbXu5UBIaxjB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f35b662fa180219-ZRH
expires
Sun, 19 Mar 2023 04:02:51 GMT
lazyload.js
cdn.jsdelivr.net/npm/lazyload/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lazyload/lazyload.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
188
x-jsd-version
2.0.0-rc.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19133-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6f35b6634bb7cc5a-ZRH
v10
ivona.ua/js/theme-script.min.js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/js/theme-script.min.js/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
6056ffc424715134bc8cb5583ce0af5e2bb6c2eb772550a0519e1afd163eb4d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:25 GMT
content-encoding
gzip
age
4120718
x-cache
Hit from cloudfront
last-modified
Wed, 09 Feb 2022 11:22:20 GMT
server
nginx
etag
W/"6203a3ec-693"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
*
x-amz-cf-id
54z3vao3TD3KD2GYjxuocl4vztE8PxAoaSbu5c2dVbKWAMtVl8DjFw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v10
ivona.ua/js/banner-index.js/ 		2 KB
815 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/js/banner-index.js/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
24b8dee038e42eb0a35f5f2250385a6e7821a0410a4c55f4afaab79dad56b470

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:25 GMT
content-encoding
gzip
age
4120718
x-cache
Hit from cloudfront
last-modified
Sat, 21 Aug 2021 13:24:17 GMT
server
nginx
etag
W/"6120fe81-725"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
*
x-amz-cf-id
Ns5YEzuPSqhGb2IoMCCRAslUsF-03TjNr68Tg7fbjZHO491V9cA2qg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
article-stat-v2.js
ivona.ua/click/js/ 		976 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/click/js/article-stat-v2.js?8
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:03:40 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Mon, 29 Apr 2019 05:26:10 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"5cc68af2-3d0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
x-cache
Miss from cloudfront
accept-ranges
bytes
access-control-allow-headers
*
content-length
976
x-amz-cf-id
gERA6Jj69tVHeDmPJWT6xSpgqGOx6LvIAAi9G3blq2ykotKFFRZqwg==
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
982404
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
591
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8Hu3jVM36HYY7i%2Bs0cF5%2BVKAUZAvomut2G%2BWySIYDWVE0TupO5JmKXsh1G3AJAceqj312x9Bu4zvZSzbn%2BJy2f7faAe0NR2ny1FSZoKtqCVnJDSnxbZ4YAmqsnGPB%2BlbROENfPxtyauPjpbis8%2FseEw"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f35b662fa1a0219-ZRH
expires
Sun, 19 Mar 2023 04:02:51 GMT
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3455651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1339
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-eb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8sUs6k55kyh2IrshJxWGSTKrK6fyPDQOUr%2BEAcrfUVahLdE3L7DcMnVKESUxQE2tbENV29p%2BBkbr3fMmsXpc%2BcpOwEfTCgLW056wvI5AfG97gUOzdBGB1wvdgcGOprR6hf4OSpg23iUIDtpdPJFf7n27"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f35b662fa1b0219-ZRH
expires
Sun, 19 Mar 2023 04:02:51 GMT
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:51 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
20236705
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1763
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1483"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TolsJdFtaSXtZQDCtdCUiELTLT4mBXTnr6A0UuF4LDDn4GEB2GY5rDck9ECf7%2BDxJiq3K8TSIYiQd%2BHsQ%2BRMjNaimL97GfH0D5xFCSwGqvZcJ5X6I5EB%2FMu9YkdubIrWk636AEtweXvXreIYnNFAXmz3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f35b662fa1c0219-ZRH
expires
Sun, 19 Mar 2023 04:02:51 GMT
common.js
ivona.ua/click/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/click/js/common.js?1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:03:40 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
last-modified
Mon, 06 Jan 2020 10:11:50 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"5e1307e6-a00"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
x-cache
Miss from cloudfront
accept-ranges
bytes
access-control-allow-headers
*
content-length
2560
x-amz-cf-id
8UNm8OI0a3d4sSSf5z8cml5yNTiofWp9HTYJtyKSa662c0NvSPsU6g==
xgemius.js
gaua.hit.gemius.pl/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 07:51:19 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10838
expires
Tue, 29 Mar 2022 16:02:52 GMT
e.js
cdn.umh.ua/libs/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.umh.ua/libs/e.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block;
last-modified
Tue, 01 Mar 2022 15:54:34 GMT
server
nginx
etag
W/"621e41ba-16f4"
access-control-max-age
1728000
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER
expires
Wed, 30 Mar 2022 04:02:52 GMT
logo.png
ivona.ua/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/logo.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
2a5ffc4b5364d3c9b497b0358cec59b47658cdbb7455e840977d80dffcc4c37b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:26:19 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
age
18462772
x-cache
Hit from cloudfront
content-length
1326
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-52e"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
kdO3VhIkTIPxdFnmPorkIz-zkhQxZ2RPbh1sdSWLDekb4e91BXxWnw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
sitename.png
ivona.ua/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/sitename.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
ca18a695aa649c8be202136c7e83fe201f90b7c3391d45fbe971689d9bb3ebcd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:26:19 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
age
18462772
x-cache
Hit from cloudfront
content-length
1058
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-422"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
7pYgHKNW0v8zCA6rYvvw51JFrw3Yxx72cGXBVbbsaJtRxVn-xO7f8A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 19:41:16 GMT
x-content-type-options
nosniff
age
462096
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 19:41:16 GMT
search_icon.png
ivona.ua/img/ 		253 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/search_icon.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
7a3e2211e9bf114d049bb17ffdab66a889f20a55770d462a3136b573e23c439c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 05 Mar 2022 01:51:50 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
age
2081460
x-cache
Hit from cloudfront
content-length
253
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-fd"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
GR2Vrx0CQVP0wlaJqeoQJvQ06pTHMg0VBa-frgI3VEQ-iMtqd3v-PQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v16/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:21:15 GMT
x-content-type-options
nosniff
age
459697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29928
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 20:21:15 GMT
jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v16/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0aExdGM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 19:49:24 GMT
x-content-type-options
nosniff
age
461608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28444
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 19:49:24 GMT
c.html
cdn.admixer.net/scripts3/44714/ Frame 9D48 		738 B
510 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44714/c.html?b=44714
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 29 Mar 2022 04:02:51 GMT
content-type
text/html
last-modified
Mon, 28 Mar 2022 09:51:01 GMT
vary
Accept-Encoding
etag
W/"62418505-2e2"
expires
Wed, 29 Mar 2023 09:52:59 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-03-28T09:52:59+00:00
x-id
fr5-up-gc35
content-encoding
gzip
0967ebea4a2a8854ab82.b.js
cdn.admixer.net/scripts3/44714/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44714/0967ebea4a2a8854ab82.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Tue, 29 Mar 2022 04:02:51 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 09:50:47 GMT
server
nginx
etag
W/"624184f7-5d41"
vary
Accept-Encoding
x-cached-since
2022-03-28T09:52:59+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 29 Mar 2023 09:52:59 GMT
74d5671da8f90a9d2fab.b.js
cdn.admixer.net/scripts3/44714/ 		74 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44714/74d5671da8f90a9d2fab.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
fdee4b804d836555ae9361f5319feb7ad8aaf8e4d4cae9a48a92bbffd675da56

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Tue, 29 Mar 2022 04:02:51 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 09:50:54 GMT
server
nginx
etag
W/"624184fe-129f5"
vary
Accept-Encoding
x-cached-since
2022-03-28T09:52:59+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 29 Mar 2023 09:52:59 GMT
sdk.js
connect.facebook.net/uk_UA/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d0439ce0023de30b240f896e1057c5c8b4bacb347b428be259ef0881bff048d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
RtAlq/1Ue+6ZmMyM43Snsw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 29 Mar 2022 04:20:50 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
HEBQBSkakOGFeXMwbUtWZncbr+h0AuHGLoGj/tNJAC4HY/sbJs/F27ZYa2g9jVEtBcXRk/F5kt1Y8im2Kkeojg==
x-fb-trip-id
917726464
x-fb-content-md5
3bb2a866ff8bf288345319849ae7473f
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 29 Mar 2022 04:02:52 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"254b5e007f0b7fa9a0faf6da56368b1f"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
arrows.png
ivona.ua/img/ 		562 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/arrows.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e0aa33565d329e1218a6d190b0aa8c20e73d637429df09713949330e4632d7cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:26:19 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
age
18462773
x-cache
Hit from cloudfront
content-length
562
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-232"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
XwT36AWNxycMP0--R_ZEvk7T1tWWG9x4_k_O5aWbs6CRU49qGySPxg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
660876
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75728
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-127d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Szm8dAfdIs6bZPIe1Eh7%2FfCTmC4WbUaBePKYJ%2BbTTb%2Bb%2FdD7G5WvZq82AsNh3w%2F%2BK3vRZ5nDfAtLVKr03TA%2BODIvZPzcIl%2FC%2FV%2F%2FFqQFlILIuyix7kEHoDNSTtej8lKZ0%2By8E6Bj9f2OGAoAHTj6UZXD"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f35b6631994cc4e-ZRH
expires
Sun, 19 Mar 2023 04:02:52 GMT
bigmir_logo.svg
ivona.ua/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/bigmir_logo.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
33ba16e1b1d8a7bd9b5fd855dbe3db459460d39b818944c98fa56efc03d04070

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:26:19 GMT
content-encoding
gzip
age
18462772
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
W/"60fc3da0-d2d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
*
x-amz-cf-id
Y_O_4GM7n8CdxiGGmJaGYNZqoy-Pt2OjFaoBndVU1-1vc2LYaXMGbg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
load
z.cdn.umh.ua/ 		42 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1817662902&div=zone_1817662902&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=674&pl=3&mi=4&me=8&hc=4&n=1648526572071&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2241986073
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
7b8e36274e8930a38a94c85117c749376c2a1d7a219fe1558e2a58dd39e9e1dd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/ 		42 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=2096059570&div=zone_2096059570&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=674&pl=3&mi=4&me=8&hc=4&n=1648526572071&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2241986073
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
258648f036b2724ed8b9868d5e04d05d6f76b6a9aed313da504c76e436a127c8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/ 		42 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1604070069&div=zone_1604070069&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=674&pl=3&mi=4&me=8&hc=4&n=1648526572071&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2241986073
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e09b2dd8838df37e9abab83c276821dce1d4484bf03e0b2d6bdea6a454e8657d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/ 		57 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=2068016217&div=zone_2068016217&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=674&pl=3&mi=4&me=8&hc=4&n=1648526572071&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2241986073
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
b6ce302111de6cc0467e584ea54cd79e186e2c2d2872c1809ff7548ed750ce96

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
57
expires
-1
load
z.cdn.umh.ua/ 		75 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1451965891&div=zone_1451965891&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=674&pl=3&mi=4&me=8&hc=4&n=1648526572071&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2241986073
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
57390a59a4e6bc139c12e476c0811a97ba27438d8281070035d778f336ddb30c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
load
z.cdn.umh.ua/ 		57 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1217097366&div=zone_1217097366&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=674&pl=3&mi=4&me=8&hc=4&n=1648526572071&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2241986073
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
c30b014e3192d3d0d52b07e96b08e53ae72996798717bd8a46eeecfb353e7f16

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
57
expires
-1
load
z.cdn.umh.ua/ 		42 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1320962835&div=zone_1320962835&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=674&pl=3&mi=4&me=8&hc=4&n=1648526572071&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2241986073
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
813e00e93ee3876232674bfb1e27eebbeebc4a9494fbe02aff87c00aa6834ee9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/ 		415 B
429 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1579786519&div=zone_1579786519&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=674&pl=3&mi=4&me=8&hc=4&n=1648526572071&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2241986073
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
8fc1968b29dece9ab454a19447e2ba9565358032217a6b3b9fe2f8b25e0c209e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
server
nginx
content-type
text/plain; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
284
expires
-1
load
z.cdn.umh.ua/ 		75 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1966145486&div=zone_1966145486&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=674&pl=3&mi=4&me=8&hc=4&n=1648526572071&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2241986073
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
0c816db78c9677581e1a5944e4822496ff397e2fdba0df34a2f809b49562f3cf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
load
z.cdn.umh.ua/ 		75 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1424319715&div=zone_1424319715&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=674&pl=3&mi=4&me=8&hc=4&n=1648526572071&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2241986073
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
1713a1dc09693d01f4724c48cfaab88da8b9a434a417bfc33be94f6e566fa731

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
add-view
ivona.ua/click/articles/stat/ 		39 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/click/articles/stat/add-view?cid=6&site=ivona&aid=5255288&0.5025970897854706
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
0bd7c3682f9b8f21c91a78027d27190c46253893c3486de582ceac4612f94fa2

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ivona.ua/
X-Requested-With
XMLHttpRequest
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 29 Mar 2022 04:03:40 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ivona.ua
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
*
x-amz-cf-id
gWpeZBfKY8jlz6U0PGWVaP7jOFf4r94iySyXHsEK1j3KiRoTqunrRQ==
z
s.zmctrack.net/ Frame 8A2C 		50 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
c235bdd0da66fcda9675dcddac554bcd92ea32c66c459896714ac298146a9fe5

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23352
expires
Thu, 01 Jan 1970 00:00:01 GMT
9c0b7924efaed247f73a2c2efe16fff3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
i.ivona.ua/i/62/66/76/6/6266766/image_main/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/66/76/6/6266766/image_main/9c0b7924efaed247f73a2c2efe16fff3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0862b2b7a0f842e3721727ad3c1c1587dea2456187d44800d374c1936749afb5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 18:00:54 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 18:00:53 GMT
server
AmazonS3
age
36119
etag
"760a9fbb57457b0f32ecb925c84d72fc"
x-cache
Hit from cloudfront
x-amz-version-id
U2ctOSOO55UfH7BGLyBwP_rS1OTBUHwZ
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
40072
x-amz-cf-id
gAAOFTmwAncw0v9WrSjG_cpeigUw5oTOgEW8S8DpoFLYWamffEnztQ==
9c0b7924efaed247f73a2c2efe16fff3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/66/76/6/6266766/image_main/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/66/76/6/6266766/image_main/9c0b7924efaed247f73a2c2efe16fff3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3d225028d2ce32ffa49d917311a6b6d1df60e099f5cd095d44dd4985576d390

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 18:35:32 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 18:11:41 GMT
server
AmazonS3
age
34041
etag
"52b797a8f49e98741aa594ac77188f7f"
x-cache
Hit from cloudfront
x-amz-version-id
temhxY51IXYC2vSGBUliH4pXGzT9SDHW
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
2898
x-amz-cf-id
85JArhK5EvP5Ct7_Qhbirys32G4fFepkUR3tUNrtStxKcYAtjER5-Q==
bca7f6fc668870f441699d6abb73a65a-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/66/64/9/6266649/image_main/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/66/64/9/6266649/image_main/bca7f6fc668870f441699d6abb73a65a-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d6889aa46851f9cd1eff8a5e83237b23d51ce586fd1f41c4f45258801721463e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:40:21 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 15:16:36 GMT
server
AmazonS3
age
44552
etag
"95eff63fee3e1b381aecb6a5bca0b211"
x-cache
Hit from cloudfront
x-amz-version-id
PmCewY2uLEO84AdC7kNKTwjWGjDi.MPB
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
28728
x-amz-cf-id
Ya9sHOlC70j0Fmdg1xPNEdSddS8ZubLJve_XH7teyNl9DVWefIFlWg==
c3ca0cb0edba7a44949e0a5f21160ead-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/66/67/9/6266679/image_main/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/66/67/9/6266679/image_main/c3ca0cb0edba7a44949e0a5f21160ead-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1558ea296d11c7a4fd4d49002715e26626ba334d5588be62c3a37beed9fa606c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:39:26 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 15:16:39 GMT
server
AmazonS3
age
44607
etag
"a3e633feb0314caf4ac507c6f68c4a33"
x-cache
Hit from cloudfront
x-amz-version-id
1ZG0RO3rIQ4mawJJzPIs2uQxNo4sr5Lc
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
9387
x-amz-cf-id
7DN3iHwUQzlOHwewl4ZdzQCHtOBUQmEfysnj3WGzmWPbOc6DhoBJYA==
b70365d6695478720d3f47c5221da6f2-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/66/52/0/6266520/image_main/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/66/52/0/6266520/image_main/b70365d6695478720d3f47c5221da6f2-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e573b3438610358a1fa5b58b55cb9936be23e27b6e55793d7fbb01e4105c1671

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 14:36:12 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 14:22:48 GMT
server
AmazonS3
age
48401
etag
"1551b4f617b010f9406d217e7b0cd167"
x-cache
Hit from cloudfront
x-amz-version-id
oO3IbA._g4fDkRdgQBeoCCGxIicE4BS0
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
5075
x-amz-cf-id
gblZ5h4Rs5XXc9MF9IaGvUFGrlGc7VVbAzWNm7jJUyucHYwFy68yeA==
9c0b7924efaed247f73a2c2efe16fff3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/66/76/6/6266766/image_main/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/66/76/6/6266766/image_main/9c0b7924efaed247f73a2c2efe16fff3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
38f0551a9127dc092f8f3033f3a600deb8c19c55bf4cc981201fdedd4a61f4d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 18:00:53 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 18:00:21 GMT
server
AmazonS3
age
36120
etag
"6a39f402e516ce8eff2f89f670346ecd"
x-cache
Hit from cloudfront
x-amz-version-id
B6aL2WUgOmkl_o_W.ewxsBKz1OdeeW.n
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
5286
x-amz-cf-id
UsPQ5kpGCAGzAAW-wl89viyY46xm98IG1XI14hpH8aLS9z5hqpSrag==
5919577c8656159fd97c519235e30421-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/66/37/0/6266370/image_main/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/66/37/0/6266370/image_main/5919577c8656159fd97c519235e30421-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
944dda9c01ac7ea7c9fce5328675ff966c6b8d45c77885503e4cdfd3bba3cb1c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 11:41:52 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 11:41:24 GMT
server
AmazonS3
age
58861
etag
"c94e1b6a68d7f62d4007e2e1eab14cec"
x-cache
Hit from cloudfront
x-amz-version-id
lTo2Z8TbJC6c46_3i_9Zj1foW9RyzHLN
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
8647
x-amz-cf-id
wB357ZptUFtoaixoIAm55xipYJI8DlAe6lhtDnUVs4TpivTsfa68Iw==
2165fc9e36b422ae2b5ed9f43df9330d-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/66/34/7/6266347/image_main/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/66/34/7/6266347/image_main/2165fc9e36b422ae2b5ed9f43df9330d-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
05629dc66c729c5123326a21d8833779720da0714aac4d6c03a20e5830fadc7e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 11:05:37 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 10:50:15 GMT
server
AmazonS3
age
61036
etag
"afb8931926b3561cc7f3ee0651146b68"
x-cache
Hit from cloudfront
x-amz-version-id
P73JAv7sC8fLDC9WMJ43M1QLE0R2YS4V
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
16900
x-amz-cf-id
UThDFS6GGsntMrzW7mV20OtqgEmafyz_1X52ZgGfKZ7hpIoHt8lzUw==
c6dfd6cce7eac8af4549d8a445b3868e-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/66/32/8/6266328/image_main/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/66/32/8/6266328/image_main/c6dfd6cce7eac8af4549d8a445b3868e-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8e5fe001221e86b18e5a98fc712b7f89176932b342e7daca7ce4612e5c84ff51

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 10:11:56 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 09:44:38 GMT
server
AmazonS3
age
64257
etag
"4be2dd3ba00905498dd0b7db302c9020"
x-cache
Hit from cloudfront
x-amz-version-id
ZzqnEuesXg0PmAJGUomaRVzwcA0Q_apJ
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
11862
x-amz-cf-id
OrZmYhF4Hw6pezRKGPp9cLMECPw41v0gZxy5Di8rD2yCXFVY-kbHmw==
6037355e887612412fb0647817b563ce-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/66/47/3/6266473/image_main/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/66/47/3/6266473/image_main/6037355e887612412fb0647817b563ce-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aa6cd2f6a79dc1eb078f7556470e21ca2e75b73725093bf027aa9fb42c2e9fe

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 13:14:11 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 13:12:51 GMT
server
AmazonS3
age
53322
etag
"1a79c50c3c955451ad07d47703d293cf"
x-cache
Hit from cloudfront
x-amz-version-id
a6Mr7mT2eqa3pEpJcD_jcnMNOQnbwLYe
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
15459
x-amz-cf-id
ru3vk40DDEwpoT3QVJwFHJEY4gD9vpUH36L7NRlQtJZf8AeYzK-myA==
a8e232978bb099f3227a2735ba5e14ba-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/61/03/6/6261036/image_main/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/61/03/6/6261036/image_main/a8e232978bb099f3227a2735ba5e14ba-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a6be2093e3e0effead5f267e134429c4645c7a98141e4b47dc025e9a2d069a7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 15:29:47 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Sat, 19 Mar 2022 15:12:07 GMT
server
AmazonS3
age
822786
etag
"74776878489722eaabb6c9e3712ac6b3"
x-cache
Hit from cloudfront
x-amz-version-id
kgegFeR4G_WbM8v9xPD..8unrtiRr0qH
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
9494
x-amz-cf-id
yjF7NHuZuJTX59tI5RzZufXv27RqALQIcjp8NGmG5fiRnpBWKFqlVw==
344363afb4a443b8f781f78cd7ee2700-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/57/70/6/6257706/image_main/ 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/57/70/6/6257706/image_main/344363afb4a443b8f781f78cd7ee2700-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76e49115526453de96a772c70c6c021b844fde78b5aa5a467b40c33c0dd8f783

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 08:21:37 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Tue, 15 Mar 2022 08:12:24 GMT
server
AmazonS3
age
1194075
etag
"821b838be11be6fcc73f2d230c1452a4"
x-cache
Hit from cloudfront
x-amz-version-id
tPDvvzGtYOHejZANYmap8BJAUmqjHzYy
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
35602
x-amz-cf-id
nEEujxyjbeXM0_6bCXhe2rCmc2goZJZmtvmGllAT9hJ9uQtzt0f4lw==
edbfc75e97cdadf7cd649d52592fb0ec-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/56/91/7/6256917/image_main/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/56/91/7/6256917/image_main/edbfc75e97cdadf7cd649d52592fb0ec-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759834b7316b31b838b427955065153b2eda46f8022fe1e0892323f599d6947e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 15:32:58 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Sun, 13 Mar 2022 15:10:19 GMT
server
AmazonS3
age
1340995
etag
"e90d4edb75917fdeb43fd08cfcadb423"
x-cache
Hit from cloudfront
x-amz-version-id
loBaVzFqdey3mK0UOqvdT9b6OullyGSF
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
29193
x-amz-cf-id
kSvk_bLjIZiyKqnEMqXUsV_8KtIpyXGM_wfbavLhe39L7D449l5oPg==
3498527b19406a3077491fdbd088aa90-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/65/39/7/6265397/image_main/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/65/39/7/6265397/image_main/3498527b19406a3077491fdbd088aa90-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06e45edfd9b21f54f5f8b18c9036355fa9a7844a7867caebd0363fe4b8cf3077

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 08:09:18 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Sat, 26 Mar 2022 07:41:44 GMT
server
AmazonS3
age
244415
etag
"f4bb7d467cb67226a75a553a2acdc6fc"
x-cache
Hit from cloudfront
x-amz-version-id
lAPNWCjpEH3fJIrTLA.oEykGRsuD30xz
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
6349
x-amz-cf-id
3lNaqQ1oej21e8n1ohZXPkpoLFLSlGpSs3QYkgtK7TZwMdksTkV27w==
771a5cac6a235dd4079d4e9dc48084fe-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/61/79/7/6261797/image_main/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/61/79/7/6261797/image_main/771a5cac6a235dd4079d4e9dc48084fe-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bdc397f15aaf13d1d53fa82dc2b2b44fb65561176562d0f46e7cfd2e277b6b6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:38:54 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 11:12:40 GMT
server
AmazonS3
age
663839
etag
"9bab880f33a03790df012525012ccef6"
x-cache
Hit from cloudfront
x-amz-version-id
bY4FZXhg8XslRJjgCLbLr6k2MTpqr0Uq
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
6926
x-amz-cf-id
FqlD8tn_QVZ_YLCBvNKskQ7MnuI0uvZwcdGPsHGweA3VBW_2XxaCcA==
88201993db38eb95953599a8a4afabb7-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/66/00/9/6266009/image_main/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/66/00/9/6266009/image_main/88201993db38eb95953599a8a4afabb7-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e26c83c0f3b5248b7d703fa1d78eefa161766cf1c5514d0bd59030746b711abf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 10:52:28 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Sun, 27 Mar 2022 10:31:43 GMT
server
AmazonS3
age
148225
etag
"94100bc8b7d5b3506a56cf247718e001"
x-cache
Hit from cloudfront
x-amz-version-id
ti.c.YW6ozDvOCz6Fn0MFS3EYvHLt_m7
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
5564
x-amz-cf-id
1Fa_GQzhUGvjUA3W37JYC_recS_HFnMswDiRdYfpGPanDn_DpMWddw==
sdk.js
connect.facebook.net/uk_UA/ 		288 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js?hash=0db15fe7ccd9fce134eaf35a9bfd7c13
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7aaac6438548344f8d37e6c1612c33e7cf2385f49906089a00b5eab707be6e9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
AJpvupIBDqOQTI3GDMgXsw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84304
x-fb-rlafr
0
x-fb-debug
Xz2tjpKwtDYQtAa/Z9M9cWCdzngih++iweUsP2o5TBCPErwtdu9/lZu/KYdFLSFgg2AjAqiSUPtXRo9zTW0U1A==
x-fb-content-md5
b36ba4592eef55d47b24ca194914b91a
x-frame-options
DENY
date
Tue, 29 Mar 2022 04:02:52 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"8b523086e281c641190a504a63f6a17d"
timing-allow-origin
*
priority
u=3,i
expires
Wed, 29 Mar 2023 01:05:14 GMT
s
h.holder.com.ua/ 		736 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b8656&c1&r28783193&dholder2096059570&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
54307fa49935b3477a3714cf18f290722cd1436330847d07fa2eb99ac061250f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:02:52 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
736
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s
h.holder.com.ua/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&bholder_320x100_5759&c1&r28783193&dholder2068016217&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:52 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
c.html
cdn.admixer.net/scripts3/44714/ Frame E517 		738 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44714/c.html?b=44714
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 29 Mar 2022 04:02:52 GMT
content-type
text/html
last-modified
Mon, 28 Mar 2022 09:51:01 GMT
vary
Accept-Encoding
etag
W/"62418505-2e2"
expires
Wed, 29 Mar 2023 09:52:59 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-03-28T09:52:59+00:00
x-id
fr5-up-gc35
content-encoding
gzip
s
h.holder.com.ua/ 		730 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b8655&c1&r28783193&dholder1817662902&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
a5961f80bc208ec79cddf49a4f44a82e10ed501c2f521344d5c9b5c7ec85ecf6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:02:52 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
730
Expires
Thu, 01 Jan 1970 00:00:00 GMT
dsp.aspx
inv-nets.admixer.net/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=9486038802899326&cpv=32b8f8d5-e106-0442-8694-3aaaebdc0d18&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2271a1f48b-45cb-8169-c7a6-6fe7c6aefe89%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22eb19e9d4-7565-7ab1-415d-e1beaad03b3d%22%2C%22tagid%22%3A%22c15953fe-60cc-47f4-a7b2-8735f0b6c691%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1451965891%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
44340c836637045fb006301a4d8c73d02e6c3df9c65454f4d434c7921fd14c92
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:52 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
3763
X-Xss-Protection
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/ 		297 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065859
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88ead3fa2ff6d9e978c921ed0f52ab854e56a5267aa0452056f945a45d2a6c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109416
x-xss-protection
0
server
cafe
etag
17212367900963764213
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 29 Mar 2022 04:02:52 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220324/r20190131/ Frame 72BB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220324/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Mon, 28 Mar 2022 17:45:34 GMT
expires
Mon, 11 Apr 2022 17:45:34 GMT
cache-control
public, max-age=1209600
age
37038
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
h.holder.com.ua/ 		979 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b8654&c1&r28783193&dholder1604070069&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
ea01beb73825d049675e46d49cd6031859f94de42e559ce9b42e109e8bd37863

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:02:52 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
979
Expires
Thu, 01 Jan 1970 00:00:00 GMT
fpdata.js
gaua.hit.gemius.pl/ 		277 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=ivona.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
eae815dc1973e970d8e5d40774e27ca32b2ad24dd5ad0a5dffd863d0c40e4655

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
277
expires
Thu, 28 Apr 2022 04:02:52 GMT
lsget.html
ls.hit.gemius.pl/ Frame D908 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
e90c6c2f3570b956300fc428598718475bd34e65dfde3a934da9249ef109c3e0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
expires
Thu, 28 Apr 2022 04:02:52 GMT
server
GHC
accept-ranges
none
cache-control
private, max-age=2592000
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
etag
PRIVATE7520710249
vary
Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
2716
content-encoding
gzip
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-206274582-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7086
date
Tue, 29 Mar 2022 02:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 29 Mar 2022 04:04:46 GMT
s
h.holder.com.ua/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&bholder_320x100_4084&c1&r28783193&dholder1217097366&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:52 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
c.html
cdn.admixer.net/scripts3/44714/ Frame FCDB 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44714/c.html?b=44714
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 29 Mar 2022 04:02:52 GMT
content-type
text/html
last-modified
Mon, 28 Mar 2022 09:51:01 GMT
vary
Accept-Encoding
etag
W/"62418505-2e2"
expires
Wed, 29 Mar 2023 09:52:59 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-03-28T09:52:59+00:00
x-id
fr5-up-gc35
content-encoding
gzip
c.html
cdn.admixer.net/scripts3/44714/ Frame 9FAC 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44714/c.html?b=44714
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 29 Mar 2022 04:02:52 GMT
content-type
text/html
last-modified
Mon, 28 Mar 2022 09:51:01 GMT
vary
Accept-Encoding
etag
W/"62418505-2e2"
expires
Wed, 29 Mar 2023 09:52:59 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-03-28T09:52:59+00:00
x-id
fr5-up-gc35
content-encoding
gzip
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b2718&c1&r28783193&dholder1320962835&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:52 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
c.html
cdn.admixer.net/scripts3/44714/ Frame A788 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44714/c.html?b=44714
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 29 Mar 2022 04:02:52 GMT
content-type
text/html
last-modified
Mon, 28 Mar 2022 09:51:01 GMT
vary
Accept-Encoding
etag
W/"62418505-2e2"
expires
Wed, 29 Mar 2023 09:52:59 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-03-28T09:52:59+00:00
x-id
fr5-up-gc35
content-encoding
gzip
dsp.aspx
inv-nets.admixer.net/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=4221337896085069&cpv=32b8f8d5-e106-0442-8694-3aaaebdc0d18&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%2221c89b63-c12c-a932-ebd9-10167d9c26ae%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22f7cd00c3-ec5b-6acc-d584-819c5be7eac4%22%2C%22tagid%22%3A%22e7702231-2e98-4fd2-8c48-2b474cab0363%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1424319715%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
d721aacf97121ed8355b0991047479a563cce60dc96b29a61a52b3cfff931d98
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:52 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
3041
X-Xss-Protection
0
/
www.facebook.com/tr/ 		44 B
407 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1797034293858937&ev=fb_page_view&dl=https%3A%2F%2Fivona.ua%2F&rl=&if=false&ts=1648526572351&sw=1600&sh=1200&at=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 29 Mar 2022 04:02:52 GMT
dsp.aspx
inv-nets.admixer.net/ 		222 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=9694093721976000&cpv=32b8f8d5-e106-0442-8694-3aaaebdc0d18&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%227a38f450-5aff-b921-6852-4e918a77c571%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22cebe8e59-6fcf-f856-297e-5710e6562341%22%2C%22tagid%22%3A%22d9675bdf-cf85-4051-92db-9ca047f83379%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1966145486%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
83dc9d5f6403b50388c76777b5ccba100981b4257b0c9d6924815ad1efe91171
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:52 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
201
X-Xss-Protection
0
dsp.aspx
inv-nets.admixer.net/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=4510876691767980&cpv=32b8f8d5-e106-0442-8694-3aaaebdc0d18&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22e564bdf6-b135-d158-9261-e58c2973b814%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%226db00fad-564a-b625-537c-c6d18159f508%22%2C%22tagid%22%3A%2289ccbdfd-1266-46c2-a1de-466d0d5c1f57%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1579786519%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
4dc4ab2d89fc387fd172e2415cccc96ad1bf124696a54c81c43677be51e44780
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:52 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2893
X-Xss-Protection
0
v1
ww251.smartadserver.com/prebid/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww251.smartadserver.com/prebid/v1
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44714/0967ebea4a2a8854ab82.b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ivona.ua
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44714/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ivona.ua
date
Tue, 29 Mar 2022 04:02:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44714/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ivona.ua
date
Tue, 29 Mar 2022 04:02:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44714/0967ebea4a2a8854ab82.b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ivona.ua
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
/
exchange.informer.ua/informer/stat/ Frame B666 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.informer.ua/informer/stat/?s=kolobok
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b8656&c1&r28783193&dholder2096059570&hhttps%3A//ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 / PHP/7.1.17
Resource Hash
4b8b1f7b6bd6c8a628ea7352e4b7865dfcce9d5068ddfc6e57a403d055483bf4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx/1.12.2
date
Tue, 29 Mar 2022 04:03:44 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.17
content-encoding
gzip
cmeter_an.js
source.mmi.bemobile.ua/cm/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://source.mmi.bemobile.ua/cm/cmeter_an.js
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b8656&c1&r28783193&dholder2096059570&hhttps%3A//ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 07:55:53 GMT
server
nginx/1.13.0
etag
W/"5dc27c89-2699"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
expires
Thu, 07 Nov 2019 07:55:53 GMT
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/44714/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44714/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 09:51:03 GMT
server
nginx
etag
W/"62418507-702f"
vary
Accept-Encoding
x-cached-since
2022-03-28T09:52:59+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 29 Mar 2023 09:52:59 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/44714/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44714/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 09:51:04 GMT
server
nginx
etag
W/"62418508-a793"
vary
Accept-Encoding
x-cached-since
2022-03-28T09:52:59+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 29 Mar 2023 09:52:59 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/44714/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44714/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 09:50:56 GMT
server
nginx
etag
W/"62418500-326c"
vary
Accept-Encoding
x-cached-since
2022-03-28T09:52:59+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 29 Mar 2023 09:52:59 GMT
182f2d74c34963cea11e.b.js
cdn.admixer.net/scripts3/44714/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44714/182f2d74c34963cea11e.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
51963d3074e03b274597ec8a657697e989d104197d060d7f71e4df8971c25edb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 09:50:47 GMT
server
nginx
etag
W/"624184f7-2a79"
vary
Accept-Encoding
x-cached-since
2022-03-28T09:52:59+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 29 Mar 2023 09:52:59 GMT
631117330f3e56489daa.b.js
cdn.admixer.net/scripts3/44714/ 		214 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/44714/631117330f3e56489daa.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2cb6aa168491f0d76255839ccbed19fba4f560bcf0b95aea1dc84aa257ac685c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc35
date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
last-modified
Mon, 28 Mar 2022 09:50:53 GMT
server
nginx
etag
W/"624184fd-3594f"
vary
Accept-Encoding
x-cached-since
2022-03-28T09:52:59+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 29 Mar 2023 09:52:59 GMT
ivona.bigmir.net.1211636.js
jsc.idealmedia.io/i/v/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be705c134d98e7a215275e82ed9d928f4361b65143517f9809ae1c9e113eeb42

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
JQ12VZBNER812EN0
content-length
746
x-amz-id-2
asfXwjqtwB1j23zodfeDMMveAv5/x9tswh9P6rcijUVpzutV70ZK7ZLKeF0Zag52i8m3CJEwf0U=
last-modified
Fri, 04 Feb 2022 07:41:12 GMT
server
cloudflare
etag
"d245c3976e8b37aa0431b5a7963b9259"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
6f35b6668d1e54ca-MAN
expires
Tue, 29 Mar 2022 07:02:52 GMT
s
h.holder.com.ua/ 		3 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.holder.com.ua/s?tv&p1&b8655&r522767450
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:02:52 GMT
Server
nginx
Content-Type
application/x-www-form-urlencoded; charset=windows-1251
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
3
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=676794910&t=pageview&_s=1&dl=https%3A%2F%2Fivona.ua%2F&ul=en-us&de=UTF-8&dt=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=577787425&gjid=1590354857&cid=865945863.1648526572&tid=UA-206274582-1&_gid=350001041.1648526572&_r=1&gtm=2ou3n1&z=97720579
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		212 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ivona.ua&callback=_gfp_s_&client=ca-pub-3755662197386269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
b399c2ff396c7d23f6bdc690036432a15802497213cf91eef69fb7af31c8c896
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065859
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5956 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1648526572&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fivona.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572255&bpp=3&bdt=606&idt=308&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6558247461018&frm=20&pv=2&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=676794910&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760475%2C44761044%2C31065741%2C31065859%2C31063247&oid=2&pvsid=3184350614233474&pem=967&tmod=1217976993&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=323
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065859
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 29 Mar 2022 04:02:52 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 29 Mar 2022 04:02:52 GMT
cache-control
private
/
loadercdn.net/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=cc1a3ce7c3999522&d=ivona.ua
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Mar 2022 04:02:52 GMT
server
openresty
mwayss_invocation.min.js
ad.mox.tv/mox/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 29 Mar 2022 05:02:52 GMT
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=98b8df611fd045c68d9c8d6855a92441&zone=E7702231-2E98-4FD2-8C48-2B474CAB0363&device=28&rule=367981D1-53B6-4DD6-8A3E-50DB6709E57C&requestId=06edbf2c-04e9-4510-b045-b55af17b953e&hp=-370074540&page=ivona.ua%2F&segments=5%2C1%2C490&ts=637841233723929476&ap=NDU%3D&asign=-1611683636&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=3307e8b1-e117-41c5-8f2f-fb7fe0668df7&ip=217.138.196.106&item=F8B2536D-904F-43FA-A7FF-34F8638AC44B&crid=F8B2536D-904F-43FA-A7FF-34F8638AC44B&profile=A882975B-8C3C-40D9-B188-89F4EF2DFCE1&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:53 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=98b8df611fd045c68d9c8d6855a92441&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=a920cd34-1d67-45e2-933d-226b29119cc5&hp=-370074540&page=ivona.ua%2F&segments=5%2C1%2C490&ts=637841233723435204&ap=MA%3D%3D&asign=-1047625509&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=8dd850b8-9686-42a8-bbe6-9fb8b567f9a6&ip=217.138.196.106&item=C3C5CCA8-CF47-42BE-A945-6D3416B60CD6&crid=C3C5CCA8-CF47-42BE-A945-6D3416B60CD6&size=350x240&profile=5EEA8F57-F0AA-4422-A5D9-20C13E0F2FBF&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 04:02:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=98b8df611fd045c68d9c8d6855a92441&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=a920cd34-1d67-45e2-933d-226b29119cc5&hp=-370074540&page=ivona.ua%2F&segments=1%2C490%2C5&ts=637841233723435204&ap=MA%3D%3D&asign=-1047625509&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=8dd850b8-9686-42a8-bbe6-9fb8b567f9a6&ip=217.138.196.106&item=1EBE7643-AB97-4780-A4A5-EC43BEC73EA9&crid=1EBE7643-AB97-4780-A4A5-EC43BEC73EA9&size=350x240&profile=476857EE-5211-4F53-A2E9-6B14A06EFC2C&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 04:02:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
rexdot.js
gaua.hit.gemius.pl/__/_1648526572620/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1648526572620/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F...
  • https://gaua.hit.gemius.pl/__/_1648526572620/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua...
169 B
422 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1648526572620/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=345&lsdata=sNbQKnyu1dGOT1M7dbyVXf4LvlJaPIS5jnivQbpZClf.X78WDGq5Qyb51wn0oez1Y1C5Kp1wKyFFP9Jfop7f5u11QqHl/g.ZuIw9Ym2g.x/&fpdata=4A8rou0YZibwa3V1ArSLsyUdxPlruNx3MCji8eS7RL..p7&vis=1&fpcap=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
1292a4b14a8a253fa80fc34fd6f1f73df6e81020fe98b5af62f11c3e9999c833

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Mon, 28 Mar 2022 04:02:52 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1648526572620/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=345&lsdata=sNbQKnyu1dGOT1M7dbyVXf4LvlJaPIS5jnivQbpZClf.X78WDGq5Qyb51wn0oez1Y1C5Kp1wKyFFP9Jfop7f5u11QqHl/g.ZuIw9Ym2g.x/&fpdata=4A8rou0YZibwa3V1ArSLsyUdxPlruNx3MCji8eS7RL..p7&vis=1&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 28 Mar 2022 04:02:52 GMT
jsunit
a4p.adpartner.pro/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?id=7161&ref=&0.6693846633064611
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b8654&c1&r28783193&dholder1604070069&hhttps%3A//ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
158a521224d4472b08585062dca8bffd492975c13baef608bed3534a75c2b6b8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
s
h.holder.com.ua/ 		3 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://h.holder.com.ua/s?tv&p1&b8654&r391904494
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:02:52 GMT
Server
nginx
Content-Type
application/x-www-form-urlencoded; charset=windows-1251
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
3
Expires
Thu, 01 Jan 1970 00:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44714/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ivona.ua
date
Tue, 29 Mar 2022 04:02:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44714/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ivona.ua
date
Tue, 29 Mar 2022 04:02:52 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44714/0967ebea4a2a8854ab82.b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.121 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ivona.ua
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=98b8df611fd045c68d9c8d6855a92441&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=a920cd34-1d67-45e2-933d-226b29119cc5&hp=-370074540&page=ivona.ua%2F&segments=5%2C1%2C490&ts=637841233723435204&ap=MA%3D%3D&asign=-1047625509&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=8dd850b8-9686-42a8-bbe6-9fb8b567f9a6&ip=217.138.196.106&item=D0EEA9F9-C933-4D86-8C78-4628D65839DD&crid=D0EEA9F9-C933-4D86-8C78-4628D65839DD&size=350x240&profile=08C7770D-D6A5-444B-8C99-6C11B1376450&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 04:02:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
collect
stats.g.doubleclick.net/j/ 		7 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-206274582-1&cid=865945863.1648526572&jid=577787425&gjid=1590354857&_gid=350001041.1648526572&_u=YEBAAUAAAAAAAC~&z=337935313
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 29 Mar 2022 04:02:52 GMT
content-type
text/plain
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=98b8df611fd045c68d9c8d6855a92441&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=502e6f57-46a6-4d2e-ab74-08b2c4c46411&hp=-370074540&page=ivona.ua%2F&segments=490%2C5%2C1&ts=637841233724936511&ap=MA%3D%3D&asign=290907195&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=3307e8b1-e117-41c5-8f2f-fb7fe0668df7&ip=217.138.196.106&item=9B1B0305-7D25-4D27-94D9-2AAB9CA411F2&crid=9B1B0305-7D25-4D27-94D9-2AAB9CA411F2&size=350x240&profile=A30ACB44-18F1-45CA-BA85-5B440B44C7DF&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 04:02:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=98b8df611fd045c68d9c8d6855a92441&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=502e6f57-46a6-4d2e-ab74-08b2c4c46411&hp=-370074540&page=ivona.ua%2F&segments=5%2C1%2C490&ts=637841233724936511&ap=MA%3D%3D&asign=290907195&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=3307e8b1-e117-41c5-8f2f-fb7fe0668df7&ip=217.138.196.106&item=8167273D-0350-4192-A2A7-6E2A0FB7CFFF&crid=8167273D-0350-4192-A2A7-6E2A0FB7CFFF&size=350x240&profile=36DBA250-021E-4192-BB34-F2EE916251DD&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 04:02:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9B3B 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a112e85ed2edc04d844b8cc32954409644f5d99f557cca61b4b8b171764d81d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53923
x-xss-protection
0
server
cafe
etag
12870351977577437642
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 29 Mar 2022 04:02:52 GMT
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=98b8df611fd045c68d9c8d6855a92441&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=502e6f57-46a6-4d2e-ab74-08b2c4c46411&hp=-370074540&page=ivona.ua%2F&segments=1%2C490%2C5&ts=637841233724936511&ap=MA%3D%3D&asign=290907195&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=3307e8b1-e117-41c5-8f2f-fb7fe0668df7&ip=217.138.196.106&item=5E5EC4A4-287F-4613-8D3B-354B1602DCD2&crid=5E5EC4A4-287F-4613-8D3B-354B1602DCD2&size=350x240&profile=A01BDF0B-F125-40F1-9022-C7F2F7F7F847&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 04:02:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=98b8df611fd045c68d9c8d6855a92441&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=502e6f57-46a6-4d2e-ab74-08b2c4c46411&hp=-370074540&page=ivona.ua%2F&segments=5%2C1%2C490&ts=637841233724936511&ap=OA%3D%3D&asign=573232197&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=3307e8b1-e117-41c5-8f2f-fb7fe0668df7&ip=217.138.196.106&item=08C00FAB-E6A6-4787-A1BA-A1848F9630CB&crid=08C00FAB-E6A6-4787-A1BA-A1848F9630CB&size=728x90&profile=C87AA202-A622-463B-98B8-FBABB05C7EEA&isopt=0&adv=N%2FA&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:52 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
cm.js
source.mmi.bemobile.ua/cm/ 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://source.mmi.bemobile.ua/cm/cm.js
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cmeter_an.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 07:55:53 GMT
server
nginx/1.13.0
etag
W/"5dc27c89-d0f6"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
expires
Thu, 07 Nov 2019 07:55:53 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-206274582-1&cid=865945863.1648526572&jid=577787425&_u=YEBAAUAAAAAAAC~&z=1810883137
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-206274582-1&cid=865945863.1648526572&jid=577787425&_u=YEBAAUAAAAAAAC~&z=1810883137
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo_top.png
kolobok.ua/images/ Frame B666 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/images/logo_top.png
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:03:41 GMT
last-modified
Thu, 04 Feb 2021 12:11:24 GMT
server
nginx
etag
"601be46c-208f"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
8335
expires
Thu, 31 Dec 2037 23:55:55 GMT
c4e72a4a598309f8a3c330157b645b18.jpg
exchange.informer.ua/assets/thumbnails/c4/ Frame B666 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/c4/c4e72a4a598309f8a3c330157b645b18.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
0e1335803c3991eec989177e5267914f4945ab34b49ed762106be5b47d79ae5f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:03:44 GMT
last-modified
Thu, 24 Mar 2022 21:50:11 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"623ce793-1f58"
content-length
8024
content-type
image/jpeg
2ce65ced6c2bd16933cc1026ebb3ba78.jpg
exchange.informer.ua/assets/thumbnails/2c/ Frame B666 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/2c/2ce65ced6c2bd16933cc1026ebb3ba78.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
97067fdf89f4fc70caa40e1039c811b53a8ae5fdee20a509d5b38a8bc132e2c2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:03:44 GMT
last-modified
Fri, 25 Mar 2022 11:00:08 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"623da0b8-19aa"
content-length
6570
content-type
image/jpeg
b19ce49042a26f629e1c24d7965cd206.jpg
exchange.informer.ua/assets/thumbnails/b1/ Frame B666 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/b1/b19ce49042a26f629e1c24d7965cd206.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
7f77d5733f3174af38e674d28c0529846df53983d2e49bbef949b8f26c5bc2cc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:03:44 GMT
last-modified
Sun, 27 Mar 2022 22:30:09 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"6240e571-17ae"
content-length
6062
content-type
image/jpeg
32a3435a53c0facee728ed340151b52b.jpg
exchange.informer.ua/assets/thumbnails/32/ Frame B666 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/32/32a3435a53c0facee728ed340151b52b.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b9bf5688337b06cd543a8a58b89ed9b1ec6f7c96a5fd201e441733f20cf57acf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:03:44 GMT
last-modified
Mon, 28 Mar 2022 15:10:08 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"6241cfd0-1389"
content-length
5001
content-type
image/jpeg
924270a0f39cd9822c6331488246dc7e.jpg
exchange.informer.ua/assets/thumbnails/92/ Frame B666 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/92/924270a0f39cd9822c6331488246dc7e.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
30b2aa4d03886eb2eda080aeb4e7863f242d5945ad7d1b0e82c6ce364a2d2f45

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:03:44 GMT
last-modified
Fri, 25 Mar 2022 07:10:09 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"623d6ad1-14d7"
content-length
5335
content-type
image/jpeg
ivona.bigmir.net.1211636.es6.js
jsc.idealmedia.io/i/v/ 		238 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e16199d9717148e8043208cda7ac30a9140610e98aaab2d6ac8bfd8a6e5e74

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
HQGEB43RAAKJD7GP
content-length
73235
x-amz-id-2
fuKW+eHO4XrKsq8k+qE+YTA2AyPqBU402EVoze3OUB3A8vREPInpoKAWXkgXmSvHD9e7SEoYBLA=
last-modified
Fri, 04 Feb 2022 07:41:12 GMT
server
cloudflare
etag
"fbaa30e6ac69d6335c32af00f9374da7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=10800
accept-ranges
bytes
cf-ray
6f35b667de2754ca-MAN
expires
Tue, 29 Mar 2022 07:02:52 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/ Frame 9B3B 		297 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065921
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
88ead3fa2ff6d9e978c921ed0f52ab854e56a5267aa0452056f945a45d2a6c45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109416
x-xss-protection
0
server
cafe
etag
17212367900963764213
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 29 Mar 2022 04:02:52 GMT
impress
ad.mox.tv/delivery/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=ivona.ua&top_url=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&url=https%3A%2F%2Fivona.ua%2F&referrer=&async=1&uid=434548516
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
75b250119bfa62ae30cffa47f67c637e7429de07a5b7758fcca0c4942c7bb2d9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://ivona.ua
date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
tt
a4p.adpartner.pro/ Frame 9D25 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=e0f56bea-2b5d-43f6-8da9-ba8578653ecd&session_pageview=1&session_id=6cd0e4a5-d984-4d13-b7f8-9a0f01800667&site_visited=1&location=https%3A%2F%2Fivona.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7161&ref=&0.6693846633064611
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 29 Mar 2022 04:02:53 GMT
cache-control
no-store no-transform
ls
a4p.adpartner.pro/jsunit/ Frame 9F10 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7161&unit_id=7161&shown=&session_pageview=1&session_id=6cd0e4a5-d984-4d13-b7f8-9a0f01800667&site_visited=1&apuid=e0f56bea-2b5d-43f6-8da9-ba8578653ecd&width=300&screen_width=1600&reload_count=0&banner_num=1648526572779379090&is_in_viewport=1&ref=&location=https%3A%2F%2Fivona.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7161&ref=&0.6693846633064611
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
bbe867aea6b6027b76950eecaa41a0bb32c01b2dce3ecce2495ab88d13665877

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 29 Mar 2022 04:02:52 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
11297579
fly-request-id
01FMS77QYFR7T91A14VZPZC4YW
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6f35b66948660200-ZRH
achernar.min.js
ad.mox.tv/js/achernar/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/achernar.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 14:47:09 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6213a5ed-2b1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 29 Mar 2022 05:02:52 GMT
prebid.js
ad.mox.tv/js/achernar/ 		212 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/prebid.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
abda83b7b0fcad530a82341fef5a3b7acdfa13778c13debf5bddcc21beea49c5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 12:39:02 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6151bb66-34fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 29 Mar 2022 05:02:52 GMT
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
47ce51c3069cb0507187cde559f47c88e1593ec71d745cc4c4a3dcd204b28023
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28081
x-xss-protection
0
server
sffe
etag
"1172 / 743 of 1000 / last-modified: 1648505260"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 29 Mar 2022 04:02:53 GMT
swiper-bundle.min.js
unpkg.com/swiper@7.3.0/ 		132 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
11297621
fly-request-id
01FMS76ETJSXZKGZGFZVHH4A5S
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6f35b66948670200-ZRH
mwayss_invocation.min.css
ad.mox.tv/mox/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-a0a"
vary
Accept-Encoding
content-type
text/css
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:52 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
magic.png
bgstats.mox.tv/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
sync
ad.vidver.to/delivery/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=3106066f-55c1-4e5f-bfc3-24134808b296&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=3106066f-55c1-4e5f-bfc3-24134808b296&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3D3a0db163-c932-48bd-84d4-48775b18...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=77576242-84ee-4b00-9ff6-e5ec22d80b65&expires=30&ssp=prodoohmox&bsw_param=3a0db163-c932-48bd-84d4-48775b180e5c&gdpr=0&gdpr_consent=
  • https://ad.mox.tv/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c
  • https://ad.mediawayss.com/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
  • https://ad.outstream.today/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
  • https://ad.adopx.net/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG...
  • https://ad.invamia.com/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVy...
  • https://ad.vidverto.io/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=YWQudmlkdmVyLnRv
  • https://ad.vidver.to/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=
0
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
190.2.153.150 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Mar 2022 04:02:55 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8

Redirect headers

location
https://ad.vidver.to/delivery/sync?userid=3a0db163-c932-48bd-84d4-48775b180e5c&inner_redirect=1&inner_uuid=3106066f-55c1-4e5f-bfc3-24134808b296&redirect_host_list=
date
Tue, 29 Mar 2022 04:02:54 GMT
server
nginx/1.14.0 (Ubuntu)
access-control-allow-origin
*
content-type
text/html; charset=UTF-8
analytics.js
www.google-analytics.com/ Frame 9F10 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7161&unit_id=7161&shown=&session_pageview=1&session_id=6cd0e4a5-d984-4d13-b7f8-9a0f01800667&site_visited=1&apuid=e0f56bea-2b5d-43f6-8da9-ba8578653ecd&width=300&screen_width=1600&reload_count=0&banner_num=1648526572779379090&is_in_viewport=1&ref=&location=https%3A%2F%2Fivona.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
7086
date
Tue, 29 Mar 2022 02:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 29 Mar 2022 04:04:46 GMT
jsunit
a4p.adpartner.pro/ Frame 9F10 		25 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1648526572779379090&id=7161&is_in_viewport=1&ref=&reload_count=0&session_id=6cd0e4a5-d984-4d13-b7f8-9a0f01800667&session_pageview=1&shown=&site_visited=1&unit_id=7161
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7161&unit_id=7161&shown=&session_pageview=1&session_id=6cd0e4a5-d984-4d13-b7f8-9a0f01800667&site_visited=1&apuid=e0f56bea-2b5d-43f6-8da9-ba8578653ecd&width=300&screen_width=1600&reload_count=0&banner_num=1648526572779379090&is_in_viewport=1&ref=&location=https%3A%2F%2Fivona.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
29f319db920127c3cf6882a7c8bae4705d2022717834f5850b19bba16e5304b2

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7161&unit_id=7161&shown=&session_pageview=1&session_id=6cd0e4a5-d984-4d13-b7f8-9a0f01800667&site_visited=1&apuid=e0f56bea-2b5d-43f6-8da9-ba8578653ecd&width=300&screen_width=1600&reload_count=0&banner_num=1648526572779379090&is_in_viewport=1&ref=&location=https%3A%2F%2Fivona.ua%2F
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Tue, 29 Mar 2022 04:02:53 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
z
s.zmctrack.net/ Frame 8EDD 		102 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
4d59a8b7cb8e999393a65c1c51a6af58b6798fb50d27bc5b4fe97c782697658e

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://ivona.ua
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
cookie.js
partner.googleadservices.com/gampad/ Frame 9B3B 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ivona.ua&callback=_gfp_s_&client=ca-pub-3755662197386269&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065921
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ Frame 9B3B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065921
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9B3B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065921
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:02:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B414 		19 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065921
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10a42ee3fda60eabd130443f980087bf6713c6c6783795c9eed0bdbeb5f17a43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 29 Mar 2022 04:02:53 GMT
server
cafe
content-length
10364
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 29 Mar 2022 04:02:53 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9B3B 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220324&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065921
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2cf4688d523276511fac7912d3b9ab38ab205c61da7d4c75072bcc5f92683a44
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10714
x-xss-protection
0
cds.js
pa.tns-ua.com/viewability/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cds.js
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
last-modified
Fri, 25 May 2018 10:26:40 GMT
server
nginx/1.13.0
accept-ranges
bytes
etag
"5b07e4e0-9c3"
content-length
2499
content-type
application/javascript; charset=utf-8
mwayss_invocation.min.js
ad.mox.tv/mox/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 29 Mar 2022 05:02:53 GMT
ev_prebid.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=98b8df611fd045c68d9c8d6855a92441&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=a920cd34-1d67-45e2-933d-226b29119cc5&hp=-370074540&page=ivona.ua%2F&segments=5%2C1%2C490&ts=637841233723435204&ap=MA%3D%3D&asign=-1047625509&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=8dd850b8-9686-42a8-bbe6-9fb8b567f9a6&ip=217.138.196.106&item=742F880D-0B09-4A22-9509-965113280D36&crid=742F880D-0B09-4A22-9509-965113280D36&size=350x240&profile=C27F7D27-35B0-471E-9AB7-5DD4D760EF40&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 04:02:53 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=98b8df611fd045c68d9c8d6855a92441&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=a920cd34-1d67-45e2-933d-226b29119cc5&hp=-370074540&page=ivona.ua%2F&segments=5%2C1%2C490&ts=637841233723435204&ap=OA%3D%3D&asign=-1329950511&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=8dd850b8-9686-42a8-bbe6-9fb8b567f9a6&ip=217.138.196.106&item=6F40F793-2197-419B-99FF-3A23ACB393CA&crid=6F40F793-2197-419B-99FF-3A23ACB393CA&size=300x600&profile=B774ED5B-868F-4830-AF4F-06A3722C07AE&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:53 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
upwards.png
ivona.ua/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/upwards.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-18.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
c228cfe6b3ebb46f183eda1d08be68dfc80fd7680ce97ec6daef9b3d81f52b44

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 13:35:31 GMT
via
1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
age
13789467
x-cache
Hit from cloudfront
content-length
1602
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-642"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
eyhTSDloXSjOP8man7Rr349z5prcI07OmTHXRM632VGyJDPH1_QvFA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
impress
ad.mox.tv/delivery/ 		19 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=ivona.ua&top_url=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&url=https%3A%2F%2Fivona.ua%2F&referrer=&async=1&uid=6282253225
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0c1564d6e5e5ed7e23f57a70f81fe67535a765574f375192f022ea8c4cbdec71

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://ivona.ua
date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9B3B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065921
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:02:53 GMT
css
fonts.googleapis.com/ 		2 KB
537 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 03:52:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 29 Mar 2022 04:02:53 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Mar 2022 04:02:53 GMT
1px-matching-adpartner.gif
t.trafmag.com/images/ 		35 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=e0f56bea-2b5d-43f6-8da9-ba8578653ecd
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:53 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
uid=e0f56bea-2b5d-43f6-8da9-ba8578653ecd
s.uuidksinc.net/match/798/ 		74 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.uuidksinc.net/match/798/uid=e0f56bea-2b5d-43f6-8da9-ba8578653ecd
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
e0f56bea-2b5d-43f6-8da9-ba8578653ecd
recreativ.ru/mtch/31/ 		0
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recreativ.ru/mtch/31/e0f56bea-2b5d-43f6-8da9-ba8578653ecd
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx
content-length
0
content-type
application/octet-stream
pix
dsp-trk.eskimi.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=e0f56bea-2b5d-43f6-8da9-ba8578653ecd
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:52 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/
Redirect Chain
  • https://px.adhigh.net/p/cm/adpdigital
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
49 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.adhigh.net/p/cm/adpdigital?bounced=1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
193.232.150.68 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp12.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx
x-backend-id
f12-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f12-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/adpdigital?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/ 		0
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dm.hybrid.ai/match?id=177&vid=e0f56bea-2b5d-43f6-8da9-ba8578653ecd
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.23 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
113
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/ 		0
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.new-programmatic.com/userbind?src=adpartner&id=e0f56bea-2b5d-43f6-8da9-ba8578653ecd
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN29076 (CITYTELECOM-AS Filanco LTD, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 04:02:53 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007FED8442623200ACA502002C22&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FED844262C307785B024304CC
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FED844262C307785B024304CC
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
last-modified
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Tue, 29 Mar 2022 04:02:53 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007FED844262C307785B024304CC
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007FED8442623600C8A40274D635&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FED844262C307785B024304CC
43 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FED844262C307785B024304CC
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
last-modified
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Tue, 29 Mar 2022 04:02:53 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007FED844262C307785B024304CC
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=a71929b6-60de-5158-a8b7-46cecaf5c223
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=a71929b6-60de-5158-a8b7-46cecaf5c223
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
last-modified
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=a71929b6-60de-5158-a8b7-46cecaf5c223
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c496122b-ef93-5158-ab1e-7dfcc95cf911
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c496122b-ef93-5158-ab1e-7dfcc95cf911
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
last-modified
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=c496122b-ef93-5158-ab1e-7dfcc95cf911
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=52d114a3-bc6f-460e-6a30-d323a1ff280f
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=52d114a3-bc6f-460e-6a30-d323a1ff280f
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
last-modified
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=52d114a3-bc6f-460e-6a30-d323a1ff280f
date
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=cba59736-afbc-4882-6ae8-3b9bfcc0c97a
43 B
457 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=cba59736-afbc-4882-6ae8-3b9bfcc0c97a
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
last-modified
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=cba59736-afbc-4882-6ae8-3b9bfcc0c97a
date
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id}
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
43 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:53 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
date
Tue, 29 Mar 2022 04:02:53 GMT
cache-control
no-store no-transform
server
nginx
content-length
146
content-type
text/html; charset=utf-8
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/ 		365 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:56:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
21976
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 28 Mar 2023 21:56:37 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		160 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ivona.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
36e8435564fbeaa59d7c1b052cc8297092a2fce7471d86976777f7027daef8a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Tue, 29 Mar 2022 04:02:53 GMT
if
a4p.adpartner.pro/tracker/ Frame 97B4 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%7B%22apuid%22%3A%22e0f56bea-2b5d-43f6-8da9-ba8578653ecd%22%2C%22event%22%3A%22load%22%2C%22ad_id%22%3A%5B%7B%22ad_id%22%3A965090%2C%22cost%22%3A0.000131529%2C%22dsp_id%22%3A8%2C%22rule_id%22%3A0%2C%22show_id%22%3A%225149cfce-77e4-4963-89e7-b7e287d88dee%22%7D%5D%2C%22unit_id%22%3A7161%2C%22region_id%22%3A112%2C%22sub_region_id%22%3A0%2C%22city_id%22%3A0%2C%22is_refresh%22%3Afalse%2C%22apsid%22%3A%22%22%2C%22url%22%3A%22https%253A%252F%252Fivona.ua%252F%22%7D
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

server
nginx
date
Tue, 29 Mar 2022 04:02:53 GMT
content-type
image/gif
content-length
0
cache-control
no-cache, no-store, must-revalidate no-store no-transform
expires
0
pragma
no-cache
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
magic.png
bgstats.mox.tv/ 		0
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 01:46:21 GMT
x-content-type-options
nosniff
age
353792
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Mar 2023 01:46:21 GMT
KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Mar 2022 07:29:47 GMT
x-content-type-options
nosniff
age
333186
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 25 Mar 2023 07:29:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B37B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 21:47:23 GMT
expires
Tue, 28 Mar 2023 21:47:23 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
22530
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9617 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cf85b18454160224995c4f521a926909f8cbfdfc2a3182580b1d3223562f8f2f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oUaQLOnTeayDNfC3RhycTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 29 Mar 2022 04:02:53 GMT
date
Tue, 29 Mar 2022 04:02:53 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-oUaQLOnTeayDNfC3RhycTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame B414 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CLOTo9e4lkmrjQPhg5ymHybrqEBLIu9qbwCmhmmpZVcq_DI7m6JCECb4mDWF02k1-twzbmxp-qEJVWVztlsMkr4x8ggLseM9HLaL9HSn_7rgtPkvI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcmads.js
fw.adsafeprotected.com/rjss/www.googletagservices.com/995085/61697697/dcm/ Frame B414 		231 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/www.googletagservices.com/995085/61697697/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.69.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-69-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
42f0036ed1523d990f4fdcedf7a7c19e47ca4ee579adf74a1a4e8a20a9fa9c4c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
jload
pixel.adsafeprotected.com/ Frame B414 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=10933&advId=22571342&campId=55914394&pubId=1&chanId=1411859872956&placementId=415317015&dealId=549644393847897261&adsafe_par&impId=ABAjH0hB1Rx2ySdIyAZK1jvs8fNq&bidurl=https://ivona.ua/
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.39.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-39-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
d9c622624aefa41bebd149c7eb7af2d54d490b5b2e88c6b316e4ef38a8d9cc51

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame B414 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1420
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:39:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B414 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:02:53 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame B414 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 02:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5129
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 02:37:24 GMT
l
www.google.com/ads/measurement/ Frame B414 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRYNSznTLztcXsdpGZLRWbEpMFWLI-L2W7hZQaMmE7jHveyt2MrZcjhUFLSKXlctEiNKdOZMhz9hYoC0ibNpLDBMod55A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame AFD7 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGJf4hMYBMAE&v=APEucNULusoxs0UDQsZaJOkdIBmIS5haWUQ-yZ1BCbh1xDSgvp6u0Y_SBthB-zxfOgM9BJnqgQT3DutegqCcOCqgYqkJn2ZNtdonwY7UPrcECOPwIs-nAcbgGD1EhhX5MXVYFCEvsmJJCiixEW0DUHm5nkXAgSt_d_Qq5jrlS6nBmJqlDasScXM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 29 Mar 2022 04:02:53 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame B414 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5AE1qPY15zKrLN6J5rKJTycBGpDsr9WJHPhBx_5NpPHSjyL1vyU-BeTCzDDUZrejYbek3ilcBNrntlWvjOUuu7BqCOjrgPqrK0JdMQ2BvJ0RChi2v8HsvX97ugamuENbDVsU-TX-xZd1-s4BKZJz08u1FOQ&cry=1&dbm_d=AKAmf-BZUlWBLKuy4laLsDTVpVGKC7XEwGGGtEJb6Az5pKVEUJ6MNzNg7E0GDQ2Z2r2Uro32YOO0kj6ho-QoSsvaLjCVCKulWE2qLP6LC3aJQ1uFtpKEUvDz4et9oYRAikvhLzZmOFEbisjJynCXo0th90Lm7FyK3RzQGUUm44n2vGGI88-DWDvWpLUtlc7rRIC_Q2iDJho5HHAcBhfEt7LAf8OZRQdy_MtgAIVMGqI63CfPqsuoVVnjFGBeLGFjQlbyms_rRK69id-KtFK5JU2obtC7tKoMiWptsVqSm7ZzrUcE5q4kpDdEVggJQo2m38qe0NdOyzfAP5SZVIo3QKS9L3GZ4XuPFlIyk-v0FEsGeQJ5dmmREOo-rxXnXEGSgPIPOI7jdvlQoprrKl-TGgT4VGUXYmkZ7f-JAuBLMtdlzAnUfpF1gUD7Lzcq5LPiunImJr5uJg0xCxJ630hm4oMLDcYcndMcb11aKJlN8CC-CyqESHwxXPhMQSlmV3vzxPBGQ4clpjQzowBiouo88gWTLdbWZ2TB7QFvR83gZkQmIxDfEaoikE965YKNciB8pVfyjEfPz2sevh7NkwcAd0dgj7d40B9uZP3j6EgIS45WCph3Xz11mas9arerd_0z8Xh59EisqYtw_Q6YfhfjY3D4rwZUQccTmf3AubvT6Wz5acyyqfyDBMF6rWElWzRFFIVd51sbkglULD4DrcvliHCgNmwsuc6sLpXZ0O5Ct8xE-TpTOLMMOrEBqDOrOrwx9N5peh-ry9Acg4ixp-jhLlYkTvW-9J6B5EHcFKPtkcxr1IgV31W96CU7Pv33vBkJ0bkDIM3R_T9sQWYVBTIL2QqQCW3Gcas-x2HM3y1ilZVxKL0uR_R4s9xrnskRJwbeQCQo057tDm7Wn5cpifg28Acu3BI0Yq53eec3j0qNTa9sx3rAgN7amg1zaOFT2UWsLf9vKpBUj6jzwQiU65SYeH6nW7DBRGGXA2Ofh0084ZgjGG8S28y8Iut28M4wbK_KzXsBAOoFTB-qdVzOdlyGr2-hIJGFxvYcMRVSAzZcs6a86YuWjt34ceE9DTpt56d2qcu4wsjfLX4HscoQbueWmhpKkJp2cZVWr_qZVMjlC_M3svvNG75mH_sQDwALjxTrwb9IqABLy7e9gWCKRsFCYgjYLLDVKNEQ4kkZX4OXfmfowfkcvdyTkEBYNcnlt8HkyVme2gPqMNz85-nHh3QmXQhX06Y_oOpL18Iq5hcn1i3x-HhKtr0VO6TPWDwr0NjZOcdJqNS-kNqoGzghFjL_mmzVRGKDNQ6spH8H_MvhvrodDCo2lviGz13Hyrt-bsYux9FA151Afmm9PYjS3fNcQ89XYFU4tD3mf4i17sVqTSgesvdsui9YtALfHFxM9nEp6Mn18oeXrwuoaMkSPJrKGpRluSsriGj755WUpjtm9xy1fxXMzrVAJtYNgXI6g2KxX5IOWRQgvUUXq3LazuiXfgJ941bxatZg2b99E4_wJ0fVYIr_euX0ryIADftB0S0dyYuFCFLH9YRFiq65KvzO-SjjfuFu3x8cs2BxS0Ail4NB18S-o7NHrWE5dMFurMXoZ8QEuOTP7QH7ZOuEwliRbLH4QcqNze0OiwftMJLImcvUOMdDvFynP2-5K0j40M75h1LFCWHUUzpLyeQJ7A6oYhVwdRvSl_qdLVGOqrZ2UspV8tQUev5iOmujV_dnPdnkrs9RvnbNFZakRfqYfCuB7AXrprEasirShePtAucmDjrepntd0ybbTCoVWPhrea9rlywZOTLEOV3gunFT9Xgp6HZkLodd6ygAzMnnuEflDMXfGq-Pv30hwLPAFBXWiztWwcPFCLhkVndfDOJCRYMsd7k3f4aaRdQXH2crSe96f6EKNICIWPmA6_1v_K1ajrDinYpqSv7AurVtFNqjd0JtwtZpUOrEwvtrP3GMJm2S4YGM0eJliN-ktGCA1yOC5BHIlUnw9G0uIvJaytCWFUmmQNP9XhsPpGCLF8CO07mKZMOljXQlCMKTn-j5y3KXQyjH1cQCrlHmq2ZQpTlGzU17N7oa5wTQIhqfrehsn24WJ8II5Ma-phy57kdmY5CGWAORt5S65kchsimdBNHnuX_tKhEAxhjori7I7hi215SVAnclNTM1pHGqAGRSsmW4NpaGYBzbgm5TM-a1G8DIYydISgq7RNF9s8xx2MBN8caHVcseN6XAKdsN-BHCFTCxoNCj88uQJ3u20XQzx5cXXmleyjKTzaQlS0PQaS2YAM3n_ai12uX-AKF9HH490GElqcew4Y7vutko8Lo-hLZ_ig6wwdpmzw65-EGHCmSDLep8KCMm8ayH7NznN_IYpOJdlN6fDo76Y3j59NEQ86bJm_J4REw_Q5M0eHGCrSLRYwRJhiiRGPhyn7Ihg2qizqk2mP-ZvzI7DqJlymWEht0ev5SVG7gDhvIv_auPGRzluVdZuK4STVJ7mcqHpJ80VI0z6NtZKTB_7oo7AaRogNPnWY1y3svA5OmN6klUBL9-TIF6NxYguzpOwX85nOR0y3NcEGR-BCuHIz3s3O241FFX04cECjuTa2do8CP000Gyh_GgUM1TQudPMFJK0MdsnNKiu8VVUf7kJid43LBPMNxMpeUIFrz_unPQHoCpAoGr68qqJxdZ_eBCxg_7fxdB8N6O6ukmGIt2LrVkKhOMSenBfdlNF3mgxovwpk-NlATSuldxn8BQw_B9MWT_ukIaYSolG15tZJlp17kBxoOPcPJx7yhFOkSB0t3u-doBO7TDRNygL9pxyIqKCVRJsbP7-cl0Krwp2Tyr21dFFpHXezlmNQl4jJcCC_3bzfGyqr-9c1Vdruz8zAw1Y6-9lcJFeP5hZueZ8ogo5ENsNc90czbHxUdq_q9x_ES60zOx7PKFKa1CwGUGwD80K13HVNvogsESBAwHgVWQ54Ida2uHlma1SX6c_uU8c5XNXqfHAw3-lVMn4jgolIApZ0ZA_Izism9E17puorLTBSKgPpw4qlqMsWwKp5gith4PXWi4UtVptNuQBCkM78O2jsLeE0vM6-hdNtQb1B54_wKl_kDQqt8e4RhzPXdfvJxCFY1_LCvXSz5NuuX8DtLRMmgg6rNWqJj-meVZS6yltMQJ4_f6DujHSsN_qqlNVqoPWmiUwg&cid=CAASJORo8xXPkfT3u6gzrEmGuNoo3JSUYulfrYNjMFKNtVDkndnyhA&rfl=2%2Chttps%253A%252F%252Fivona.ua%242%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd00440f6da93229b6f0fba9599508cf1e3abe53ab8aa61f5f0f929f32ef79d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16374
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm.html
pa.tns-ua.com/viewability/ Frame D2A3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pa.tns-ua.com/viewability/cm.html
Requested by
Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx/1.13.0
date
Tue, 29 Mar 2022 04:02:53 GMT
content-type
text/html; charset=utf-8
last-modified
Fri, 22 Jun 2018 10:14:36 GMT
etag
W/"5b2ccc0c-b5f"
content-encoding
gzip
rum
dsum-sec.casalemedia.com/ Frame AFD7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLFA65zAXwWnX37xhRfv0s&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLFA65zAXwWnX37xhRfv0s&google_cver=1&C=1
43 B
1012 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLFA65zAXwWnX37xhRfv0s&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGJf4hMYBMAE&v=APEucNULusoxs0UDQsZaJOkdIBmIS5haWUQ-yZ1BCbh1xDSgvp6u0Y_SBthB-zxfOgM9BJnqgQT3DutegqCcOCqgYqkJn2ZNtdonwY7UPrcECOPwIs-nAcbgGD1EhhX5MXVYFCEvsmJJCiixEW0DUHm5nkXAgSt_d_Qq5jrlS6nBmJqlDasScXM
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:02:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 29 Mar 2022 04:02:53 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:02:53 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLFA65zAXwWnX37xhRfv0s&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Tue, 29 Mar 2022 04:02:53 GMT
rum
dsum-sec.casalemedia.com/ Frame AFD7
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkKE7Z46PoB8N0qwNdGtnAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLFA65zAXwWnX37xhRfv0s&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLFA65zAXwWnX37xhRfv0s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGJf4hMYBMAE&v=APEucNULusoxs0UDQsZaJOkdIBmIS5haWUQ-yZ1BCbh1xDSgvp6u0Y_SBthB-zxfOgM9BJnqgQT3DutegqCcOCqgYqkJn2ZNtdonwY7UPrcECOPwIs-nAcbgGD1EhhX5MXVYFCEvsmJJCiixEW0DUHm5nkXAgSt_d_Qq5jrlS6nBmJqlDasScXM
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:02:53 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 29 Mar 2022 04:02:53 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEPLFA65zAXwWnX37xhRfv0s&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame AFD7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEKMnzl0bnC3Z0gQNhu93Omk&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEKMnzl0bnC3Z0gQNhu93Omk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGJf4hMYBMAE&v=APEucNULusoxs0UDQsZaJOkdIBmIS5haWUQ-yZ1BCbh1xDSgvp6u0Y_SBthB-zxfOgM9BJnqgQT3DutegqCcOCqgYqkJn2ZNtdonwY7UPrcECOPwIs-nAcbgGD1EhhX5MXVYFCEvsmJJCiixEW0DUHm5nkXAgSt_d_Qq5jrlS6nBmJqlDasScXM
Protocol
HTTP/1.1
Server
185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:02:53 GMT
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b9260e43-2b5f-4441-8282-b71be033bb3e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEKMnzl0bnC3Z0gQNhu93Omk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AFD7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0NjM4MDQ5NDQ4OTQ0OTkxNg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0NjM4MDQ5NDQ4OTQ0OTkxNg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COHNHRDztckCGJf4hMYBMAE&v=APEucNULusoxs0UDQsZaJOkdIBmIS5haWUQ-yZ1BCbh1xDSgvp6u0Y_SBthB-zxfOgM9BJnqgQT3DutegqCcOCqgYqkJn2ZNtdonwY7UPrcECOPwIs-nAcbgGD1EhhX5MXVYFCEvsmJJCiixEW0DUHm5nkXAgSt_d_Qq5jrlS6nBmJqlDasScXM
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:02:53 GMT
X-Proxy-Origin
217.138.196.106; 217.138.196.106; 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cdf2a196-d7d1-4959-a5dd-45d5f7d322c7
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODQ0NjM4MDQ5NDQ4OTQ0OTkxNg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/ Frame B414 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5AE1qPY15zKrLN6J5rKJTycBGpDsr9WJHPhBx_5NpPHSjyL1vyU-BeTCzDDUZrejYbek3ilcBNrntlWvjOUuu7BqCOjrgPqrK0JdMQ2BvJ0RChi2v8HsvX97ugamuENbDVsU-TX-xZd1-s4BKZJz08u1FOQ&cry=1&dbm_d=AKAmf-BZUlWBLKuy4laLsDTVpVGKC7XEwGGGtEJb6Az5pKVEUJ6MNzNg7E0GDQ2Z2r2Uro32YOO0kj6ho-QoSsvaLjCVCKulWE2qLP6LC3aJQ1uFtpKEUvDz4et9oYRAikvhLzZmOFEbisjJynCXo0th90Lm7FyK3RzQGUUm44n2vGGI88-DWDvWpLUtlc7rRIC_Q2iDJho5HHAcBhfEt7LAf8OZRQdy_MtgAIVMGqI63CfPqsuoVVnjFGBeLGFjQlbyms_rRK69id-KtFK5JU2obtC7tKoMiWptsVqSm7ZzrUcE5q4kpDdEVggJQo2m38qe0NdOyzfAP5SZVIo3QKS9L3GZ4XuPFlIyk-v0FEsGeQJ5dmmREOo-rxXnXEGSgPIPOI7jdvlQoprrKl-TGgT4VGUXYmkZ7f-JAuBLMtdlzAnUfpF1gUD7Lzcq5LPiunImJr5uJg0xCxJ630hm4oMLDcYcndMcb11aKJlN8CC-CyqESHwxXPhMQSlmV3vzxPBGQ4clpjQzowBiouo88gWTLdbWZ2TB7QFvR83gZkQmIxDfEaoikE965YKNciB8pVfyjEfPz2sevh7NkwcAd0dgj7d40B9uZP3j6EgIS45WCph3Xz11mas9arerd_0z8Xh59EisqYtw_Q6YfhfjY3D4rwZUQccTmf3AubvT6Wz5acyyqfyDBMF6rWElWzRFFIVd51sbkglULD4DrcvliHCgNmwsuc6sLpXZ0O5Ct8xE-TpTOLMMOrEBqDOrOrwx9N5peh-ry9Acg4ixp-jhLlYkTvW-9J6B5EHcFKPtkcxr1IgV31W96CU7Pv33vBkJ0bkDIM3R_T9sQWYVBTIL2QqQCW3Gcas-x2HM3y1ilZVxKL0uR_R4s9xrnskRJwbeQCQo057tDm7Wn5cpifg28Acu3BI0Yq53eec3j0qNTa9sx3rAgN7amg1zaOFT2UWsLf9vKpBUj6jzwQiU65SYeH6nW7DBRGGXA2Ofh0084ZgjGG8S28y8Iut28M4wbK_KzXsBAOoFTB-qdVzOdlyGr2-hIJGFxvYcMRVSAzZcs6a86YuWjt34ceE9DTpt56d2qcu4wsjfLX4HscoQbueWmhpKkJp2cZVWr_qZVMjlC_M3svvNG75mH_sQDwALjxTrwb9IqABLy7e9gWCKRsFCYgjYLLDVKNEQ4kkZX4OXfmfowfkcvdyTkEBYNcnlt8HkyVme2gPqMNz85-nHh3QmXQhX06Y_oOpL18Iq5hcn1i3x-HhKtr0VO6TPWDwr0NjZOcdJqNS-kNqoGzghFjL_mmzVRGKDNQ6spH8H_MvhvrodDCo2lviGz13Hyrt-bsYux9FA151Afmm9PYjS3fNcQ89XYFU4tD3mf4i17sVqTSgesvdsui9YtALfHFxM9nEp6Mn18oeXrwuoaMkSPJrKGpRluSsriGj755WUpjtm9xy1fxXMzrVAJtYNgXI6g2KxX5IOWRQgvUUXq3LazuiXfgJ941bxatZg2b99E4_wJ0fVYIr_euX0ryIADftB0S0dyYuFCFLH9YRFiq65KvzO-SjjfuFu3x8cs2BxS0Ail4NB18S-o7NHrWE5dMFurMXoZ8QEuOTP7QH7ZOuEwliRbLH4QcqNze0OiwftMJLImcvUOMdDvFynP2-5K0j40M75h1LFCWHUUzpLyeQJ7A6oYhVwdRvSl_qdLVGOqrZ2UspV8tQUev5iOmujV_dnPdnkrs9RvnbNFZakRfqYfCuB7AXrprEasirShePtAucmDjrepntd0ybbTCoVWPhrea9rlywZOTLEOV3gunFT9Xgp6HZkLodd6ygAzMnnuEflDMXfGq-Pv30hwLPAFBXWiztWwcPFCLhkVndfDOJCRYMsd7k3f4aaRdQXH2crSe96f6EKNICIWPmA6_1v_K1ajrDinYpqSv7AurVtFNqjd0JtwtZpUOrEwvtrP3GMJm2S4YGM0eJliN-ktGCA1yOC5BHIlUnw9G0uIvJaytCWFUmmQNP9XhsPpGCLF8CO07mKZMOljXQlCMKTn-j5y3KXQyjH1cQCrlHmq2ZQpTlGzU17N7oa5wTQIhqfrehsn24WJ8II5Ma-phy57kdmY5CGWAORt5S65kchsimdBNHnuX_tKhEAxhjori7I7hi215SVAnclNTM1pHGqAGRSsmW4NpaGYBzbgm5TM-a1G8DIYydISgq7RNF9s8xx2MBN8caHVcseN6XAKdsN-BHCFTCxoNCj88uQJ3u20XQzx5cXXmleyjKTzaQlS0PQaS2YAM3n_ai12uX-AKF9HH490GElqcew4Y7vutko8Lo-hLZ_ig6wwdpmzw65-EGHCmSDLep8KCMm8ayH7NznN_IYpOJdlN6fDo76Y3j59NEQ86bJm_J4REw_Q5M0eHGCrSLRYwRJhiiRGPhyn7Ihg2qizqk2mP-ZvzI7DqJlymWEht0ev5SVG7gDhvIv_auPGRzluVdZuK4STVJ7mcqHpJ80VI0z6NtZKTB_7oo7AaRogNPnWY1y3svA5OmN6klUBL9-TIF6NxYguzpOwX85nOR0y3NcEGR-BCuHIz3s3O241FFX04cECjuTa2do8CP000Gyh_GgUM1TQudPMFJK0MdsnNKiu8VVUf7kJid43LBPMNxMpeUIFrz_unPQHoCpAoGr68qqJxdZ_eBCxg_7fxdB8N6O6ukmGIt2LrVkKhOMSenBfdlNF3mgxovwpk-NlATSuldxn8BQw_B9MWT_ukIaYSolG15tZJlp17kBxoOPcPJx7yhFOkSB0t3u-doBO7TDRNygL9pxyIqKCVRJsbP7-cl0Krwp2Tyr21dFFpHXezlmNQl4jJcCC_3bzfGyqr-9c1Vdruz8zAw1Y6-9lcJFeP5hZueZ8ogo5ENsNc90czbHxUdq_q9x_ES60zOx7PKFKa1CwGUGwD80K13HVNvogsESBAwHgVWQ54Ida2uHlma1SX6c_uU8c5XNXqfHAw3-lVMn4jgolIApZ0ZA_Izism9E17puorLTBSKgPpw4qlqMsWwKp5gith4PXWi4UtVptNuQBCkM78O2jsLeE0vM6-hdNtQb1B54_wKl_kDQqt8e4RhzPXdfvJxCFY1_LCvXSz5NuuX8DtLRMmgg6rNWqJj-meVZS6yltMQJ4_f6DujHSsN_qqlNVqoPWmiUwg&cid=CAASJORo8xXPkfT3u6gzrEmGuNoo3JSUYulfrYNjMFKNtVDkndnyhA&rfl=2%2Chttps%253A%252F%252Fivona.ua%242%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
532
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:54:01 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B414 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5AE1qPY15zKrLN6J5rKJTycBGpDsr9WJHPhBx_5NpPHSjyL1vyU-BeTCzDDUZrejYbek3ilcBNrntlWvjOUuu7BqCOjrgPqrK0JdMQ2BvJ0RChi2v8HsvX97ugamuENbDVsU-TX-xZd1-s4BKZJz08u1FOQ&cry=1&dbm_d=AKAmf-BZUlWBLKuy4laLsDTVpVGKC7XEwGGGtEJb6Az5pKVEUJ6MNzNg7E0GDQ2Z2r2Uro32YOO0kj6ho-QoSsvaLjCVCKulWE2qLP6LC3aJQ1uFtpKEUvDz4et9oYRAikvhLzZmOFEbisjJynCXo0th90Lm7FyK3RzQGUUm44n2vGGI88-DWDvWpLUtlc7rRIC_Q2iDJho5HHAcBhfEt7LAf8OZRQdy_MtgAIVMGqI63CfPqsuoVVnjFGBeLGFjQlbyms_rRK69id-KtFK5JU2obtC7tKoMiWptsVqSm7ZzrUcE5q4kpDdEVggJQo2m38qe0NdOyzfAP5SZVIo3QKS9L3GZ4XuPFlIyk-v0FEsGeQJ5dmmREOo-rxXnXEGSgPIPOI7jdvlQoprrKl-TGgT4VGUXYmkZ7f-JAuBLMtdlzAnUfpF1gUD7Lzcq5LPiunImJr5uJg0xCxJ630hm4oMLDcYcndMcb11aKJlN8CC-CyqESHwxXPhMQSlmV3vzxPBGQ4clpjQzowBiouo88gWTLdbWZ2TB7QFvR83gZkQmIxDfEaoikE965YKNciB8pVfyjEfPz2sevh7NkwcAd0dgj7d40B9uZP3j6EgIS45WCph3Xz11mas9arerd_0z8Xh59EisqYtw_Q6YfhfjY3D4rwZUQccTmf3AubvT6Wz5acyyqfyDBMF6rWElWzRFFIVd51sbkglULD4DrcvliHCgNmwsuc6sLpXZ0O5Ct8xE-TpTOLMMOrEBqDOrOrwx9N5peh-ry9Acg4ixp-jhLlYkTvW-9J6B5EHcFKPtkcxr1IgV31W96CU7Pv33vBkJ0bkDIM3R_T9sQWYVBTIL2QqQCW3Gcas-x2HM3y1ilZVxKL0uR_R4s9xrnskRJwbeQCQo057tDm7Wn5cpifg28Acu3BI0Yq53eec3j0qNTa9sx3rAgN7amg1zaOFT2UWsLf9vKpBUj6jzwQiU65SYeH6nW7DBRGGXA2Ofh0084ZgjGG8S28y8Iut28M4wbK_KzXsBAOoFTB-qdVzOdlyGr2-hIJGFxvYcMRVSAzZcs6a86YuWjt34ceE9DTpt56d2qcu4wsjfLX4HscoQbueWmhpKkJp2cZVWr_qZVMjlC_M3svvNG75mH_sQDwALjxTrwb9IqABLy7e9gWCKRsFCYgjYLLDVKNEQ4kkZX4OXfmfowfkcvdyTkEBYNcnlt8HkyVme2gPqMNz85-nHh3QmXQhX06Y_oOpL18Iq5hcn1i3x-HhKtr0VO6TPWDwr0NjZOcdJqNS-kNqoGzghFjL_mmzVRGKDNQ6spH8H_MvhvrodDCo2lviGz13Hyrt-bsYux9FA151Afmm9PYjS3fNcQ89XYFU4tD3mf4i17sVqTSgesvdsui9YtALfHFxM9nEp6Mn18oeXrwuoaMkSPJrKGpRluSsriGj755WUpjtm9xy1fxXMzrVAJtYNgXI6g2KxX5IOWRQgvUUXq3LazuiXfgJ941bxatZg2b99E4_wJ0fVYIr_euX0ryIADftB0S0dyYuFCFLH9YRFiq65KvzO-SjjfuFu3x8cs2BxS0Ail4NB18S-o7NHrWE5dMFurMXoZ8QEuOTP7QH7ZOuEwliRbLH4QcqNze0OiwftMJLImcvUOMdDvFynP2-5K0j40M75h1LFCWHUUzpLyeQJ7A6oYhVwdRvSl_qdLVGOqrZ2UspV8tQUev5iOmujV_dnPdnkrs9RvnbNFZakRfqYfCuB7AXrprEasirShePtAucmDjrepntd0ybbTCoVWPhrea9rlywZOTLEOV3gunFT9Xgp6HZkLodd6ygAzMnnuEflDMXfGq-Pv30hwLPAFBXWiztWwcPFCLhkVndfDOJCRYMsd7k3f4aaRdQXH2crSe96f6EKNICIWPmA6_1v_K1ajrDinYpqSv7AurVtFNqjd0JtwtZpUOrEwvtrP3GMJm2S4YGM0eJliN-ktGCA1yOC5BHIlUnw9G0uIvJaytCWFUmmQNP9XhsPpGCLF8CO07mKZMOljXQlCMKTn-j5y3KXQyjH1cQCrlHmq2ZQpTlGzU17N7oa5wTQIhqfrehsn24WJ8II5Ma-phy57kdmY5CGWAORt5S65kchsimdBNHnuX_tKhEAxhjori7I7hi215SVAnclNTM1pHGqAGRSsmW4NpaGYBzbgm5TM-a1G8DIYydISgq7RNF9s8xx2MBN8caHVcseN6XAKdsN-BHCFTCxoNCj88uQJ3u20XQzx5cXXmleyjKTzaQlS0PQaS2YAM3n_ai12uX-AKF9HH490GElqcew4Y7vutko8Lo-hLZ_ig6wwdpmzw65-EGHCmSDLep8KCMm8ayH7NznN_IYpOJdlN6fDo76Y3j59NEQ86bJm_J4REw_Q5M0eHGCrSLRYwRJhiiRGPhyn7Ihg2qizqk2mP-ZvzI7DqJlymWEht0ev5SVG7gDhvIv_auPGRzluVdZuK4STVJ7mcqHpJ80VI0z6NtZKTB_7oo7AaRogNPnWY1y3svA5OmN6klUBL9-TIF6NxYguzpOwX85nOR0y3NcEGR-BCuHIz3s3O241FFX04cECjuTa2do8CP000Gyh_GgUM1TQudPMFJK0MdsnNKiu8VVUf7kJid43LBPMNxMpeUIFrz_unPQHoCpAoGr68qqJxdZ_eBCxg_7fxdB8N6O6ukmGIt2LrVkKhOMSenBfdlNF3mgxovwpk-NlATSuldxn8BQw_B9MWT_ukIaYSolG15tZJlp17kBxoOPcPJx7yhFOkSB0t3u-doBO7TDRNygL9pxyIqKCVRJsbP7-cl0Krwp2Tyr21dFFpHXezlmNQl4jJcCC_3bzfGyqr-9c1Vdruz8zAw1Y6-9lcJFeP5hZueZ8ogo5ENsNc90czbHxUdq_q9x_ES60zOx7PKFKa1CwGUGwD80K13HVNvogsESBAwHgVWQ54Ida2uHlma1SX6c_uU8c5XNXqfHAw3-lVMn4jgolIApZ0ZA_Izism9E17puorLTBSKgPpw4qlqMsWwKp5gith4PXWi4UtVptNuQBCkM78O2jsLeE0vM6-hdNtQb1B54_wKl_kDQqt8e4RhzPXdfvJxCFY1_LCvXSz5NuuX8DtLRMmgg6rNWqJj-meVZS6yltMQJ4_f6DujHSsN_qqlNVqoPWmiUwg&cid=CAASJORo8xXPkfT3u6gzrEmGuNoo3JSUYulfrYNjMFKNtVDkndnyhA&rfl=2%2Chttps%253A%252F%252Fivona.ua%242%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 09:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66747
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Mar 2023 09:30:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9617 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220324&jk=3509201282370956&rc=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
pagead2.googlesyndication.com/bg/ Frame B37B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 20:32:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
27008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13638
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 20:32:45 GMT
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx/1.18.0
content-length
36
content-type
application/json
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
131 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=037AA113CC9843B28CC0F80698867D8A&time=1648526572987&location=https%3A%2F%2Fivona.ua%2F&referrer=&is_flash=0&session_id=546649480&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=holder&param1=~cm_timer~&param2=0&param3=1200&param5=2&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Mar 2022 04:02:53 GMT
server
nginx/1.18.0
content-length
36
content-type
application/json
pic.gif
pa.tns-ua.com/bug/ 		56 B
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pa.tns-ua.com/bug/pic.gif?uid=037AA113CC9843B28CC0F80698867D8A&time=1648526573367
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
cache-control
no-cache
server
nginx/1.13.0
expires
Thu, 01 Jan 1970 00:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AB78 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 09:31:07 GMT
expires
Tue, 28 Mar 2023 09:31:07 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
66706
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
pagead2.googlesyndication.com/bg/ Frame AB78 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 20:32:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
27008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13638
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 20:32:45 GMT
generate_204
tpc.googlesyndication.com/ Frame B37B 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pKpoEA
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
dcmads.js
www.googletagservices.com/dcm/ Frame B414
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/www.googletagservices.com/995085/61697697/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fivona.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fivona.ua%2F&adsafe_type=e&adsafe_...
  • https://www.googletagservices.com/dcm/dcmads.js
11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2878
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5008
x-xss-protection
0
last-modified
Thu, 24 Feb 2022 18:23:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:14:55 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
x-server-name
app03.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://www.googletagservices.com/dcm/dcmads.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame D604 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2246:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
3593090
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 06d6f648c97d8c16ca5220ea2f4edf86.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P1
content-type
application/javascript
x-amz-cf-id
tmOaTQk-ho2GIzUfdc0PXROGRpLSl9h95s6eTRnQUpuPglIkHblZWg==
dt
dt.adsafeprotected.com/ Frame B414 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=b594bdda-c9c7-30cb-171d-ebe628589393&tv=%7Bc:8dGSja,pingTime:-3,time:50,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:50,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B45~0%5D,as:%5B45~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.995085-61697697%7C1i11%7C1i12%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m%7C1n,idMap:1i1*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=b594bdda-c9c7-30cb-171d-ebe628589393&tv=%7Bc:8dGSjb,pingTime:-6,time:51,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:51,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.995085-61697697%7C1i11%7C1i12%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m%7C1n,idMap:1i1*,rmeas:1,rend:0,renddet:svg.us%7D&tpiLookup=ao:ivona.ua*%2Civona.ua*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
prebid.1.2.aspx
inv-nets.admixer.net/ 		42 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Mar 2022 04:02:53 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://ivona.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
prebid.1.2.aspx
inv-nets.admixer.net/ 		42 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 29 Mar 2022 04:02:53 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://ivona.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=ivona.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ivona.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3184350614233474&correlator=282487333871096&eid=31064836%2C31065402%2C31063247&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_ivona.ua_S_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=2&adks=2377197373&sfv=1-0-38&ecs=20220329&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&abxe=1&dt=1648526573670&lmt=1648526573&dlt=1648526571649&idt=1923&biw=1600&bih=1200&adxs=1050&adys=1208&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=676794910&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4f98188ccc14e9a5390a01c8d676ab9699e41e1a8f593a2d974f9413225be4d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8666
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		453 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3184350614233474&correlator=282487333871096&eid=31064836%2C31065402%2C31063247&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_ivona.ua_S_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=3&adks=3596518892&sfv=1-0-38&ecs=20220329&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&abxe=1&dt=1648526573679&lmt=1648526573&dlt=1648526571649&idt=1923&biw=1600&bih=1200&adxs=2250&adys=1208&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=676794910&ga_fc=true&btvi=2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9ea2b1bc53a99795110fda3c9c7777868faa878c496901d039df158cdebc70a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		422 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3184350614233474&correlator=282487333871096&eid=31064836%2C31065402%2C31063247&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.ua_S_ww_%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=379067154&sfv=1-0-38&ecs=20220329&fsapi=false&sc=1&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&abxe=1&dt=1648526573682&lmt=1648526573&dlt=1648526571649&idt=1923&biw=1600&bih=1200&adxs=3450&adys=1208&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=676794910&ga_fc=true&btvi=3&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c1088fc8df45d28a28dd65a0b4ad3022be4eda0cb84458c81e47ebc77824ec11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
231
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		124 KB
39 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3184350614233474&correlator=282487333871096&eid=31064836%2C31065402%2C31063247&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Civona.bigmir.net_S_WW_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=1326201924&sfv=1-0-38&ecs=20220329&fsapi=false&sc=1&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&abxe=1&dt=1648526573685&lmt=1648526573&dlt=1648526571649&idt=1923&biw=1600&bih=1200&adxs=4650&adys=1208&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=676794910&ga_fc=true&btvi=4&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9e770586901ced365e1f42f570a51ce172b5bead7d3c2d650d56171270236fb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39410
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		438 B
266 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3184350614233474&correlator=282487333871096&eid=31064836%2C31065402%2C31063247&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_ivona.ua_banner_300x600_WW&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=6&adks=2736770958&sfv=1-0-38&ecs=20220329&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&abxe=1&dt=1648526573687&lmt=1648526573&dlt=1648526571649&idt=1923&biw=1600&bih=1200&adxs=2330&adys=714&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=676794910&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
10170c539294ae2894b51415541b5f8ec5d973447f88fa42a0507ee2c5ec162b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3184350614233474&correlator=282487333871096&eid=31064836%2C31065402%2C31063247&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.bigmir.net%2C300x600_ww&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=7&adks=2121196142&sfv=1-0-38&ecs=20220329&fsapi=false&sc=1&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&abxe=1&dt=1648526573689&lmt=1648526573&dlt=1648526571649&idt=1923&biw=1600&bih=1200&adxs=3830&adys=714&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=676794910&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
d3d194f07bacec16b798ed587e9efdbc8f37507f6a5f1c236c2a3de4c2ec892c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8267
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		452 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3184350614233474&correlator=282487333871096&eid=31064836%2C31065402%2C31063247&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_ivona.ua_banner_300x600_WW&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=8&adks=4117081910&sfv=1-0-38&ecs=20220329&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&abxe=1&dt=1648526573690&lmt=1648526573&dlt=1648526571649&idt=1923&biw=1600&bih=1200&adxs=5330&adys=714&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=676794910&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
4bdcb4278670deec323fd239bda3e1be5e8e29a5d8fcf55b8c8f5828d54c9041
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
238
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		422 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3184350614233474&correlator=282487333871096&eid=31064836%2C31065402%2C31063247&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.ua_300x600_WW_%2C300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=9&adks=723076419&sfv=1-0-38&ecs=20220329&fsapi=false&sc=1&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&abxe=1&dt=1648526573692&lmt=1648526573&dlt=1648526571649&idt=1923&biw=1600&bih=1200&adxs=6830&adys=714&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=676794910&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
007d95e83b813a6354f3308188fc514c79070647c53f1e61a08b23debcce50b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
227
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		124 KB
38 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3184350614233474&correlator=282487333871096&eid=31064836%2C31065402%2C31063247&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Civona.ua_300x600_WW&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=10&adks=4007341104&sfv=1-0-38&ecs=20220329&fsapi=false&sc=1&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&abxe=1&dt=1648526573694&lmt=1648526573&dlt=1648526571649&idt=1923&biw=1600&bih=1200&adxs=8330&adys=714&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=676794910&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
5980440538506168aeab524e11d7566397592005bfb4c57bdd670f1d3441c061
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39258
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AC25 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 29 Mar 2022 04:02:53 GMT
expires
Wed, 29 Mar 2023 04:02:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=b594bdda-c9c7-30cb-171d-ebe628589393&tv=%7Bc:8dGSlP,pingTime:-2,time:215,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:320,mdZ:570,beA:584,beZ:585,mfA:587,cmA:588,inA:588,inZ:591,prA:591,prZ:599,si:605,poA:606,poZ:626,cmZ:626,mfZ:626,loA:635,loZ:637,ltA:799,ltZ:799%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:215,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B211~0%5D,as:%5B211~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.995085-61697697%7C1i11%7C1i12%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m%7C1n,idMap:1i1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,sinceFw:193,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=98b8df611fd045c68d9c8d6855a92441&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=502e6f57-46a6-4d2e-ab74-08b2c4c46411&hp=-370074540&page=ivona.ua%2F&segments=5%2C1%2C490&ts=637841233724936511&ap=OA%3D%3D&asign=573232197&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=3307e8b1-e117-41c5-8f2f-fb7fe0668df7&ip=217.138.196.106&item=08C00FAB-E6A6-4787-A1BA-A1848F9630CB&crid=08C00FAB-E6A6-4787-A1BA-A1848F9630CB&size=728x90&profile=C87AA202-A622-463B-98B8-FBABB05C7EEA&isopt=0&adv=N%2FA&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:53 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=89ccbdfd-1266-46c2-a1de-466d0d5c1f57
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 04:02:53 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=e7702231-2e98-4fd2-8c48-2b474cab0363
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 04:02:53 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=d9675bdf-cf85-4051-92db-9ca047f83379
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 04:02:53 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
/
c.idealmedia.io/pv/ 		0
305 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.idealmedia.io/pv/?pv=5&cbuster=1648526573775841360446&uniqId=0a3c9&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=624284ee-00207&pageView=1&pvid=17fd3d740cf98a007f6&site=466737&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6f35b66e39ea54ca-MAN
impl_v85.js
www.googletagservices.com/dcm/ Frame B414 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v85.js
Requested by
Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/www.googletagservices.com/995085/61697697/dcm/dcmads.js?adsafe_url=https%3A%2F%2Fivona.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fivona.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3755662197386269%26output%3Dhtml%26h%3D90%26slotname%3D1162504554%26adk%3D739537396%26adf%3D2751417948%26pi%3Dt.ma~as.1162504554%26w%3D728%26psa%3D0%26format%3D728x90%26url%3Dhttps%253A%252F%252Fivona.ua%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1648526572785%26bpp%3D3%26bdt%3D98%26idt%3D131%26shv%3Dr20220324%26mjsv%3Dm202203240101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D6c7be81ad532e759-228c3fdc67cd00a9%253AT%253D1648526572%253ART%253D1648526572%253AS%253DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog%26correlator%3D6558247461018%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D865945863.1648526572%26ga_sid%3D1648526573%26ga_hid%3D360553944%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D5%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D4020834182%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760474%252C31065921%26oid%3D2%26pvsid%3D3509201282370956%26pem%3D967%26tmod%3D70198816%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.6dmv0lolheqd%26fsb%3D1%26dtd%3D143&adsafe_type=d&adsafe_jsinfo=,id:b594bdda-c9c7-30cb-171d-ebe628589393,c:8dGSiG,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-79447dc6f8-k57rp,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:2,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.995085-61697697%7C1i11%7C1i12%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m%7C1n,idMap:1i1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:svg.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:21,oid:1b9a65ba-af15-11ec-b13a-66057b3a6667,v:19.8.299,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 22:14:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107278
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17382
x-xss-protection
0
last-modified
Mon, 21 Feb 2022 17:13:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 27 Mar 2023 22:14:55 GMT
im_logo_mini_43x20.svg
cdn.idealmedia.io/images/ 		1 KB
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idealmedia.io/images/im_logo_mini_43x20.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 May 2020 12:16:51 GMT
server
cloudflare
age
5740
etag
W/"ff394e3a03921d25c2f03e03046bf506"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f35b66e9a2154ca-MAN
x-amz-request-id
SDN7FJWTKC326PCD
x-amz-id-2
W2kn4FJERiTQZMz9V8pMlvEHGc7TMPz5ZsnixYs0QdH4fxNXyyuYwKTgDsh0d2GMVSzhEAJ9d80=
expires
Tue, 29 Mar 2022 08:02:53 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v16/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 19:41:16 GMT
x-content-type-options
nosniff
age
462097
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 19:41:16 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AB78 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BGR-k7YRCYuK0EZ3D7_UPqMCS2AYAAAAAOAHgBAI&bg=!Y2ClYCTNAAbzJazn0yU7ACkAdvg8WuhxX-ihY0JfdnjS6xTpXgOkeTOYRr1kmwgwKIQ6metWEwqYnAIAAABmUgAAAAFoAQeZAw7G5VRB7CN69xi1HcaPvK5uX1ke-wEFwz1iexBlEBeqQxiPnWY8fPMMBE_j0rk9QyOE4EYYlaK8Z8k1fSLMyineqWPLZK6cNBDIx6efP8Cfzd7LcTJryIAJ-GJSEMcXt2qbiufZ7S3EYBHu7KCcT2ePRL1cRtJ7S-lNlgmXIb3A01xbZKmCz_qPMQU-dDKGH5bMR24DNgDXge4r236SPa2QDt0rlVkMp6dGS5TcfLFMjagMTzW4WnkuT2yRjvCvB5a4xfSOMJl_UtgX_OI31bavNSLd62y316L59QVz8hYMAp4ibfpUWTTUXE946hEJ0of53BcRiqfJp0wvNeWTss0MtsWQpRxkuaOJuI_iR1XDlfoD3NEzub1z2krBci2txyq1sTLYrihApGslqsSK9XNm7cAy1ybDTMfv6RGkjcbqZFWQd5DfUe1iwBJI6aDUn6-EbxGPPlOqYx1WRMaDZBIsqzdsKbu9dVjSlsyy-5ws0EIL5I8llj3KjvT1Q7sayi2bGDujzS5xLazqu_Rg6lB6yF8rUDc7y5Rf2I4eeRlWMDg2o1y0_LhMdY481XJ7sWSd5ZKWEWB68576uxanWCfUPq72A31edf5i4k7XJRud6kCDzf8HIKC7nqK5POkIoo7UFkbZZmkRqLaJrn-jHqGmIB9bKI71M4rTEUbN8B4zls9VgRTn8nDLeObAxeAnK_BFch_djW1xz7kkedJ5gnQw0qUTCyyODTKg54VoUup8ufNkkKC7HIxnCyqKoShGMQNBZJaTNWTn8_COjR4VZ7QGNqs3FNItZ9sAnSlUzOxK73S7oZheHEM2_BHaNESsQsDAJQ8Ws_QMHTGlFjyLmPFaYHoC9cfm5Js1iP18lOBTa12J-L1bLjxh0u0IxthhCJyxumN_c8jup0AYqvWI8MAzeGtbajhSi1cK7jqIEk1uLs45xGFqiRRMS_l-tzZSPN9IEAV07f1OwYMpwQa402bTmdbHcKHEUW2O7SCcWYoOtIWKhKlwf4-I92MQ19gzej9LgTKAfqimRyYbuQJ90g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B27487152.331700337;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=3430571816;ord=yzs4n5;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1Mhi7IRCYvHlOrTD7_UP0aau2Aab6bSiadb-04PY...
ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/ Frame B414 		51 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.331700337;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=3430571816;ord=yzs4n5;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1Mhi7IRCYvHlOrTD7_UP0aau2Aab6bSiadb-04PYD8_mor3AARABIMbgi3lgu4aAgNAKoAH4r_7LAsgBCakCewfrOKH4tT6oAwGqBNgBT9Ba2BYXfUT_C4_NkWv0TqglCONQ4VXVrHVQLCmOXgZRv7zefpAWW_b49FRRhgIlHXFzu9zgDzzA6x9L5NXbdjF4kSIjtgU-9d7KFdQ5IMlUPkR5lPtsYGX6qLNO4dRf70YIlLS2Z1l7c6kOeYtgMQ2pO0u7rX7zmdP4dFOF22amHA5_hHgJewuv13mcc8D6RwzxCFJVc8-JxvwJmG3dezpS27VN-Nfgc1olE1VubgECt5VESQw8q1RBi2yDv49zbiYz0udSXxncMVniSguPAkCNv-a6hy_KwASwiava1gPgBAOQBgGgBk2AB_DPgbQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOisM8O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORo8xXPkfT3u6gzrEmGuNoo3JSUYulfrYNjMFKNtVDkndnyhA%26sig%3DAOD64_3nmy_hz9R0l_tvmwwI-7xGgrLRlw%26client%3Dca-pub-3755662197386269%26dbm_c%3DAKAmf-Cj92_MxsEu5GM5DORiIjrPvMoVdey54VEcjTvJivkiqD42Hh3m1-6wX859EnL1-nD_SEiQklIGZFGOghsy3aZMRjUCvinWj8lpfLOAIiDnwf5sG5vjBkwHTuUztRu4ALTzR-lGqk1Hc9KZI5VpoZNdGxE2cw%26cry%3D1%26dbm_d%3DAKAmf-DLnnEtj_fmRFFQ2m03K8WvXZI91Nv9qPe10MGXuMGS7BncthyZytdWzKycUvJPnTZtlDxRrTQoS5rO6zj3XwufaSLutVw8pma5Y6DadNAb_Tk26_mIN6gmC-3NA6Fm5ibNRUtnR8GJGxJ9mRXWPIP8vaQ6dimj-VS7A_Y-E7FDZKw4VYHy4Lvzuc9i-4BlCUSrQL-Hqcraxnz-wHJQ_F91-UK0lHYmTC4xqTTUwFLcxgODHHCpETFOBPQEa4_LyWdQdZ4K6vfj7vD0wEoeUbWbqAXnzOmYU1a9HVfvGEfxRhm4Ntfk1xMr5PV_lsyHae7Tqa5EDdJlGX-nglXO3tWRBgARXTAk4XeeUHj24pyy9Xh1xCGPrf0jw-5EE6XYOIgyJAXy7k3btale6f3aA83R8bnpkXiXGoE5dftbTs5-vR4MMMFynF_6XOD1dUBqXUY5laYLLHio-LTsBRTWbcF_0ZFYtw%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Fivona.ua$2,https%3A%2F%2Fivona.ua%2F$0;xdt=1;crlt=h.6lCo)gmj;sttr=51;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f6.1e100.net
Software
cafe /
Resource Hash
17c937d3517a31144e4f19b86034091a13c2821d2dfb94e38fc98e3e4b609644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25506
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=b594bdda-c9c7-30cb-171d-ebe628589393&tv=%7Bc:8dGSnG,time:330,type:e,im:%7Bimprf:%7Bttecl:529,ecd:43,tsecr:16%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:330,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B325~0%5D,as:%5B325~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.995085-61697697%7C1i11%7C1i12%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m%7C1n,idMap:1i1*,rmeas:1,rend:0,renddet:svg.us%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
1
servicer.idealmedia.io/1211636/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.idealmedia.io/1211636/1?pv=5&cbuster=164852657386864413410&uniqId=0a3c9&niet=4g&nisd=false&jsv=es6&w=300&h=202&wrongImageSize=1&cols=1&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=624284ee-00207&pageView=1&pvid=17fd3d740cf98a007f6&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e2fdfc8f14c1d5239ab5d1d388955f987ae940753213a89265c083af8aee570

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
6f35b66efa5054ca-MAN
container.html
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F7C5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 29 Mar 2022 04:02:53 GMT
expires
Wed, 29 Mar 2023 04:02:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=OG90eHo5WUxaYVVuKy94U25rU3FVMnYyTnZHUWNpOGxGZ1hKaXlLV3JnUE1GTDNROWJld1NpTTh5cHNZQmcyTkRCalhxOUpDZnhsZ2JBWVhtK3p3S0dKc1NwaFFGY292NEVFaFdzaUZKK0pjcjhHVW9CRFI4Tk5obG1vVWoyemhTQ0doMkhhaDR3Qis1OWVaQldPZmQwZjA4cDdNQUdDUEJtbXJXYnprM2lIYWtFWEZwUVBpOFpuS1ZoU1VsNUl3dldaNnZaU2U1bHBvRUpFTnFBbGEyQmtCRUgwdUdxNEp3UFdabXVRRXE4UUdrUE5GRVVtNDBEcmh6aEoxVGViKw%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=c15953fe-60cc-47f4-a7b2-8735f0b6c691
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 29 Mar 2022 04:02:54 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=98b8df611fd045c68d9c8d6855a92441&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=a920cd34-1d67-45e2-933d-226b29119cc5&hp=-370074540&page=ivona.ua%2F&segments=5%2C1%2C490&ts=637841233723435204&ap=OA%3D%3D&asign=-1329950511&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=8dd850b8-9686-42a8-bbe6-9fb8b567f9a6&ip=217.138.196.106&item=6F40F793-2197-419B-99FF-3A23ACB393CA&crid=6F40F793-2197-419B-99FF-3A23ACB393CA&size=300x600&profile=B774ED5B-868F-4830-AF4F-06A3722C07AE&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:54 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 9B3B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220324&jk=3509201282370956&bg=!MDOlM3fNAAbzJazn0yU7ACkAdvg8WjhogymExz7MEREgfZXBOUKEY5XLQ2JkbEQO72fDQYS4yziD5QIAAABXUgAAAAJoAQcKAHX-T_EdIbK0cIXt94iSUxrHps1TdOKLXqT3pCJLBa1xckOnhxFa8G7BhOMhUBxufzXTNWBkSp5C-YeH0a5doWBc4P4TIKznwiIlLg2AfbLsuSsvvk5SnJZn0ltKD8capAay-uUI-2TBtkBb5wIzeSWsW3FQ5I-ZAtz-OGVdmolkLEL3LZ2kkR_qoASaOvLZgemseowURW-xC7MTh1e8wNnXPrCVSHoqdLPGOSU7Gvt-N7-g1G5gUFVsBTjCvyVtb_NOQa38KxpYYasbvbyXdprvj6dIa0YADzrmV-upuLYldWDGf_5OZ7-umQQiQf7xTU7jks9ieNovyFXDCoTeoKdgcdhfZg_spSEHij29Pelm4cHr4QqPlyYkISl3gc9dfy-qfk1im7AihBjxxOURHsPA1DK0HYfK63Tlhyn3nkKMMPjY4GdnCGt8_BtK62VA61rHtwGJxE9-WiCkLOonUMbWBINuMYT4JdIzuedahIAlEdkqVjd7v0Mj1NiOpj4bJbGYC9HCHFSlBRmkccjvQx71TBZNlFwcb-ac4LLg8pjt5_ge1MhwlSzWLF_LnToZjBnCpciulrLGxxcIOnG-cE2jIRrrKBbWll_OgiamzjvXf_nzZJjH3oCLsRHA8Prl5o8uM8LAFsVxkqu9xUrf7v1XmHXshMxkYK8y6CzySVeRBoJXqW8UnvFNPltn9t4win4gdJzfm1PkK8Wy1npxgVfmfxtM4pZclns1cfBIMLTkShQ-PRz4druhfISG0M2l5ad1s_KstM2TMaCpi2aRJw7uH7Jsnq9tZEIYrGomeeNJ6VeaUbZuXe3cMI0-YTsM4w8xT4Zrs0cH52RGhFKTCsYV5mual7f7Ag_Wy9GxdnFVQHgt240sKUa33_pr5vwKE1nWicaHbLTKT_z9FONqD6Hy1KSNoRdJYQsoYWe47uCwqJ-tMwPakpQo8MAYhI5Cg_Y17KUt36ks3vHtwouQdwcdNkRy1Se_i-t9Dc-4-ZMwl_KlnawTW8JS8uH8WJA7On-8NmV3Jztw9OcnwXynGyP5cLWfqzKIBjrY2i21EMGOjXffffAaQ65M0qUXZbEW57JbBMOLntIvTY_f-sZKuWV8mk5xZMDHDnbu8mINQ_pLqNndv0k
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/ Frame B414 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.331700337;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=3430571816;ord=yzs4n5;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1Mhi7IRCYvHlOrTD7_UP0aau2Aab6bSiadb-04PYD8_mor3AARABIMbgi3lgu4aAgNAKoAH4r_7LAsgBCakCewfrOKH4tT6oAwGqBNgBT9Ba2BYXfUT_C4_NkWv0TqglCONQ4VXVrHVQLCmOXgZRv7zefpAWW_b49FRRhgIlHXFzu9zgDzzA6x9L5NXbdjF4kSIjtgU-9d7KFdQ5IMlUPkR5lPtsYGX6qLNO4dRf70YIlLS2Z1l7c6kOeYtgMQ2pO0u7rX7zmdP4dFOF22amHA5_hHgJewuv13mcc8D6RwzxCFJVc8-JxvwJmG3dezpS27VN-Nfgc1olE1VubgECt5VESQw8q1RBi2yDv49zbiYz0udSXxncMVniSguPAkCNv-a6hy_KwASwiava1gPgBAOQBgGgBk2AB_DPgbQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOisM8O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORo8xXPkfT3u6gzrEmGuNoo3JSUYulfrYNjMFKNtVDkndnyhA%26sig%3DAOD64_3nmy_hz9R0l_tvmwwI-7xGgrLRlw%26client%3Dca-pub-3755662197386269%26dbm_c%3DAKAmf-Cj92_MxsEu5GM5DORiIjrPvMoVdey54VEcjTvJivkiqD42Hh3m1-6wX859EnL1-nD_SEiQklIGZFGOghsy3aZMRjUCvinWj8lpfLOAIiDnwf5sG5vjBkwHTuUztRu4ALTzR-lGqk1Hc9KZI5VpoZNdGxE2cw%26cry%3D1%26dbm_d%3DAKAmf-DLnnEtj_fmRFFQ2m03K8WvXZI91Nv9qPe10MGXuMGS7BncthyZytdWzKycUvJPnTZtlDxRrTQoS5rO6zj3XwufaSLutVw8pma5Y6DadNAb_Tk26_mIN6gmC-3NA6Fm5ibNRUtnR8GJGxJ9mRXWPIP8vaQ6dimj-VS7A_Y-E7FDZKw4VYHy4Lvzuc9i-4BlCUSrQL-Hqcraxnz-wHJQ_F91-UK0lHYmTC4xqTTUwFLcxgODHHCpETFOBPQEa4_LyWdQdZ4K6vfj7vD0wEoeUbWbqAXnzOmYU1a9HVfvGEfxRhm4Ntfk1xMr5PV_lsyHae7Tqa5EDdJlGX-nglXO3tWRBgARXTAk4XeeUHj24pyy9Xh1xCGPrf0jw-5EE6XYOIgyJAXy7k3btale6f3aA83R8bnpkXiXGoE5dftbTs5-vR4MMMFynF_6XOD1dUBqXUY5laYLLHio-LTsBRTWbcF_0ZFYtw%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Fivona.ua$2,https%3A%2F%2Fivona.ua%2F$0;xdt=1;crlt=h.6lCo)gmj;sttr=51;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
658
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:51:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B414 		0
524 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0bozxKSdA1gUR18eWJOaEGze8LYr4N36ooDvUVgOBeOWQRspSH7qqf6ivem1aTGNd8OVHgMSLE1V7DS21Qf1eup8rifXXdY2MAr9adfXsXgJyA6yy4ALe_O0WFJ4a_xG-beSc2jEOhfk&sig=Cg0ArKJSzNTedfqBEZBHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220324.37975&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.331700337;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=3430571816;ord=yzs4n5;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1Mhi7IRCYvHlOrTD7_UP0aau2Aab6bSiadb-04PYD8_mor3AARABIMbgi3lgu4aAgNAKoAH4r_7LAsgBCakCewfrOKH4tT6oAwGqBNgBT9Ba2BYXfUT_C4_NkWv0TqglCONQ4VXVrHVQLCmOXgZRv7zefpAWW_b49FRRhgIlHXFzu9zgDzzA6x9L5NXbdjF4kSIjtgU-9d7KFdQ5IMlUPkR5lPtsYGX6qLNO4dRf70YIlLS2Z1l7c6kOeYtgMQ2pO0u7rX7zmdP4dFOF22amHA5_hHgJewuv13mcc8D6RwzxCFJVc8-JxvwJmG3dezpS27VN-Nfgc1olE1VubgECt5VESQw8q1RBi2yDv49zbiYz0udSXxncMVniSguPAkCNv-a6hy_KwASwiava1gPgBAOQBgGgBk2AB_DPgbQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOisM8O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORo8xXPkfT3u6gzrEmGuNoo3JSUYulfrYNjMFKNtVDkndnyhA%26sig%3DAOD64_3nmy_hz9R0l_tvmwwI-7xGgrLRlw%26client%3Dca-pub-3755662197386269%26dbm_c%3DAKAmf-Cj92_MxsEu5GM5DORiIjrPvMoVdey54VEcjTvJivkiqD42Hh3m1-6wX859EnL1-nD_SEiQklIGZFGOghsy3aZMRjUCvinWj8lpfLOAIiDnwf5sG5vjBkwHTuUztRu4ALTzR-lGqk1Hc9KZI5VpoZNdGxE2cw%26cry%3D1%26dbm_d%3DAKAmf-DLnnEtj_fmRFFQ2m03K8WvXZI91Nv9qPe10MGXuMGS7BncthyZytdWzKycUvJPnTZtlDxRrTQoS5rO6zj3XwufaSLutVw8pma5Y6DadNAb_Tk26_mIN6gmC-3NA6Fm5ibNRUtnR8GJGxJ9mRXWPIP8vaQ6dimj-VS7A_Y-E7FDZKw4VYHy4Lvzuc9i-4BlCUSrQL-Hqcraxnz-wHJQ_F91-UK0lHYmTC4xqTTUwFLcxgODHHCpETFOBPQEa4_LyWdQdZ4K6vfj7vD0wEoeUbWbqAXnzOmYU1a9HVfvGEfxRhm4Ntfk1xMr5PV_lsyHae7Tqa5EDdJlGX-nglXO3tWRBgARXTAk4XeeUHj24pyy9Xh1xCGPrf0jw-5EE6XYOIgyJAXy7k3btale6f3aA83R8bnpkXiXGoE5dftbTs5-vR4MMMFynF_6XOD1dUBqXUY5laYLLHio-LTsBRTWbcF_0ZFYtw%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Fivona.ua$2,https%3A%2F%2Fivona.ua%2F$0;xdt=1;crlt=h.6lCo)gmj;sttr=51;prcl=s
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:02:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B414 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.331700337;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=3430571816;ord=yzs4n5;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1Mhi7IRCYvHlOrTD7_UP0aau2Aab6bSiadb-04PYD8_mor3AARABIMbgi3lgu4aAgNAKoAH4r_7LAsgBCakCewfrOKH4tT6oAwGqBNgBT9Ba2BYXfUT_C4_NkWv0TqglCONQ4VXVrHVQLCmOXgZRv7zefpAWW_b49FRRhgIlHXFzu9zgDzzA6x9L5NXbdjF4kSIjtgU-9d7KFdQ5IMlUPkR5lPtsYGX6qLNO4dRf70YIlLS2Z1l7c6kOeYtgMQ2pO0u7rX7zmdP4dFOF22amHA5_hHgJewuv13mcc8D6RwzxCFJVc8-JxvwJmG3dezpS27VN-Nfgc1olE1VubgECt5VESQw8q1RBi2yDv49zbiYz0udSXxncMVniSguPAkCNv-a6hy_KwASwiava1gPgBAOQBgGgBk2AB_DPgbQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOisM8O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORo8xXPkfT3u6gzrEmGuNoo3JSUYulfrYNjMFKNtVDkndnyhA%26sig%3DAOD64_3nmy_hz9R0l_tvmwwI-7xGgrLRlw%26client%3Dca-pub-3755662197386269%26dbm_c%3DAKAmf-Cj92_MxsEu5GM5DORiIjrPvMoVdey54VEcjTvJivkiqD42Hh3m1-6wX859EnL1-nD_SEiQklIGZFGOghsy3aZMRjUCvinWj8lpfLOAIiDnwf5sG5vjBkwHTuUztRu4ALTzR-lGqk1Hc9KZI5VpoZNdGxE2cw%26cry%3D1%26dbm_d%3DAKAmf-DLnnEtj_fmRFFQ2m03K8WvXZI91Nv9qPe10MGXuMGS7BncthyZytdWzKycUvJPnTZtlDxRrTQoS5rO6zj3XwufaSLutVw8pma5Y6DadNAb_Tk26_mIN6gmC-3NA6Fm5ibNRUtnR8GJGxJ9mRXWPIP8vaQ6dimj-VS7A_Y-E7FDZKw4VYHy4Lvzuc9i-4BlCUSrQL-Hqcraxnz-wHJQ_F91-UK0lHYmTC4xqTTUwFLcxgODHHCpETFOBPQEa4_LyWdQdZ4K6vfj7vD0wEoeUbWbqAXnzOmYU1a9HVfvGEfxRhm4Ntfk1xMr5PV_lsyHae7Tqa5EDdJlGX-nglXO3tWRBgARXTAk4XeeUHj24pyy9Xh1xCGPrf0jw-5EE6XYOIgyJAXy7k3btale6f3aA83R8bnpkXiXGoE5dftbTs5-vR4MMMFynF_6XOD1dUBqXUY5laYLLHio-LTsBRTWbcF_0ZFYtw%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Fivona.ua$2,https%3A%2F%2Fivona.ua%2F$0;xdt=1;crlt=h.6lCo)gmj;sttr=51;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 09:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Mar 2023 09:30:26 GMT
8034351176049083225
s0.2mdn.net/simgad/ Frame B414 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/8034351176049083225
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e6a0e1abeb86c143068b8084dfac81424d053f366cc996bcb841e415100751d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Mar 2022 09:04:05 GMT
x-content-type-options
nosniff
age
154729
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37339
x-xss-protection
0
last-modified
Mon, 21 Mar 2022 09:48:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 27 Mar 2023 09:04:05 GMT
/
d.agkn.com/pixel/2387/ Frame B414 		43 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/2387/?ct=UK&st=&city=0&dma=0&zp=M32&bw=4&che=3252958930&col=27487152,1108532,331700337,523684581,168319261
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.167.104 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-167-104.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 29 Mar 2022 04:02:53 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 01 Jan 2000 00:00:00 GMT
im_logo_mini_43x20.svg
cdn.idealmedia.io/images/ 		1 KB
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idealmedia.io/images/im_logo_mini_43x20.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 May 2020 12:16:51 GMT
server
cloudflare
age
5741
etag
W/"ff394e3a03921d25c2f03e03046bf506"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6f35b66fead154ca-MAN
x-amz-request-id
SDN7FJWTKC326PCD
x-amz-id-2
W2kn4FJERiTQZMz9V8pMlvEHGc7TMPz5ZsnixYs0QdH4fxNXyyuYwKTgDsh0d2GMVSzhEAJ9d80=
expires
Tue, 29 Mar 2022 08:02:54 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTA5MTUzLzhkNTg3MTQzYjYzNjY0YmFmNjljYjczNWZjMzUyY2YxLmpwZWc.webp
s-img.idealmedia.io/n/10069582/492x328/0x0x622x414/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10069582/492x328/0x0x622x414/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTA5MTUzLzhkNTg3MTQzYjYzNjY0YmFmNjljYjczNWZjMzUyY2YxLmpwZWc.webp?v=1648526573-fk7ialAIcPmITabd8q2rI0F_5sKHy8iiatzClTL00CE
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2d8df5d1e57c625a957971d571a7dbccff3ac747d4797e6c1830b630141cdc7

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
cf-cache-status
REVALIDATED
last-modified
Thu, 24 Mar 2022 17:20:19 GMT
x-mg-request-uuid
1940e70d-0b43-4d9f-89a5-772f39b61ba1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6f35b67048c73607-MAN
content-length
16178
server
cloudflare
expires
Wed, 30 Mar 2022 04:02:54 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNDI1OTc3L2U3MjY3M2M0ZDE5Njc5NzIxZTgyYmEwYjYyZWFhZmU4LmpwZWc.webp
s-img.idealmedia.io/n/10061444/492x328/130x0x852x568/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10061444/492x328/130x0x852x568/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNDI1OTc3L2U3MjY3M2M0ZDE5Njc5NzIxZTgyYmEwYjYyZWFhZmU4LmpwZWc.webp?v=1648526573-ErwRV00jOl9DacHcYrVAcYHxJp67DUtWJ6GcA0wBdfU
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a3548844d6ef8052c0ba5224cce751e398e05d6bd972aa13da90628aa9bb9cc

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 15 Mar 2022 15:00:15 GMT
x-mg-request-uuid
28fb076d-31d9-44aa-b682-30606505a5d5
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6f35b67048ca3607-MAN
content-length
6496
server
cloudflare
expires
Wed, 30 Mar 2022 04:02:54 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNTk3Ny9hOTcyYmI3ZmNkMDQwMDViYjM3ZGI5MWE0YmE0ODg2My5qcGVn.webp
s-img.idealmedia.io/n/10064078/492x328/187x0x1118x745/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10064078/492x328/187x0x1118x745/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNTk3Ny9hOTcyYmI3ZmNkMDQwMDViYjM3ZGI5MWE0YmE0ODg2My5qcGVn.webp?v=1648526573-cAz9juoiBAIFIKoeAMoOq34_Vi0HE8l3CSSlLBYuSjg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72f3e79de2c309bf00c759747335460c1e0c7100fc1ff8446a475b4584a7efcb

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
cf-cache-status
REVALIDATED
last-modified
Sat, 19 Mar 2022 15:05:23 GMT
x-mg-request-uuid
3568bb80-c931-4e3c-b523-07ad63764f3c
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6f35b67048cb3607-MAN
content-length
9398
server
cloudflare
expires
Wed, 30 Mar 2022 04:02:54 GMT
main.gr.19.8.299.js
static.adsafeprotected.com/ Frame B414 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.gr.19.8.299.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10933&advId=22571342&campId=55914394&pubId=1&chanId=1411859872956&placementId=415317015&dealId=549644393847897261&adsafe_par&impId=ABAjH0hB1Rx2ySdIyAZK1jvs8fNq&bidurl=https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2246:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 07 Mar 2022 20:37:01 GMT
content-encoding
gzip
age
1841154
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Mar 2022 19:11:01 GMT
server
AmazonS3
etag
W/"587738d3e44b43a2620f42eb51d89fbf"
vary
Accept-Encoding
x-amz-version-id
kp2GPcLunARmvxyYiu0RKpd0_UaoR.nW
via
1.1 06d6f648c97d8c16ca5220ea2f4edf86.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P1
content-type
application/javascript
x-amz-cf-id
T6utG6JO6FhrMBw1obe5kw2TalMGf2M47fgLBf_PN-kHnXY6U4ITrg==
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 06A6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
79750
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C287 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 29 Mar 2022 04:02:53 GMT
expires
Wed, 29 Mar 2023 04:02:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=bjMxTmk2OUViUUZWVUplejQ4RTBsb1pmcXAvQTg0SE80cGVYYllyTldpYTlHQjdrMXhFUW5NU2hSYmw4ZHlqRFVmV3YycDdmTnBnU2NFQ2RBK2NsdXpOaDZaNnhQV0kyYTJ1TGtaVXNqajYvL1RtSUJocTJlNEZxay9uNTBrQk1uT2VWWmpBVkt0cXRvSWhBS2llbjJNZ05tQXJuSmE1ZWw3YmtJdHkzMEpkRkp2aGVtWnZ5UUlPWHRNQjN1QkVYckNTcFZKTFZpYnhFNHNvRGVjSThmY0lGeEYvQjB6QkphVEx0S3dOU3gxNzdYQ2trQjNzZnhKdkpLYlZDSTE0b2RnME5Ob2Ywd3BzOWdzUTNxRnUzcHc9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
truncated
/ Frame B414 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f5b90fdfc7080e5555801ee7b2e34f670f9ba62a00081f37e6e309ff33c0977

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=b594bdda-c9c7-30cb-171d-ebe628589393&tv=%7Bc:8dGSsT,pingTime:-10,time:653,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1648526574167%7C%7Cf9fdb89b2a409d34d92ab2622cd0eae9%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7C054f34ac8e49e60d7e2b87a9813ed78f%7C%7C0c182c0124a67e3daea84c68cb131831%7C%7Ca05415b0e0cb66693fc430948ced4fcf%7C%7Cffba33f1d07a73bf90d6642cee4dc6c8%7C%7Cb8537658557a1ad91764138ddd7a8d8f%7C%7C1629390669%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt12.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8566 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 09:31:07 GMT
expires
Tue, 28 Mar 2023 09:31:07 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
66707
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame F151 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMY76qExAEwAQ&v=APEucNWwr6ffytdEVj_4oXM0fkP7ZWMDcPSV19-zfjmTIMKpsXIwWm5rs3tqEB1oHoO1A0CzDZPeZotBSFESgIX3dODCx9O5cNbY1Vfvc0U7KrzG-CRoCqAxJEuYQfdFlP-I6KOos_RqYxLVt9YnkiJxa_gLgkEK0A76Ebph1tYUh_x-30_W2fQ
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 29 Mar 2022 04:02:54 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame F7C5 		70 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_KtYYnWMrrS1f5GMeClMxC7b0RR2D0q5ubA5vdWBRgbj1sTyU1s7RfcS5JNZ_jVramoJgMJuz7fbwfa1Spo9X2jJUufTxADF-GtzFRIQTaQnE4R-2OWDXb4B9LhRRsukj4Li1k54asNAMBXdaVRmJQWP4uA&dbm_d=AKAmf-DZIaLx-1jE5l8N2p4QDbi3iNL3uvBLsfxt1ce0OaMxicGZSfp4iK3NLzvmDfQoltWLBXN3wcIZS8vRtt9PQXmynuun22kbkr459qg0C7PBUq1UirW5kucsmgrY6XGiE2y5pEQWg5RAYPBvWLb_syuMfPeLd9OR7-ZLO8NwBQhiuEnNd6nhYaHHNJ2Lwnu8ypWCcc26sLuJn7etquqbrqx3adm6bg3yZX7k6yFhvYa4RXvamyleBVP5LoAMPSQ5r1Ar8SlgnKJp6NTp-5ZttluueJyzexBGYf7mnji2OpMgPeeLeW8IlJVU2SPhK4h0lGjKxTmMW0Kn3-M6t62sbISxkUb9_BoBHV6kQqEMyVuvm6MS12UKoMbWPZjPP1RZAY16ukvVAEsSXiKj9x5vn3LFB6BdvXaptkII4MJpmdc_H79b28f6w3wSK2aTejBEWn35wyVaUoAuNX1CgNWZDSA2P1XGE28KNaf5JX151yV0r3jtEUQTzhhrpStPSHI3lPwLqN_jOW7QwI3mAcM-1n71FUe_6EqDQTK4iRCu_HN8mWINi83t3U28ghUxDYSmE8T4MrXqbGVEZ48Tn7wUekyI7ieh0WosJXMF17LPEAoreOpTe7lPfXSk0guG4qwZXQRAFY2bz2o1R-RRY1t46h1taJIyIS0coFB296owkZhupfnJmbXcHZbE4CIRjPc-Mfs2rHZBDWd87h0PtcU3TmQnJEa_jUshYO7cJ2oXglD2NNBd9tKl8muPOa1IHkuzXqJdFHXHbTzfz0cXqLOWJutivIVWm4qWgXQkKT_kN28xg0ETJAbEhUuc3Qri4sPbTR8pUgxbtNEw8S9UdRaGPI0C3MvM6dOna1oD0YPsLa7DB6RSsX6ztoddgKsNahnK4UkazAtyHfVUfkggW_KLtpYoEndkHPUx3ghTLh4qbH9sIdQYrYWfuYQI4GVJ4cRdxEIB8KKU9dqeo1MUxsHvIsfeILkyOTNiwIYU8ERwB1hxqnw9Lmzv3RbOjuj1c-Ip9h71drhgWvZUicjuCr43nzRG6m8hS_TS2mKf6Q0pouo1ZSst7044xNSsZFU_afjaUg19HpAJqhthABhxibGXU_WbHSol1yk9rKrRLAtUBocpM4hELe0Acz6E2Gvzu38YqLipRSTSP95UzumPzJTDIxWYOqw4uJVBaFNh_NQt1mwSAfsR10qOAXKKqwotWWen3JTXWAzrI0B7WwNDKy_aUmJ6hkEoNkvQEksQsyGFnLhDA8frLtLjppWHTvhC9K8nCjWcMgJY4R6_JiuQY0a1Y57tpJjtL0yjYzgyk5BmKVKmWc38VsULk1RrU0WTMVMCpUahgLrHZ3s4xTJniN6zo4exrPO9x8hGkYYw_WStwuKYO6NQwhD3FyIGj007RzuXe34RYJLUoWEgvhC7TR-gKn1Qb9xzE9VUCQJn7eE_kQSCMIWc3An_84fNXxHQ6fry09okUTeWjMUCYN0gwqsnEH5aaeL7_27oI6asZEiUFRxeizLG7n4OdU7E9pI4M0auNz7LLi9UQHM6wTOrtSg05tbkdOSnaGoykaKVYK_OiHmNx4gvj8iRydiRZF_PMFkjpV8mF_5egZxtcmwuUuBm27UmJ7b6FbIsSG9yXwgbDizmr-m1uzdzhEItNnbkIJufeJT5CbZQ1PLuOUI3sUEjY9T3DX0tV84f4i4XXGrqhNKkWmlsFiQK6BkQp3gWKkzN1ehln0S6BG1W4uxOQPgwlBzJGORncnoF3QPsBQnRtMC-1DI7N7zPj6ld1lgnrDRu4vRvps2asxU6nFFqByfLQcA7nA6Tupi1Q-GmXLrBS1fc6G3FauEZiqTBG0yVFrwVUnfpm9UPjU5mlXED2bdHFe0kNBOxsn9-Clv-hL-9yvX0KDhSNmmdrgpJKXBMQ4nFiyJ0Z52LWe6M6PUIabsG6Ug8PYusAMfQ8H4jZ4nijnaJjxeem3VuX-GKAc80QpbSat-7W8rogPt_ZRYU_r_2_kn21RbQteZ_hDZvE2pBlvZOCyESrb5Wcf4MD7gjFv5zTja1LO_VkZsTbg6uEkeJkOMAg7NRilDeiQ4l4k_FGT0lpysjTd4IqoNmhoFRHzbDAJR-RitxxnkjEZN8MkPT-5ra1GEQ80DAr75seVy1BggC_wdg7w4xPXPTI78Aj90OuegCSlh9u1Sql16hjmA0qmYF6sUBx09nL0bMrz_fcZ4ufKR9rouVo1YTPPjAuaYVGuPwGP0IvcO3TMo3Q4TkrwzPk_PBK5zXC3H9A9FsfulMugkoby1SzrU0K6mY5JK5euHfe4-gq-WGol--NGP-njb-W5RUyNlLNQb9se61ro43qui5gx10_Vv8tIB9bWD0faifXzC82nkMcNy0GzVEGbBKVVxRSmWrrXR7nPjyFzx2AYm9AmJdRs3iOnW8-W0z6HkLXvor6h5mLFyVky9R1BAM3f923EhEDi5CPWrdOxRNvuwar1ZrFD5UvEpma-ZLmLAouCwU3NmipdFZZC0imGuAw__qTEKjHznf0wZ5VlVAjkH5jRdJkw1JVRfvwSxR48QzCDMClIIC0TX0Aj3Ce2fginsM4Wy4OARfT-ZnMxK-haVaXV36A7ovr-0ygtWy0eMB9vSptlPfSKXgwOxlIeQqCPhJUzpy3CwLP2EU5S3PTs9Sogz0Dl00gdj2x_2l0a9bJG-VFqNqZYBrQgFT9sPjL5waARM6Ey_mFIEyLD5_KrmyWRTg5eCMD8muzKV_refnBcQx0gZYM-p7WcWcnxZUMm3IsGrviSkEc7QOkNZhPkT7yh6ksc-HU3rtBNXJor0iEDDMBUdRlV3SIxXF4NDAglzv5SPFyS1rV5axpiZLEuwbV3VvTnm9Rz7MCSqhGQWrrAD788YFCgraEO9CXv2M4GkhT1nXMHCZ5zB_driXfr3zwKCHDBt95gogddj5eDlrgo-xO93dvup9vq1OPHWGxaqTItZJXKy0d700X72xg20hD8cCeiCPcOJeDXy193sjZQWaKGdZ4CXx7rqdthNJi3qF1JxdazBpK7xqjp2j3HtcW4VC_4PB3n0aMpBXsbXfp5c_RLNIhKcObSzGZPrMZs4TnGdh_0vqvpVeqPLN3Otj6cbYl6EZOtMB2pzs_kgL_MFQeFEWMC4vHIYSgCoKjucvl4U9A1cpvY7HdN9RhxTyJHY&cid=CAASJORo2TtRC6aNDMh3Tlmso4pl5qIvUpEfnonE64UW8uH6q6NYaQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
73bbba217d6d927ae0828869cb80b9cb4d1b482ba845dae54c55e37b6e7caa7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32686
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F7C5 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AnG9vyt8-SmBol4e0S1LYtq21kfhNLG_4g7oriCwU1LTmsbLXmHob9c0Nwb3wmP5mwapqtcOw7epl8Gb5K_iaPY6FFKQyk7bDrCPy7krJ8PX0ACy4
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame F7C5 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1421
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:39:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F7C5 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:02:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame F7C5 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 02:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 02:37:24 GMT
l
www.google.com/ads/measurement/ Frame F7C5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFMs8HEhaRtl3nFDo67Xm4JXsx85Bi3jLA_JCcb3VuK5kZ3XBNCuTaXCuZF6GAwp16xKmnqxjmdI5coaFI-RF7TjOyjw
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame C287 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 03:34:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 29 Mar 2022 04:02:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Mar 2022 04:02:54 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame C287 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:54:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
530
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:54:04 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C287 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CxlJS7YRCYuroLoa0-gaTlbrgAcWW5fdZ-PrAlsEP0JCA7JACEAEgm9yJImC7hoCA0AqgAYnU6d4DyAEJqQJFzvXLePq1PuACAKgDAcgDywSqBO0BT9BknnOUwMeO0OAbUDImVJzPaTEkXGWeN-myNaubrr_JeLmV8pvOxnbCmrkahMkqc3Yl-PzlGI0FeGgO3JkA3pz70XNjKDQb14lP3oI5meu3k9NipitnT20OWHkflm25VqKFnsAXh-UXnRzYVpJCeBkGkHXQePYfcjid2EE6iLdD18VfSiQLBc_7xzfVvqL8lKvdZQxd77lbz83O--7bbBUpy_Hwxmiep0rLkjV2UBYI_tZw96RzTUUY6t78z7RszgufzXQTi1dUGmQSUTGhZHO0lIfa_bT9Duv3ESmakHZ3MlvaEm4bj0CFZjpIwASDwJqm2QHgBAGSBQQIBBgBkgUECAUYBKAGLoAH36uWIagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIT-A9IICQiA4YAQEAEYHYAKA8gLAbgTiATYEwrQFQGAFwGyFx4KHAgAEhRwdWItODI0MTA0OTQ5NzYwODk5Nxjz8RY&sigh=YPFQGSGF7ik&uach_m=[UACH]&template_id=520
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/ Frame C287 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/abg_lite_fy2019.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:50:16 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame C287 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1421
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:39:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C287 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:02:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame C287 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 02:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 02:37:24 GMT
l
www.google.com/ads/measurement/ Frame C287 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSOl10Q9c3nbVu9wGKouGgKMSmCbNN2YFkIlAbvodi9fz66TrFbzzkqhVsvM6II0yWFZaCqHsqvvCr9Af7pMLPVg31uMw
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
c5c2d0ec538305d3144caccb9e9ba20c.js
www.gstatic.com/mysidia/ Frame C287 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c5c2d0ec538305d3144caccb9e9ba20c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 11:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11812
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 03:00:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 11:21:33 GMT
dpixel
cms.quantserve.com/ Frame 06A6 		35 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC_9F3E5bhidDqy8MDN3ywY&google_cver=1&google_push=AYg5qPJ_xVSJMIoV7Q9_oHPxPG7f8ChhY45cVY4zZ8aYPWkVuHGcA_30wpiN7B06LHsi0sbs3y8ubGlKrLaTsmr_PFMZxq1kStgD
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 06A6
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPL4aGG73N_OTqtATZLG6dYZt_DpMKlStyk2Sim4tIatFobdXW9fewYeaiuAppWr-JmIlo6U48u5wbR7M0CbCv39Yw6KcRub&google_gid=CAESEKTY4QJsaPwDketEett79rY&goo...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCO6JipIGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBMNGFHRzczTl9PVHF0QVRaTEc2ZFladF9EcE1LbFN0eWsyU2ltNHRJYXRGb2JkWFc5ZmV3WWVhaXVBcHBXci1KbUlsbzZVNDh1NXdiUjdNME...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwOUowUW9ibHhqR3hlbHRzakhiaG04dnhEV3puNHhTUlYtT3VNdXRlRHM4TQ==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwOUowUW9ibHhqR3hlbHRzakhiaG04dnhEV3puNHhTUlYtT3VNdXRlRHM4TQ==&google_push
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 29 Mar 2022 04:02:54 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwOUowUW9ibHhqR3hlbHRzakhiaG04dnhEV3puNHhTUlYtT3VNdXRlRHM4TQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
sync
odr.mookie1.com/t/v2/ Frame 06A6 		43 B
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEMzrWYRB4H3hDuK8kL0QL0w&google_push=AYg5qPLAnTTLR--3PeBrTDOlqDoM5duTMtncenUkgd4fC72zxBfL7i0hyUE5wKUGwyHKyMMJAtG70mxt9jQHOUVHw5TtTQIiRGKC&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 06A6 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEC2AIkpdYORNkHJ8y6aXC-g&google_cver=1&google_push=AYg5qPJO26uxwhzdNGk7aKhDYsmuHFeBnZnCaQSwr9NeWNVgzDSpXF-BijgMu763lumG4oNwikTM8paFgPdsw3yzbe-cc9l-xGI_
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
itgbngbfiv1e8cgl3an8rau4qfrucs55
pixel
cm.g.doubleclick.net/ Frame 06A6
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENJLgv0CHiwTVHefV6Aos-4&google_cver=1&google_push=AYg5qPJgw4RrthurddmfmCxza4M2Y6Fk4GRb2daoZa1lVAHj1Zh17LUQ-abbf761fRup-CgnbHZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTTVQTlEtVC1LVjYz&google_push=AYg5qPJgw4RrthurddmfmCxza4M2Y6Fk4GRb2daoZa1lVAHj1Zh17LUQ-abbf761fRup-CgnbHZ3-BWG4k5H5d0qIT_DLo1hAd9s
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTTVQTlEtVC1LVjYz&google_push=AYg5qPJgw4RrthurddmfmCxza4M2Y6Fk4GRb2daoZa1lVAHj1Zh17LUQ-abbf761fRup-CgnbHZ3-BWG4k5H5d0qIT_DLo1hAd9s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDFCTTVQTlEtVC1LVjYz&google_push=AYg5qPJgw4RrthurddmfmCxza4M2Y6Fk4GRb2daoZa1lVAHj1Zh17LUQ-abbf761fRup-CgnbHZ3-BWG4k5H5d0qIT_DLo1hAd9s
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
Expires
0
pixel
cm.g.doubleclick.net/ Frame 06A6
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESENFNxC-7F1mpi28PtcjBrc8&google_cver=1&google_push=AYg5qPJYW_GMLYZUUb9-_EPt...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJYW_GMLYZUUb9-_EPthoONAHkSm_wxji5XeFOWHFAiUFWUekttj-W9tdt7B1mPshfxz55FYSW0XldpOFhn3DuXQaCw7KCALQ&google_hm=gicbztikdyzysdl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJYW_GMLYZUUb9-_EPthoONAHkSm_wxji5XeFOWHFAiUFWUekttj-W9tdt7B1mPshfxz55FYSW0XldpOFhn3DuXQaCw7KCALQ&google_hm=gicbztikdyzysdlhyzmwwpsjyqor
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPJYW_GMLYZUUb9-_EPthoONAHkSm_wxji5XeFOWHFAiUFWUekttj-W9tdt7B1mPshfxz55FYSW0XldpOFhn3DuXQaCw7KCALQ&google_hm=gicbztikdyzysdlhyzmwwpsjyqor
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 28 Mar 2022 04:02:54 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 06A6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IvVVcsQbi-qyZlk3FSjvBFlrQ9BlTzMRHk6bcj7m-Wr2CW0nBY3Ru4YXLIwUWNAhI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
data=qtSwLLxe1VaFj7JEmHjtYzFdWjOK3K6auPAuOdVxMp333gOA2QYQpQZkrhvIPs6O-7MniFVOzXF5uviWPqVs_yI7YXs
mts0.google.com/vt/ Frame C287 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=qtSwLLxe1VaFj7JEmHjtYzFdWjOK3K6auPAuOdVxMp333gOA2QYQpQZkrhvIPs6O-7MniFVOzXF5uviWPqVs_yI7YXs
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
88d047024f1b28ecf53b8256093ae46cc8d966a019ff477dd624a20443429d0f
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=65
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15208
x-xss-protection
0
x-server-version-bin
CggIBBDByoWSBg==
server
scaffolding on HTTPServer2
etag
0dc2aeb0f5b3ac287
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
expires
Tue, 29 Mar 2022 05:02:54 GMT
truncated
/ Frame C287 		297 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C287 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C287 		462 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame C287 		465 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
i.js
cm.idealmedia.io/ 		0
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.idealmedia.io/i.js?&cbuster=1648526574254648170952
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
cf-cache-status
MISS
last-modified
Tue, 29 Mar 2022 04:02:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
6f35b6713bb454ca-MAN
content-length
0
sd
us-u.openx.net/w/1.0/ Frame F151
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENfEJu0cHpsfMDKVQV7l3Gk&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENfEJu0cHpsfMDKVQV7l3Gk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMY76qExAEwAQ&v=APEucNWwr6ffytdEVj_4oXM0fkP7ZWMDcPSV19-zfjmTIMKpsXIwWm5rs3tqEB1oHoO1A0CzDZPeZotBSFESgIX3dODCx9O5cNbY1Vfvc0U7KrzG-CRoCqAxJEuYQfdFlP-I6KOos_RqYxLVt9YnkiJxa_gLgkEK0A76Ebph1tYUh_x-30_W2fQ
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENfEJu0cHpsfMDKVQV7l3Gk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame F151 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMY76qExAEwAQ&v=APEucNWwr6ffytdEVj_4oXM0fkP7ZWMDcPSV19-zfjmTIMKpsXIwWm5rs3tqEB1oHoO1A0CzDZPeZotBSFESgIX3dODCx9O5cNbY1Vfvc0U7KrzG-CRoCqAxJEuYQfdFlP-I6KOos_RqYxLVt9YnkiJxa_gLgkEK0A76Ebph1tYUh_x-30_W2fQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame F151
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEAGJnbHQTm9aUo1AmzMmY2M&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEAGJnbHQTm9aUo1AmzMmY2M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMY76qExAEwAQ&v=APEucNWwr6ffytdEVj_4oXM0fkP7ZWMDcPSV19-zfjmTIMKpsXIwWm5rs3tqEB1oHoO1A0CzDZPeZotBSFESgIX3dODCx9O5cNbY1Vfvc0U7KrzG-CRoCqAxJEuYQfdFlP-I6KOos_RqYxLVt9YnkiJxa_gLgkEK0A76Ebph1tYUh_x-30_W2fQ
Protocol
H2
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 29 Mar 2022 04:02:54 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEAGJnbHQTm9aUo1AmzMmY2M&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame F151 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMY76qExAEwAQ&v=APEucNWwr6ffytdEVj_4oXM0fkP7ZWMDcPSV19-zfjmTIMKpsXIwWm5rs3tqEB1oHoO1A0CzDZPeZotBSFESgIX3dODCx9O5cNbY1Vfvc0U7KrzG-CRoCqAxJEuYQfdFlP-I6KOos_RqYxLVt9YnkiJxa_gLgkEK0A76Ebph1tYUh_x-30_W2fQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-28-165.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 29 Mar 2022 04:02:54 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame B414 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu0bozxKSdA1gUR18eWJOaEGze8LYr4N36ooDvUVgOBeOWQRspSH7qqf6ivem1aTGNd8OVHgMSLE1V7DS21Qf1eup8rifXXdY2MAr9adfXsXgJyA6yy4ALe_O0WFJ4a_xG-beSc2jEOhfk&sig=Cg0ArKJSzNTedfqBEZBHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=220&vt=11&dtpt=220&dett=2&cstd=0&cisv=r20220324.37975&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N4378.285985.MEDIAIQ/B27487152.331700337;dc_ver=85.248;sz=728x90;u_sd=1;dc_adk=3430571816;ord=yzs4n5;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC1Mhi7IRCYvHlOrTD7_UP0aau2Aab6bSiadb-04PYD8_mor3AARABIMbgi3lgu4aAgNAKoAH4r_7LAsgBCakCewfrOKH4tT6oAwGqBNgBT9Ba2BYXfUT_C4_NkWv0TqglCONQ4VXVrHVQLCmOXgZRv7zefpAWW_b49FRRhgIlHXFzu9zgDzzA6x9L5NXbdjF4kSIjtgU-9d7KFdQ5IMlUPkR5lPtsYGX6qLNO4dRf70YIlLS2Z1l7c6kOeYtgMQ2pO0u7rX7zmdP4dFOF22amHA5_hHgJewuv13mcc8D6RwzxCFJVc8-JxvwJmG3dezpS27VN-Nfgc1olE1VubgECt5VESQw8q1RBi2yDv49zbiYz0udSXxncMVniSguPAkCNv-a6hy_KwASwiava1gPgBAOQBgGgBk2AB_DPgbQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIDhgBAQARgfgAoBmAsByAsBgAwBsBOisM8O0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAASJORo8xXPkfT3u6gzrEmGuNoo3JSUYulfrYNjMFKNtVDkndnyhA%26sig%3DAOD64_3nmy_hz9R0l_tvmwwI-7xGgrLRlw%26client%3Dca-pub-3755662197386269%26dbm_c%3DAKAmf-Cj92_MxsEu5GM5DORiIjrPvMoVdey54VEcjTvJivkiqD42Hh3m1-6wX859EnL1-nD_SEiQklIGZFGOghsy3aZMRjUCvinWj8lpfLOAIiDnwf5sG5vjBkwHTuUztRu4ALTzR-lGqk1Hc9KZI5VpoZNdGxE2cw%26cry%3D1%26dbm_d%3DAKAmf-DLnnEtj_fmRFFQ2m03K8WvXZI91Nv9qPe10MGXuMGS7BncthyZytdWzKycUvJPnTZtlDxRrTQoS5rO6zj3XwufaSLutVw8pma5Y6DadNAb_Tk26_mIN6gmC-3NA6Fm5ibNRUtnR8GJGxJ9mRXWPIP8vaQ6dimj-VS7A_Y-E7FDZKw4VYHy4Lvzuc9i-4BlCUSrQL-Hqcraxnz-wHJQ_F91-UK0lHYmTC4xqTTUwFLcxgODHHCpETFOBPQEa4_LyWdQdZ4K6vfj7vD0wEoeUbWbqAXnzOmYU1a9HVfvGEfxRhm4Ntfk1xMr5PV_lsyHae7Tqa5EDdJlGX-nglXO3tWRBgARXTAk4XeeUHj24pyy9Xh1xCGPrf0jw-5EE6XYOIgyJAXy7k3btale6f3aA83R8bnpkXiXGoE5dftbTs5-vR4MMMFynF_6XOD1dUBqXUY5laYLLHio-LTsBRTWbcF_0ZFYtw%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.;dc_rfl=2,https%3A%2F%2Fivona.ua$2,https%3A%2F%2Fivona.ua%2F$0;xdt=1;crlt=h.6lCo)gmj;sttr=51;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:02:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sca.17.5.12.js
static.adsafeprotected.com/ Frame 4A07 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2246:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
3593091
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 06d6f648c97d8c16ca5220ea2f4edf86.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P1
content-type
application/javascript
x-amz-cf-id
YwpPrbpydT_8zlqbIbAMDE33058i1JRUvcqHrzeZYJwWfcqU_hfObA==
mon
pixel.adsafeprotected.com/ Frame B414 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=10933&advId=22571342&campId=55914394&pubId=1&chanId=1411859872956&placementId=415317015&dealId=549644393847897261&adsafe_par&impId=ABAjH0hB1Rx2ySdIyAZK1jvs8fNq&bidurl=https://ivona.ua/&adsafe_url=https%3A%2F%2Fivona.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fivona.ua%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3755662197386269%26output%3Dhtml%26h%3D90%26slotname%3D1162504554%26adk%3D739537396%26adf%3D2751417948%26pi%3Dt.ma~as.1162504554%26w%3D728%26psa%3D0%26format%3D728x90%26url%3Dhttps%253A%252F%252Fivona.ua%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1648526572785%26bpp%3D3%26bdt%3D98%26idt%3D131%26shv%3Dr20220324%26mjsv%3Dm202203240101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D6c7be81ad532e759-228c3fdc67cd00a9%253AT%253D1648526572%253ART%253D1648526572%253AS%253DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog%26correlator%3D6558247461018%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D865945863.1648526572%26ga_sid%3D1648526573%26ga_hid%3D360553944%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D5%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D4020834182%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44760474%252C31065921%26oid%3D2%26pvsid%3D3509201282370956%26pem%3D967%26tmod%3D70198816%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.6dmv0lolheqd%26fsb%3D1%26dtd%3D143&adsafe_type=d&adsafe_jsinfo=,id:e3572ffa-e68d-39b8-08dc-b3dfaf959768,c:8dGSuT,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-79447dc6f8-qjsv7,rg:ie,pt:1-5-15,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:202,fm:t1rjvdw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r,idMap:1i1*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:218,oid:1b99a1b6-af15-11ec-bee0-82290555256b,v:19.8.299,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.73.39.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-39-178.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
app04.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
container.html
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F016 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 29 Mar 2022 04:02:53 GMT
expires
Wed, 29 Mar 2023 04:02:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=Sk5ibG40SEpCdk5rRU9zZVNpNmJGWHBNYUt0eFN5ckJSMWlJZ0lCQ0FTRFJqSElybG1QeFNkMmtWVTZkQmQwRGcrQjZrV2ZEMEM3eG4wMTdLYnovSzJ3SjFnbEhIdGtRLzFQc1RKVjFPY2lzVHM3dW5mUll6czdwRXhnRVZpYzc1MFRRMWFMUzZYMWx1K3BBUEs4Y3ZyTHUwdUJKNER1cVNTS1V6cmxvK1pDSC9xRE94NXhpeDhmcitFOXlZZFFjT0Z5eDRnNFQ1M3lWUkNCOXFia25VNUhTL0pQcTdiOVQ4Sy9SNlpIZXc0dFZkS3RiY3o1TXIvRlA4QVA4emZqYQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
i-noref.js
cm.idealmedia.io/ Frame D12A 		0
40 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.idealmedia.io/i-noref.js?cbuster=1648526574317794718319
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
cf-cache-status
MISS
last-modified
Tue, 29 Mar 2022 04:02:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
6f35b6719c0154ca-MAN
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5906 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
79750
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame 8566 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
22615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:45:59 GMT
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=b594bdda-c9c7-30cb-171d-ebe628589393&tv=%7Bc:8dGSvs,pingTime:-2.1,time:812,type:a,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:812,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B807~0%5D,as:%5B807~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:454,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.995085-61697697%7C1i11%7C1i12%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m%7C1n,idMap:1i1.e3572ffa-e68d-39b8-08dc-b3dfaf959768.41_10933%7C1i1*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:svg.us,sinceFw:193,readyFired:false%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
skeleton.js
fw.adsafeprotected.com/rjss/st/974135/61365881/ Frame F7C5 		232 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/974135/61365881/skeleton.js?ias_dspID=3&ias_campId=27188786&ias_pubId=pub-3191289882045155&ias_chanId=1&ias_placementId=16513943423&bidurl=https://ivona.ua/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0j-THRc0bOCfZ8vfZKsMxG-
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_KtYYnWMrrS1f5GMeClMxC7b0RR2D0q5ubA5vdWBRgbj1sTyU1s7RfcS5JNZ_jVramoJgMJuz7fbwfa1Spo9X2jJUufTxADF-GtzFRIQTaQnE4R-2OWDXb4B9LhRRsukj4Li1k54asNAMBXdaVRmJQWP4uA&dbm_d=AKAmf-DZIaLx-1jE5l8N2p4QDbi3iNL3uvBLsfxt1ce0OaMxicGZSfp4iK3NLzvmDfQoltWLBXN3wcIZS8vRtt9PQXmynuun22kbkr459qg0C7PBUq1UirW5kucsmgrY6XGiE2y5pEQWg5RAYPBvWLb_syuMfPeLd9OR7-ZLO8NwBQhiuEnNd6nhYaHHNJ2Lwnu8ypWCcc26sLuJn7etquqbrqx3adm6bg3yZX7k6yFhvYa4RXvamyleBVP5LoAMPSQ5r1Ar8SlgnKJp6NTp-5ZttluueJyzexBGYf7mnji2OpMgPeeLeW8IlJVU2SPhK4h0lGjKxTmMW0Kn3-M6t62sbISxkUb9_BoBHV6kQqEMyVuvm6MS12UKoMbWPZjPP1RZAY16ukvVAEsSXiKj9x5vn3LFB6BdvXaptkII4MJpmdc_H79b28f6w3wSK2aTejBEWn35wyVaUoAuNX1CgNWZDSA2P1XGE28KNaf5JX151yV0r3jtEUQTzhhrpStPSHI3lPwLqN_jOW7QwI3mAcM-1n71FUe_6EqDQTK4iRCu_HN8mWINi83t3U28ghUxDYSmE8T4MrXqbGVEZ48Tn7wUekyI7ieh0WosJXMF17LPEAoreOpTe7lPfXSk0guG4qwZXQRAFY2bz2o1R-RRY1t46h1taJIyIS0coFB296owkZhupfnJmbXcHZbE4CIRjPc-Mfs2rHZBDWd87h0PtcU3TmQnJEa_jUshYO7cJ2oXglD2NNBd9tKl8muPOa1IHkuzXqJdFHXHbTzfz0cXqLOWJutivIVWm4qWgXQkKT_kN28xg0ETJAbEhUuc3Qri4sPbTR8pUgxbtNEw8S9UdRaGPI0C3MvM6dOna1oD0YPsLa7DB6RSsX6ztoddgKsNahnK4UkazAtyHfVUfkggW_KLtpYoEndkHPUx3ghTLh4qbH9sIdQYrYWfuYQI4GVJ4cRdxEIB8KKU9dqeo1MUxsHvIsfeILkyOTNiwIYU8ERwB1hxqnw9Lmzv3RbOjuj1c-Ip9h71drhgWvZUicjuCr43nzRG6m8hS_TS2mKf6Q0pouo1ZSst7044xNSsZFU_afjaUg19HpAJqhthABhxibGXU_WbHSol1yk9rKrRLAtUBocpM4hELe0Acz6E2Gvzu38YqLipRSTSP95UzumPzJTDIxWYOqw4uJVBaFNh_NQt1mwSAfsR10qOAXKKqwotWWen3JTXWAzrI0B7WwNDKy_aUmJ6hkEoNkvQEksQsyGFnLhDA8frLtLjppWHTvhC9K8nCjWcMgJY4R6_JiuQY0a1Y57tpJjtL0yjYzgyk5BmKVKmWc38VsULk1RrU0WTMVMCpUahgLrHZ3s4xTJniN6zo4exrPO9x8hGkYYw_WStwuKYO6NQwhD3FyIGj007RzuXe34RYJLUoWEgvhC7TR-gKn1Qb9xzE9VUCQJn7eE_kQSCMIWc3An_84fNXxHQ6fry09okUTeWjMUCYN0gwqsnEH5aaeL7_27oI6asZEiUFRxeizLG7n4OdU7E9pI4M0auNz7LLi9UQHM6wTOrtSg05tbkdOSnaGoykaKVYK_OiHmNx4gvj8iRydiRZF_PMFkjpV8mF_5egZxtcmwuUuBm27UmJ7b6FbIsSG9yXwgbDizmr-m1uzdzhEItNnbkIJufeJT5CbZQ1PLuOUI3sUEjY9T3DX0tV84f4i4XXGrqhNKkWmlsFiQK6BkQp3gWKkzN1ehln0S6BG1W4uxOQPgwlBzJGORncnoF3QPsBQnRtMC-1DI7N7zPj6ld1lgnrDRu4vRvps2asxU6nFFqByfLQcA7nA6Tupi1Q-GmXLrBS1fc6G3FauEZiqTBG0yVFrwVUnfpm9UPjU5mlXED2bdHFe0kNBOxsn9-Clv-hL-9yvX0KDhSNmmdrgpJKXBMQ4nFiyJ0Z52LWe6M6PUIabsG6Ug8PYusAMfQ8H4jZ4nijnaJjxeem3VuX-GKAc80QpbSat-7W8rogPt_ZRYU_r_2_kn21RbQteZ_hDZvE2pBlvZOCyESrb5Wcf4MD7gjFv5zTja1LO_VkZsTbg6uEkeJkOMAg7NRilDeiQ4l4k_FGT0lpysjTd4IqoNmhoFRHzbDAJR-RitxxnkjEZN8MkPT-5ra1GEQ80DAr75seVy1BggC_wdg7w4xPXPTI78Aj90OuegCSlh9u1Sql16hjmA0qmYF6sUBx09nL0bMrz_fcZ4ufKR9rouVo1YTPPjAuaYVGuPwGP0IvcO3TMo3Q4TkrwzPk_PBK5zXC3H9A9FsfulMugkoby1SzrU0K6mY5JK5euHfe4-gq-WGol--NGP-njb-W5RUyNlLNQb9se61ro43qui5gx10_Vv8tIB9bWD0faifXzC82nkMcNy0GzVEGbBKVVxRSmWrrXR7nPjyFzx2AYm9AmJdRs3iOnW8-W0z6HkLXvor6h5mLFyVky9R1BAM3f923EhEDi5CPWrdOxRNvuwar1ZrFD5UvEpma-ZLmLAouCwU3NmipdFZZC0imGuAw__qTEKjHznf0wZ5VlVAjkH5jRdJkw1JVRfvwSxR48QzCDMClIIC0TX0Aj3Ce2fginsM4Wy4OARfT-ZnMxK-haVaXV36A7ovr-0ygtWy0eMB9vSptlPfSKXgwOxlIeQqCPhJUzpy3CwLP2EU5S3PTs9Sogz0Dl00gdj2x_2l0a9bJG-VFqNqZYBrQgFT9sPjL5waARM6Ey_mFIEyLD5_KrmyWRTg5eCMD8muzKV_refnBcQx0gZYM-p7WcWcnxZUMm3IsGrviSkEc7QOkNZhPkT7yh6ksc-HU3rtBNXJor0iEDDMBUdRlV3SIxXF4NDAglzv5SPFyS1rV5axpiZLEuwbV3VvTnm9Rz7MCSqhGQWrrAD788YFCgraEO9CXv2M4GkhT1nXMHCZ5zB_driXfr3zwKCHDBt95gogddj5eDlrgo-xO93dvup9vq1OPHWGxaqTItZJXKy0d700X72xg20hD8cCeiCPcOJeDXy193sjZQWaKGdZ4CXx7rqdthNJi3qF1JxdazBpK7xqjp2j3HtcW4VC_4PB3n0aMpBXsbXfp5c_RLNIhKcObSzGZPrMZs4TnGdh_0vqvpVeqPLN3Otj6cbYl6EZOtMB2pzs_kgL_MFQeFEWMC4vHIYSgCoKjucvl4U9A1cpvY7HdN9RhxTyJHY&cid=CAASJORo2TtRC6aNDMh3Tlmso4pl5qIvUpEfnonE64UW8uH6q6NYaQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.69.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-69-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
935d1594cbece7e708bb5160426c7b718609bd05f3c7eef1a96ac725e41cbbdb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/ Frame F7C5 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_KtYYnWMrrS1f5GMeClMxC7b0RR2D0q5ubA5vdWBRgbj1sTyU1s7RfcS5JNZ_jVramoJgMJuz7fbwfa1Spo9X2jJUufTxADF-GtzFRIQTaQnE4R-2OWDXb4B9LhRRsukj4Li1k54asNAMBXdaVRmJQWP4uA&dbm_d=AKAmf-DZIaLx-1jE5l8N2p4QDbi3iNL3uvBLsfxt1ce0OaMxicGZSfp4iK3NLzvmDfQoltWLBXN3wcIZS8vRtt9PQXmynuun22kbkr459qg0C7PBUq1UirW5kucsmgrY6XGiE2y5pEQWg5RAYPBvWLb_syuMfPeLd9OR7-ZLO8NwBQhiuEnNd6nhYaHHNJ2Lwnu8ypWCcc26sLuJn7etquqbrqx3adm6bg3yZX7k6yFhvYa4RXvamyleBVP5LoAMPSQ5r1Ar8SlgnKJp6NTp-5ZttluueJyzexBGYf7mnji2OpMgPeeLeW8IlJVU2SPhK4h0lGjKxTmMW0Kn3-M6t62sbISxkUb9_BoBHV6kQqEMyVuvm6MS12UKoMbWPZjPP1RZAY16ukvVAEsSXiKj9x5vn3LFB6BdvXaptkII4MJpmdc_H79b28f6w3wSK2aTejBEWn35wyVaUoAuNX1CgNWZDSA2P1XGE28KNaf5JX151yV0r3jtEUQTzhhrpStPSHI3lPwLqN_jOW7QwI3mAcM-1n71FUe_6EqDQTK4iRCu_HN8mWINi83t3U28ghUxDYSmE8T4MrXqbGVEZ48Tn7wUekyI7ieh0WosJXMF17LPEAoreOpTe7lPfXSk0guG4qwZXQRAFY2bz2o1R-RRY1t46h1taJIyIS0coFB296owkZhupfnJmbXcHZbE4CIRjPc-Mfs2rHZBDWd87h0PtcU3TmQnJEa_jUshYO7cJ2oXglD2NNBd9tKl8muPOa1IHkuzXqJdFHXHbTzfz0cXqLOWJutivIVWm4qWgXQkKT_kN28xg0ETJAbEhUuc3Qri4sPbTR8pUgxbtNEw8S9UdRaGPI0C3MvM6dOna1oD0YPsLa7DB6RSsX6ztoddgKsNahnK4UkazAtyHfVUfkggW_KLtpYoEndkHPUx3ghTLh4qbH9sIdQYrYWfuYQI4GVJ4cRdxEIB8KKU9dqeo1MUxsHvIsfeILkyOTNiwIYU8ERwB1hxqnw9Lmzv3RbOjuj1c-Ip9h71drhgWvZUicjuCr43nzRG6m8hS_TS2mKf6Q0pouo1ZSst7044xNSsZFU_afjaUg19HpAJqhthABhxibGXU_WbHSol1yk9rKrRLAtUBocpM4hELe0Acz6E2Gvzu38YqLipRSTSP95UzumPzJTDIxWYOqw4uJVBaFNh_NQt1mwSAfsR10qOAXKKqwotWWen3JTXWAzrI0B7WwNDKy_aUmJ6hkEoNkvQEksQsyGFnLhDA8frLtLjppWHTvhC9K8nCjWcMgJY4R6_JiuQY0a1Y57tpJjtL0yjYzgyk5BmKVKmWc38VsULk1RrU0WTMVMCpUahgLrHZ3s4xTJniN6zo4exrPO9x8hGkYYw_WStwuKYO6NQwhD3FyIGj007RzuXe34RYJLUoWEgvhC7TR-gKn1Qb9xzE9VUCQJn7eE_kQSCMIWc3An_84fNXxHQ6fry09okUTeWjMUCYN0gwqsnEH5aaeL7_27oI6asZEiUFRxeizLG7n4OdU7E9pI4M0auNz7LLi9UQHM6wTOrtSg05tbkdOSnaGoykaKVYK_OiHmNx4gvj8iRydiRZF_PMFkjpV8mF_5egZxtcmwuUuBm27UmJ7b6FbIsSG9yXwgbDizmr-m1uzdzhEItNnbkIJufeJT5CbZQ1PLuOUI3sUEjY9T3DX0tV84f4i4XXGrqhNKkWmlsFiQK6BkQp3gWKkzN1ehln0S6BG1W4uxOQPgwlBzJGORncnoF3QPsBQnRtMC-1DI7N7zPj6ld1lgnrDRu4vRvps2asxU6nFFqByfLQcA7nA6Tupi1Q-GmXLrBS1fc6G3FauEZiqTBG0yVFrwVUnfpm9UPjU5mlXED2bdHFe0kNBOxsn9-Clv-hL-9yvX0KDhSNmmdrgpJKXBMQ4nFiyJ0Z52LWe6M6PUIabsG6Ug8PYusAMfQ8H4jZ4nijnaJjxeem3VuX-GKAc80QpbSat-7W8rogPt_ZRYU_r_2_kn21RbQteZ_hDZvE2pBlvZOCyESrb5Wcf4MD7gjFv5zTja1LO_VkZsTbg6uEkeJkOMAg7NRilDeiQ4l4k_FGT0lpysjTd4IqoNmhoFRHzbDAJR-RitxxnkjEZN8MkPT-5ra1GEQ80DAr75seVy1BggC_wdg7w4xPXPTI78Aj90OuegCSlh9u1Sql16hjmA0qmYF6sUBx09nL0bMrz_fcZ4ufKR9rouVo1YTPPjAuaYVGuPwGP0IvcO3TMo3Q4TkrwzPk_PBK5zXC3H9A9FsfulMugkoby1SzrU0K6mY5JK5euHfe4-gq-WGol--NGP-njb-W5RUyNlLNQb9se61ro43qui5gx10_Vv8tIB9bWD0faifXzC82nkMcNy0GzVEGbBKVVxRSmWrrXR7nPjyFzx2AYm9AmJdRs3iOnW8-W0z6HkLXvor6h5mLFyVky9R1BAM3f923EhEDi5CPWrdOxRNvuwar1ZrFD5UvEpma-ZLmLAouCwU3NmipdFZZC0imGuAw__qTEKjHznf0wZ5VlVAjkH5jRdJkw1JVRfvwSxR48QzCDMClIIC0TX0Aj3Ce2fginsM4Wy4OARfT-ZnMxK-haVaXV36A7ovr-0ygtWy0eMB9vSptlPfSKXgwOxlIeQqCPhJUzpy3CwLP2EU5S3PTs9Sogz0Dl00gdj2x_2l0a9bJG-VFqNqZYBrQgFT9sPjL5waARM6Ey_mFIEyLD5_KrmyWRTg5eCMD8muzKV_refnBcQx0gZYM-p7WcWcnxZUMm3IsGrviSkEc7QOkNZhPkT7yh6ksc-HU3rtBNXJor0iEDDMBUdRlV3SIxXF4NDAglzv5SPFyS1rV5axpiZLEuwbV3VvTnm9Rz7MCSqhGQWrrAD788YFCgraEO9CXv2M4GkhT1nXMHCZ5zB_driXfr3zwKCHDBt95gogddj5eDlrgo-xO93dvup9vq1OPHWGxaqTItZJXKy0d700X72xg20hD8cCeiCPcOJeDXy193sjZQWaKGdZ4CXx7rqdthNJi3qF1JxdazBpK7xqjp2j3HtcW4VC_4PB3n0aMpBXsbXfp5c_RLNIhKcObSzGZPrMZs4TnGdh_0vqvpVeqPLN3Otj6cbYl6EZOtMB2pzs_kgL_MFQeFEWMC4vHIYSgCoKjucvl4U9A1cpvY7HdN9RhxTyJHY&cid=CAASJORo2TtRC6aNDMh3Tlmso4pl5qIvUpEfnonE64UW8uH6q6NYaQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:54:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/ Frame F7C5 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_KtYYnWMrrS1f5GMeClMxC7b0RR2D0q5ubA5vdWBRgbj1sTyU1s7RfcS5JNZ_jVramoJgMJuz7fbwfa1Spo9X2jJUufTxADF-GtzFRIQTaQnE4R-2OWDXb4B9LhRRsukj4Li1k54asNAMBXdaVRmJQWP4uA&dbm_d=AKAmf-DZIaLx-1jE5l8N2p4QDbi3iNL3uvBLsfxt1ce0OaMxicGZSfp4iK3NLzvmDfQoltWLBXN3wcIZS8vRtt9PQXmynuun22kbkr459qg0C7PBUq1UirW5kucsmgrY6XGiE2y5pEQWg5RAYPBvWLb_syuMfPeLd9OR7-ZLO8NwBQhiuEnNd6nhYaHHNJ2Lwnu8ypWCcc26sLuJn7etquqbrqx3adm6bg3yZX7k6yFhvYa4RXvamyleBVP5LoAMPSQ5r1Ar8SlgnKJp6NTp-5ZttluueJyzexBGYf7mnji2OpMgPeeLeW8IlJVU2SPhK4h0lGjKxTmMW0Kn3-M6t62sbISxkUb9_BoBHV6kQqEMyVuvm6MS12UKoMbWPZjPP1RZAY16ukvVAEsSXiKj9x5vn3LFB6BdvXaptkII4MJpmdc_H79b28f6w3wSK2aTejBEWn35wyVaUoAuNX1CgNWZDSA2P1XGE28KNaf5JX151yV0r3jtEUQTzhhrpStPSHI3lPwLqN_jOW7QwI3mAcM-1n71FUe_6EqDQTK4iRCu_HN8mWINi83t3U28ghUxDYSmE8T4MrXqbGVEZ48Tn7wUekyI7ieh0WosJXMF17LPEAoreOpTe7lPfXSk0guG4qwZXQRAFY2bz2o1R-RRY1t46h1taJIyIS0coFB296owkZhupfnJmbXcHZbE4CIRjPc-Mfs2rHZBDWd87h0PtcU3TmQnJEa_jUshYO7cJ2oXglD2NNBd9tKl8muPOa1IHkuzXqJdFHXHbTzfz0cXqLOWJutivIVWm4qWgXQkKT_kN28xg0ETJAbEhUuc3Qri4sPbTR8pUgxbtNEw8S9UdRaGPI0C3MvM6dOna1oD0YPsLa7DB6RSsX6ztoddgKsNahnK4UkazAtyHfVUfkggW_KLtpYoEndkHPUx3ghTLh4qbH9sIdQYrYWfuYQI4GVJ4cRdxEIB8KKU9dqeo1MUxsHvIsfeILkyOTNiwIYU8ERwB1hxqnw9Lmzv3RbOjuj1c-Ip9h71drhgWvZUicjuCr43nzRG6m8hS_TS2mKf6Q0pouo1ZSst7044xNSsZFU_afjaUg19HpAJqhthABhxibGXU_WbHSol1yk9rKrRLAtUBocpM4hELe0Acz6E2Gvzu38YqLipRSTSP95UzumPzJTDIxWYOqw4uJVBaFNh_NQt1mwSAfsR10qOAXKKqwotWWen3JTXWAzrI0B7WwNDKy_aUmJ6hkEoNkvQEksQsyGFnLhDA8frLtLjppWHTvhC9K8nCjWcMgJY4R6_JiuQY0a1Y57tpJjtL0yjYzgyk5BmKVKmWc38VsULk1RrU0WTMVMCpUahgLrHZ3s4xTJniN6zo4exrPO9x8hGkYYw_WStwuKYO6NQwhD3FyIGj007RzuXe34RYJLUoWEgvhC7TR-gKn1Qb9xzE9VUCQJn7eE_kQSCMIWc3An_84fNXxHQ6fry09okUTeWjMUCYN0gwqsnEH5aaeL7_27oI6asZEiUFRxeizLG7n4OdU7E9pI4M0auNz7LLi9UQHM6wTOrtSg05tbkdOSnaGoykaKVYK_OiHmNx4gvj8iRydiRZF_PMFkjpV8mF_5egZxtcmwuUuBm27UmJ7b6FbIsSG9yXwgbDizmr-m1uzdzhEItNnbkIJufeJT5CbZQ1PLuOUI3sUEjY9T3DX0tV84f4i4XXGrqhNKkWmlsFiQK6BkQp3gWKkzN1ehln0S6BG1W4uxOQPgwlBzJGORncnoF3QPsBQnRtMC-1DI7N7zPj6ld1lgnrDRu4vRvps2asxU6nFFqByfLQcA7nA6Tupi1Q-GmXLrBS1fc6G3FauEZiqTBG0yVFrwVUnfpm9UPjU5mlXED2bdHFe0kNBOxsn9-Clv-hL-9yvX0KDhSNmmdrgpJKXBMQ4nFiyJ0Z52LWe6M6PUIabsG6Ug8PYusAMfQ8H4jZ4nijnaJjxeem3VuX-GKAc80QpbSat-7W8rogPt_ZRYU_r_2_kn21RbQteZ_hDZvE2pBlvZOCyESrb5Wcf4MD7gjFv5zTja1LO_VkZsTbg6uEkeJkOMAg7NRilDeiQ4l4k_FGT0lpysjTd4IqoNmhoFRHzbDAJR-RitxxnkjEZN8MkPT-5ra1GEQ80DAr75seVy1BggC_wdg7w4xPXPTI78Aj90OuegCSlh9u1Sql16hjmA0qmYF6sUBx09nL0bMrz_fcZ4ufKR9rouVo1YTPPjAuaYVGuPwGP0IvcO3TMo3Q4TkrwzPk_PBK5zXC3H9A9FsfulMugkoby1SzrU0K6mY5JK5euHfe4-gq-WGol--NGP-njb-W5RUyNlLNQb9se61ro43qui5gx10_Vv8tIB9bWD0faifXzC82nkMcNy0GzVEGbBKVVxRSmWrrXR7nPjyFzx2AYm9AmJdRs3iOnW8-W0z6HkLXvor6h5mLFyVky9R1BAM3f923EhEDi5CPWrdOxRNvuwar1ZrFD5UvEpma-ZLmLAouCwU3NmipdFZZC0imGuAw__qTEKjHznf0wZ5VlVAjkH5jRdJkw1JVRfvwSxR48QzCDMClIIC0TX0Aj3Ce2fginsM4Wy4OARfT-ZnMxK-haVaXV36A7ovr-0ygtWy0eMB9vSptlPfSKXgwOxlIeQqCPhJUzpy3CwLP2EU5S3PTs9Sogz0Dl00gdj2x_2l0a9bJG-VFqNqZYBrQgFT9sPjL5waARM6Ey_mFIEyLD5_KrmyWRTg5eCMD8muzKV_refnBcQx0gZYM-p7WcWcnxZUMm3IsGrviSkEc7QOkNZhPkT7yh6ksc-HU3rtBNXJor0iEDDMBUdRlV3SIxXF4NDAglzv5SPFyS1rV5axpiZLEuwbV3VvTnm9Rz7MCSqhGQWrrAD788YFCgraEO9CXv2M4GkhT1nXMHCZ5zB_driXfr3zwKCHDBt95gogddj5eDlrgo-xO93dvup9vq1OPHWGxaqTItZJXKy0d700X72xg20hD8cCeiCPcOJeDXy193sjZQWaKGdZ4CXx7rqdthNJi3qF1JxdazBpK7xqjp2j3HtcW4VC_4PB3n0aMpBXsbXfp5c_RLNIhKcObSzGZPrMZs4TnGdh_0vqvpVeqPLN3Otj6cbYl6EZOtMB2pzs_kgL_MFQeFEWMC4vHIYSgCoKjucvl4U9A1cpvY7HdN9RhxTyJHY&cid=CAASJORo2TtRC6aNDMh3Tlmso4pl5qIvUpEfnonE64UW8uH6q6NYaQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
658
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:51:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F7C5 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRobZ_xZOULXvt05fdA94-52rTKIuwqh8odlRzhf2i3clK2R1gh9UFxZ6K2lKM2KYCwmi0UCeZpQfSZvs3LiRE50yUEqT_o7VSO-qrczcStUhe7efYxuBEAXL0pBo--R7rnVXlVXzM0H-itM_IBYvlIM_YPxqoq9m4a2QT_iwRiGOS8Hj0Nwg0nGIMrhL2fXzh6Lo9HDr1s4nAyj481n-CYEsztJ09QjoyMVf7vsKrKt3FIuHF83cL0LHP4Rkx2hkqVO0l3BlRtTPgkA_4P_YdpTxraojkgkiPR4WazatrFaWn1Qv6xAvJnNxHZsJdg-ojkvADi6oy4jeaTTldjuON8-t1pvk8QdCtPLDyyInnnktM9MWG160ygRHQXAzviufXFPbey3lTIUuWFl0jGd0vLGRv1H4KKSwamxWczlTCPirgVJlspDJjP8Uu6ZkaGlD8qhH7bYsQJgKsjA3DzRshgA6YtFH-ITLOecP_ysxQ1AwPN9UFK0nbrXspNFXuhtC7IlaH0ZwO3W1CuQJq9rg82KZdTf2DS1hJr-h-tisUmsTA3bd02gS2djXG2E_U-6g00nxmLaI6b08GrboO07vdYsd3TxBDRinjIbcHeiEiOS0PVxU7Kw_ABEhitpVxsz3M5pl-P3PuNwyFpfn526_-c0e4eclQ5u7U6OhkhS3pOK1CIaXNR_kxlw_wkOnQOuF-2BnrDQBjV81Xe8sNLVK6qpaVHSwpP9oPijFPpARrbAeG0nAaQ34eo1HUE__wexy4qF1jDJTduDg5drIh-GiK-Rf1F6Slj0zqLwdYRpYDMe9BN94y9kTC1DgQwdwc_ovKySCsDCuZDUxLrjD-qFz1v6IQUDYRbNUNzj4ctxl1DzynFsI8x5x7WaHUeqUURpBKU8Bs65omJlDABkqS7Jdm44vJLJ4Q5mkNUA8LqH9GZkFlmIDv32Hw8qt6NA9O_KbjArmyHumPQ4CHBw6wrTgF36MxZdY1GqbwNAveTp8KCUf54lWMGvP74oHXmnqrgJuxdRLh6GLFPdv2Gc-hDGhLSDJlG0ZlKe_igbvo3QFRg59VJx5_hwLq5HeEaYQFH2K8Ngch5k1mQPv6_Ub5G52hHuFU2TW3uyRB63oD7n60M5QiioyPhNtUh4CEV_QolCJf-DVrG71SsJ_NwdzkpuCCUaDB0WqxNvVy2Ovhp197x-0jpyI04yUYi6wyFHQyua5SAWMXR54CB0vlpol1sGA&sai=AMfl-YQ1Ey-VBOw09ktoCvLdPw3a59D3wVF1NLQHfYkIrljOUtSEwr4Pndgg-0lrg2BOojt2cYNPR7c9n9qzJQmekyP1iakDw_oOSxT8qQFnkjU4EQxFM6jNEPFwuSZchPkdiVovhxH2iphQaLBzCLb9Vxozw5uvJaCV9qQJ4BUGAA2GARpYM_yA0B5yjDHQE9MkKwiVTgp_W4Ro_gtGDT3cs6N0gj8MpZHHg_VyrTmlK6aW&sig=Cg0ArKJSzE6Q5TPOkNc6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220324.76489&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_KtYYnWMrrS1f5GMeClMxC7b0RR2D0q5ubA5vdWBRgbj1sTyU1s7RfcS5JNZ_jVramoJgMJuz7fbwfa1Spo9X2jJUufTxADF-GtzFRIQTaQnE4R-2OWDXb4B9LhRRsukj4Li1k54asNAMBXdaVRmJQWP4uA&dbm_d=AKAmf-DZIaLx-1jE5l8N2p4QDbi3iNL3uvBLsfxt1ce0OaMxicGZSfp4iK3NLzvmDfQoltWLBXN3wcIZS8vRtt9PQXmynuun22kbkr459qg0C7PBUq1UirW5kucsmgrY6XGiE2y5pEQWg5RAYPBvWLb_syuMfPeLd9OR7-ZLO8NwBQhiuEnNd6nhYaHHNJ2Lwnu8ypWCcc26sLuJn7etquqbrqx3adm6bg3yZX7k6yFhvYa4RXvamyleBVP5LoAMPSQ5r1Ar8SlgnKJp6NTp-5ZttluueJyzexBGYf7mnji2OpMgPeeLeW8IlJVU2SPhK4h0lGjKxTmMW0Kn3-M6t62sbISxkUb9_BoBHV6kQqEMyVuvm6MS12UKoMbWPZjPP1RZAY16ukvVAEsSXiKj9x5vn3LFB6BdvXaptkII4MJpmdc_H79b28f6w3wSK2aTejBEWn35wyVaUoAuNX1CgNWZDSA2P1XGE28KNaf5JX151yV0r3jtEUQTzhhrpStPSHI3lPwLqN_jOW7QwI3mAcM-1n71FUe_6EqDQTK4iRCu_HN8mWINi83t3U28ghUxDYSmE8T4MrXqbGVEZ48Tn7wUekyI7ieh0WosJXMF17LPEAoreOpTe7lPfXSk0guG4qwZXQRAFY2bz2o1R-RRY1t46h1taJIyIS0coFB296owkZhupfnJmbXcHZbE4CIRjPc-Mfs2rHZBDWd87h0PtcU3TmQnJEa_jUshYO7cJ2oXglD2NNBd9tKl8muPOa1IHkuzXqJdFHXHbTzfz0cXqLOWJutivIVWm4qWgXQkKT_kN28xg0ETJAbEhUuc3Qri4sPbTR8pUgxbtNEw8S9UdRaGPI0C3MvM6dOna1oD0YPsLa7DB6RSsX6ztoddgKsNahnK4UkazAtyHfVUfkggW_KLtpYoEndkHPUx3ghTLh4qbH9sIdQYrYWfuYQI4GVJ4cRdxEIB8KKU9dqeo1MUxsHvIsfeILkyOTNiwIYU8ERwB1hxqnw9Lmzv3RbOjuj1c-Ip9h71drhgWvZUicjuCr43nzRG6m8hS_TS2mKf6Q0pouo1ZSst7044xNSsZFU_afjaUg19HpAJqhthABhxibGXU_WbHSol1yk9rKrRLAtUBocpM4hELe0Acz6E2Gvzu38YqLipRSTSP95UzumPzJTDIxWYOqw4uJVBaFNh_NQt1mwSAfsR10qOAXKKqwotWWen3JTXWAzrI0B7WwNDKy_aUmJ6hkEoNkvQEksQsyGFnLhDA8frLtLjppWHTvhC9K8nCjWcMgJY4R6_JiuQY0a1Y57tpJjtL0yjYzgyk5BmKVKmWc38VsULk1RrU0WTMVMCpUahgLrHZ3s4xTJniN6zo4exrPO9x8hGkYYw_WStwuKYO6NQwhD3FyIGj007RzuXe34RYJLUoWEgvhC7TR-gKn1Qb9xzE9VUCQJn7eE_kQSCMIWc3An_84fNXxHQ6fry09okUTeWjMUCYN0gwqsnEH5aaeL7_27oI6asZEiUFRxeizLG7n4OdU7E9pI4M0auNz7LLi9UQHM6wTOrtSg05tbkdOSnaGoykaKVYK_OiHmNx4gvj8iRydiRZF_PMFkjpV8mF_5egZxtcmwuUuBm27UmJ7b6FbIsSG9yXwgbDizmr-m1uzdzhEItNnbkIJufeJT5CbZQ1PLuOUI3sUEjY9T3DX0tV84f4i4XXGrqhNKkWmlsFiQK6BkQp3gWKkzN1ehln0S6BG1W4uxOQPgwlBzJGORncnoF3QPsBQnRtMC-1DI7N7zPj6ld1lgnrDRu4vRvps2asxU6nFFqByfLQcA7nA6Tupi1Q-GmXLrBS1fc6G3FauEZiqTBG0yVFrwVUnfpm9UPjU5mlXED2bdHFe0kNBOxsn9-Clv-hL-9yvX0KDhSNmmdrgpJKXBMQ4nFiyJ0Z52LWe6M6PUIabsG6Ug8PYusAMfQ8H4jZ4nijnaJjxeem3VuX-GKAc80QpbSat-7W8rogPt_ZRYU_r_2_kn21RbQteZ_hDZvE2pBlvZOCyESrb5Wcf4MD7gjFv5zTja1LO_VkZsTbg6uEkeJkOMAg7NRilDeiQ4l4k_FGT0lpysjTd4IqoNmhoFRHzbDAJR-RitxxnkjEZN8MkPT-5ra1GEQ80DAr75seVy1BggC_wdg7w4xPXPTI78Aj90OuegCSlh9u1Sql16hjmA0qmYF6sUBx09nL0bMrz_fcZ4ufKR9rouVo1YTPPjAuaYVGuPwGP0IvcO3TMo3Q4TkrwzPk_PBK5zXC3H9A9FsfulMugkoby1SzrU0K6mY5JK5euHfe4-gq-WGol--NGP-njb-W5RUyNlLNQb9se61ro43qui5gx10_Vv8tIB9bWD0faifXzC82nkMcNy0GzVEGbBKVVxRSmWrrXR7nPjyFzx2AYm9AmJdRs3iOnW8-W0z6HkLXvor6h5mLFyVky9R1BAM3f923EhEDi5CPWrdOxRNvuwar1ZrFD5UvEpma-ZLmLAouCwU3NmipdFZZC0imGuAw__qTEKjHznf0wZ5VlVAjkH5jRdJkw1JVRfvwSxR48QzCDMClIIC0TX0Aj3Ce2fginsM4Wy4OARfT-ZnMxK-haVaXV36A7ovr-0ygtWy0eMB9vSptlPfSKXgwOxlIeQqCPhJUzpy3CwLP2EU5S3PTs9Sogz0Dl00gdj2x_2l0a9bJG-VFqNqZYBrQgFT9sPjL5waARM6Ey_mFIEyLD5_KrmyWRTg5eCMD8muzKV_refnBcQx0gZYM-p7WcWcnxZUMm3IsGrviSkEc7QOkNZhPkT7yh6ksc-HU3rtBNXJor0iEDDMBUdRlV3SIxXF4NDAglzv5SPFyS1rV5axpiZLEuwbV3VvTnm9Rz7MCSqhGQWrrAD788YFCgraEO9CXv2M4GkhT1nXMHCZ5zB_driXfr3zwKCHDBt95gogddj5eDlrgo-xO93dvup9vq1OPHWGxaqTItZJXKy0d700X72xg20hD8cCeiCPcOJeDXy193sjZQWaKGdZ4CXx7rqdthNJi3qF1JxdazBpK7xqjp2j3HtcW4VC_4PB3n0aMpBXsbXfp5c_RLNIhKcObSzGZPrMZs4TnGdh_0vqvpVeqPLN3Otj6cbYl6EZOtMB2pzs_kgL_MFQeFEWMC4vHIYSgCoKjucvl4U9A1cpvY7HdN9RhxTyJHY&cid=CAASJORo2TtRC6aNDMh3Tlmso4pl5qIvUpEfnonE64UW8uH6q6NYaQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 29 Mar 2022 04:02:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F7C5 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_KtYYnWMrrS1f5GMeClMxC7b0RR2D0q5ubA5vdWBRgbj1sTyU1s7RfcS5JNZ_jVramoJgMJuz7fbwfa1Spo9X2jJUufTxADF-GtzFRIQTaQnE4R-2OWDXb4B9LhRRsukj4Li1k54asNAMBXdaVRmJQWP4uA&dbm_d=AKAmf-DZIaLx-1jE5l8N2p4QDbi3iNL3uvBLsfxt1ce0OaMxicGZSfp4iK3NLzvmDfQoltWLBXN3wcIZS8vRtt9PQXmynuun22kbkr459qg0C7PBUq1UirW5kucsmgrY6XGiE2y5pEQWg5RAYPBvWLb_syuMfPeLd9OR7-ZLO8NwBQhiuEnNd6nhYaHHNJ2Lwnu8ypWCcc26sLuJn7etquqbrqx3adm6bg3yZX7k6yFhvYa4RXvamyleBVP5LoAMPSQ5r1Ar8SlgnKJp6NTp-5ZttluueJyzexBGYf7mnji2OpMgPeeLeW8IlJVU2SPhK4h0lGjKxTmMW0Kn3-M6t62sbISxkUb9_BoBHV6kQqEMyVuvm6MS12UKoMbWPZjPP1RZAY16ukvVAEsSXiKj9x5vn3LFB6BdvXaptkII4MJpmdc_H79b28f6w3wSK2aTejBEWn35wyVaUoAuNX1CgNWZDSA2P1XGE28KNaf5JX151yV0r3jtEUQTzhhrpStPSHI3lPwLqN_jOW7QwI3mAcM-1n71FUe_6EqDQTK4iRCu_HN8mWINi83t3U28ghUxDYSmE8T4MrXqbGVEZ48Tn7wUekyI7ieh0WosJXMF17LPEAoreOpTe7lPfXSk0guG4qwZXQRAFY2bz2o1R-RRY1t46h1taJIyIS0coFB296owkZhupfnJmbXcHZbE4CIRjPc-Mfs2rHZBDWd87h0PtcU3TmQnJEa_jUshYO7cJ2oXglD2NNBd9tKl8muPOa1IHkuzXqJdFHXHbTzfz0cXqLOWJutivIVWm4qWgXQkKT_kN28xg0ETJAbEhUuc3Qri4sPbTR8pUgxbtNEw8S9UdRaGPI0C3MvM6dOna1oD0YPsLa7DB6RSsX6ztoddgKsNahnK4UkazAtyHfVUfkggW_KLtpYoEndkHPUx3ghTLh4qbH9sIdQYrYWfuYQI4GVJ4cRdxEIB8KKU9dqeo1MUxsHvIsfeILkyOTNiwIYU8ERwB1hxqnw9Lmzv3RbOjuj1c-Ip9h71drhgWvZUicjuCr43nzRG6m8hS_TS2mKf6Q0pouo1ZSst7044xNSsZFU_afjaUg19HpAJqhthABhxibGXU_WbHSol1yk9rKrRLAtUBocpM4hELe0Acz6E2Gvzu38YqLipRSTSP95UzumPzJTDIxWYOqw4uJVBaFNh_NQt1mwSAfsR10qOAXKKqwotWWen3JTXWAzrI0B7WwNDKy_aUmJ6hkEoNkvQEksQsyGFnLhDA8frLtLjppWHTvhC9K8nCjWcMgJY4R6_JiuQY0a1Y57tpJjtL0yjYzgyk5BmKVKmWc38VsULk1RrU0WTMVMCpUahgLrHZ3s4xTJniN6zo4exrPO9x8hGkYYw_WStwuKYO6NQwhD3FyIGj007RzuXe34RYJLUoWEgvhC7TR-gKn1Qb9xzE9VUCQJn7eE_kQSCMIWc3An_84fNXxHQ6fry09okUTeWjMUCYN0gwqsnEH5aaeL7_27oI6asZEiUFRxeizLG7n4OdU7E9pI4M0auNz7LLi9UQHM6wTOrtSg05tbkdOSnaGoykaKVYK_OiHmNx4gvj8iRydiRZF_PMFkjpV8mF_5egZxtcmwuUuBm27UmJ7b6FbIsSG9yXwgbDizmr-m1uzdzhEItNnbkIJufeJT5CbZQ1PLuOUI3sUEjY9T3DX0tV84f4i4XXGrqhNKkWmlsFiQK6BkQp3gWKkzN1ehln0S6BG1W4uxOQPgwlBzJGORncnoF3QPsBQnRtMC-1DI7N7zPj6ld1lgnrDRu4vRvps2asxU6nFFqByfLQcA7nA6Tupi1Q-GmXLrBS1fc6G3FauEZiqTBG0yVFrwVUnfpm9UPjU5mlXED2bdHFe0kNBOxsn9-Clv-hL-9yvX0KDhSNmmdrgpJKXBMQ4nFiyJ0Z52LWe6M6PUIabsG6Ug8PYusAMfQ8H4jZ4nijnaJjxeem3VuX-GKAc80QpbSat-7W8rogPt_ZRYU_r_2_kn21RbQteZ_hDZvE2pBlvZOCyESrb5Wcf4MD7gjFv5zTja1LO_VkZsTbg6uEkeJkOMAg7NRilDeiQ4l4k_FGT0lpysjTd4IqoNmhoFRHzbDAJR-RitxxnkjEZN8MkPT-5ra1GEQ80DAr75seVy1BggC_wdg7w4xPXPTI78Aj90OuegCSlh9u1Sql16hjmA0qmYF6sUBx09nL0bMrz_fcZ4ufKR9rouVo1YTPPjAuaYVGuPwGP0IvcO3TMo3Q4TkrwzPk_PBK5zXC3H9A9FsfulMugkoby1SzrU0K6mY5JK5euHfe4-gq-WGol--NGP-njb-W5RUyNlLNQb9se61ro43qui5gx10_Vv8tIB9bWD0faifXzC82nkMcNy0GzVEGbBKVVxRSmWrrXR7nPjyFzx2AYm9AmJdRs3iOnW8-W0z6HkLXvor6h5mLFyVky9R1BAM3f923EhEDi5CPWrdOxRNvuwar1ZrFD5UvEpma-ZLmLAouCwU3NmipdFZZC0imGuAw__qTEKjHznf0wZ5VlVAjkH5jRdJkw1JVRfvwSxR48QzCDMClIIC0TX0Aj3Ce2fginsM4Wy4OARfT-ZnMxK-haVaXV36A7ovr-0ygtWy0eMB9vSptlPfSKXgwOxlIeQqCPhJUzpy3CwLP2EU5S3PTs9Sogz0Dl00gdj2x_2l0a9bJG-VFqNqZYBrQgFT9sPjL5waARM6Ey_mFIEyLD5_KrmyWRTg5eCMD8muzKV_refnBcQx0gZYM-p7WcWcnxZUMm3IsGrviSkEc7QOkNZhPkT7yh6ksc-HU3rtBNXJor0iEDDMBUdRlV3SIxXF4NDAglzv5SPFyS1rV5axpiZLEuwbV3VvTnm9Rz7MCSqhGQWrrAD788YFCgraEO9CXv2M4GkhT1nXMHCZ5zB_driXfr3zwKCHDBt95gogddj5eDlrgo-xO93dvup9vq1OPHWGxaqTItZJXKy0d700X72xg20hD8cCeiCPcOJeDXy193sjZQWaKGdZ4CXx7rqdthNJi3qF1JxdazBpK7xqjp2j3HtcW4VC_4PB3n0aMpBXsbXfp5c_RLNIhKcObSzGZPrMZs4TnGdh_0vqvpVeqPLN3Otj6cbYl6EZOtMB2pzs_kgL_MFQeFEWMC4vHIYSgCoKjucvl4U9A1cpvY7HdN9RhxTyJHY&cid=CAASJORo2TtRC6aNDMh3Tlmso4pl5qIvUpEfnonE64UW8uH6q6NYaQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 09:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Mar 2023 09:30:26 GMT
CV_UKFarfetch_Promo_CS_300x250_CT_BAN.jpg
s0.2mdn.net/6526861/ Frame F7C5 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6526861/CV_UKFarfetch_Promo_CS_300x250_CT_BAN.jpg
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69f2ffc26aab7a76d52a5d390dc41fb7229f0e9c7ada33f45d50a192f031577e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:06:35 GMT
x-content-type-options
nosniff
age
46579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79790
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 11:05:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 15:06:35 GMT
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e3572ffa-e68d-39b8-08dc-b3dfaf959768&tv=%7Bc:8dGSvD,pingTime:-3,time:263,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:217%7D,%7Bpiv:0,vs:o,r:l,t:263%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:263,n:263,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:217,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1,0~0%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1rjvdw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r,idMap:1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e3572ffa-e68d-39b8-08dc-b3dfaf959768&tv=%7Bc:8dGSvE,pingTime:-6,time:264,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:264,n:263,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:217,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1,0~0%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1rjvdw+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r,idMap:1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:ivona.ua*%2Civona.ua*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
truncated
/ Frame C287 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f464a37673a9d21587d7935623937d9ee4827ad588cb50b6c359c171dfab9c10

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame C287 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 22:46:42 GMT
x-content-type-options
nosniff
age
537372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 22:46:42 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame C287 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
977d7a1f66defb437e71c15dab19d4fdd7cc0d4ad9da121d26e4436b7c8a97eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 22:48:11 GMT
x-content-type-options
nosniff
age
537283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13872
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:01:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 22:48:11 GMT
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e3572ffa-e68d-39b8-08dc-b3dfaf959768&tv=%7Bc:8dGSwn,pingTime:-2,time:309,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1145,beZ:1145,mfA:1347,cmA:1348,inA:1348,inZ:1352,prA:1352,prZ:1357,si:1362,poA:1363,poZ:1374,cmZ:1374,mfZ:1374,loA:1408,loZ:1410,ltA:1453,ltZ:1453%7D%7D,sca:%7Bdfp:%7Bdf:2,sz:728.90,dom:img%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:217%7D,%7Bpiv:0,vs:o,r:l,t:263%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:309,n:263,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:217,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1,0~0%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B46~0%5D,as:%5B46~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r,idMap:1i1.b594bdda-c9c7-30cb-171d-ebe628589393.48_995085-61697697%7C1i1*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:91,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt13.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e3572ffa-e68d-39b8-08dc-b3dfaf959768&tv=%7Bc:8dGSwo,pingTime:0,time:310,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:217%7D,%7Bpiv:0,vs:o,r:l,t:263%7D,%7Bpiv:100,vs:i,r:,t:310%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:310,n:263,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:217,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1,0~0%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~728.90%5D%7D%7D,%7Bsl:i,t:310,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1q%7C1r,idMap:1i1.b594bdda-c9c7-30cb-171d-ebe628589393.48_995085-61697697%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648526572785&bpp=3&bdt=98&idt=131&shv=r20220324&mjsv=m202203240101&ptt=9&saldr=aa&cookie=ID%3D6c7be81ad532e759-228c3fdc67cd00a9%3AT%3D1648526572%3ART%3D1648526572%3AS%3DALNI_Mb-VjWsFGgWOFl21UKfjTRXpuPdog&correlator=6558247461018&frm=23&ife=5&pv=1&ga_vid=865945863.1648526572&ga_sid=1648526573&ga_hid=360553944&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760474%2C31065921&oid=2&pvsid=3509201282370956&pem=967&tmod=70198816&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.6dmv0lolheqd&fsb=1&dtd=143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
css
fonts.googleapis.com/ Frame F016 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 29 Mar 2022 02:46:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 29 Mar 2022 04:02:54 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 29 Mar 2022 04:02:54 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame F016 		2 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:54:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
530
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
877
x-xss-protection
0
server
cafe
etag
13035868154101442325
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:54:04 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F016 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CPbfO7YRCYrKnO5CCx_APkOuXsAvFluX3WZj8wJbBD9CQgOyQAhABIJvciSJgu4aAgNAKoAGJ1OneA8gBCakCRc71y3j6tT7gAgCoAwHIA8sEqgTqAU_QxmC8zLh_eP4NyjcnCEyNTn__9hBth5KG70mrrOgMvHFT6McoAdRKBFLiNRl_l5pijYoe_T2XXo5RpoaPTPiQYrAoLUVl1lzdhjr79V7I7529uSK-7qgTSfofWTne3aA5h9NFwIXDGvsc6H2HTMfcG6t2z_r2foa3x__FwBbp44ipop2vuSddSgxEjOYVTP2lE0nr8x4PfdRHJpuvWUucT00iM-vlTV7FKs1-bz-E3yzMYv4joRZY69bsm8uFLZ62D2g-ZbV0lVWdtvRSy6n4m23io65uRLTw8vIjbpOzEKN_mJYvg5cOLMAEg8CaptkB4AQBkgUECAQYAZIFBAgFGASgBi6AB9-rliGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDK8gbSCAkIgOGAEBABGB2ACgPICwG4E4gE2BMK0BUBgBcBshceChwIABIUcHViLTgyNDEwNDk0OTc2MDg5OTcY8_EW&sigh=ZfahYVkKvHY&uach_m=[UACH]&template_id=520
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/ Frame F016 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/abg_lite_fy2019.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:50:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
758
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7871
x-xss-protection
0
server
cafe
etag
7397949449432438406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:50:16 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame F016 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1421
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:39:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F016 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:02:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame F016 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 02:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 02:37:24 GMT
l
www.google.com/ads/measurement/ Frame F016 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVXAI21JKlaXzbeR-5XCQZQfXDHodgh650mp7nGmwwmOvMKsqDeOelGnX09F1wyn3sX8C5EYq9H3RMozp2MFnHUsG9iw
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
c5c2d0ec538305d3144caccb9e9ba20c.js
www.gstatic.com/mysidia/ Frame F016 		28 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c5c2d0ec538305d3144caccb9e9ba20c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Mar 2022 11:21:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232881
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11812
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 03:00:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 24 Jun 2022 11:21:33 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E245 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 09:31:07 GMT
expires
Tue, 28 Mar 2023 09:31:07 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
66707
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
data=sF7jtCKDRld5CyVH7hrZPMudwyLKPlDpbNmPXnsSWIksbDKv5yt04FO2F947IWaxhD4ab7W8vJfuGP_CV6UWktY0xMTT
mts0.google.com/vt/ Frame F016 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mts0.google.com/vt/data=sF7jtCKDRld5CyVH7hrZPMudwyLKPlDpbNmPXnsSWIksbDKv5yt04FO2F947IWaxhD4ab7W8vJfuGP_CV6UWktY0xMTT
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
b431f1335351d5a4c3c5d86c2a2d9e33bfe2394d887e7f7d66b7273b800f61b2
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=85
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37610
x-xss-protection
0
x-server-version-bin
CggIBBDByoWSBg==
server
scaffolding on HTTPServer2
etag
09a8c83b7ab252d08
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=3600
content-security-policy
script-src 'none'; object-src 'none'; base-uri 'none'
expires
Tue, 29 Mar 2022 05:02:54 GMT
truncated
/ Frame F016 		297 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F016 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F016 		462 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F016 		465 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5906
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1&google_push=AYg5qPIueJk7nSjCjhbJZV9Yrrl0-skWwJI7imI_EtU0jddb5Q1mIXGtD9neVgnoLGtAEA90J4V9r29lT3MsIRGZZqazLKIp0uUf
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQxMzY4NDMwNzY1NjkwNzU1Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5906
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC_9F3E5bhidDqy8MDN3ywY&google_cver=1&google_push=AYg5qPKcmV5Ve3SkwJFOmNaCsV46SuBczMoqcJYafBEWoNgzbRRpW16uV0...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKcmV5Ve3SkwJFOmNaCsV46SuBczMoqcJYafBEWoNgzbRRpW16uV0FX3j82fqemXn3nyHM0jO_L8YaB71K6At9lvnnmoDse&google_hm=v6yOJjayfSGI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKcmV5Ve3SkwJFOmNaCsV46SuBczMoqcJYafBEWoNgzbRRpW16uV0FX3j82fqemXn3nyHM0jO_L8YaB71K6At9lvnnmoDse&google_hm=v6yOJjayfSGIBeLk0CjKoA
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKcmV5Ve3SkwJFOmNaCsV46SuBczMoqcJYafBEWoNgzbRRpW16uV0FX3j82fqemXn3nyHM0jO_L8YaB71K6At9lvnnmoDse&google_hm=v6yOJjayfSGIBeLk0CjKoA
pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5906
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEL8uMn8AixWqpeUaab1YK5o&google_cver=1&google_push=AYg5qPJh4GzUZeIGrsxqc-bs4mGPUMrji4vSDnszzI_A8Ofdh1slCe495ZR2SCAbPAc6b8ouJyjcqZWjKNMBNIlX...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qXqiHOiZSMa_gIIaQa98Tw2&google_push=AYg5qPJh4GzUZeIGrsxqc-bs4mGPUMrji4vSDnszzI_A8Ofdh1slCe495ZR2SCAbPAc6b8ouJyjcqZWjKNMBNIlXZV-UEshmokA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qXqiHOiZSMa_gIIaQa98Tw2&google_push=AYg5qPJh4GzUZeIGrsxqc-bs4mGPUMrji4vSDnszzI_A8Ofdh1slCe495ZR2SCAbPAc6b8ouJyjcqZWjKNMBNIlXZV-UEshmokA
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 29 Mar 2022 04:02:54 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qXqiHOiZSMa_gIIaQa98Tw2&google_push=AYg5qPJh4GzUZeIGrsxqc-bs4mGPUMrji4vSDnszzI_A8Ofdh1slCe495ZR2SCAbPAc6b8ouJyjcqZWjKNMBNIlXZV-UEshmokA
x-host
tde-deliveryengine-production-6fbb5b866d-7cdvh
alt-svc
clear
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 5906 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JP156vkNEWpedGQMytQIIwQj92FMQIlPo534j2cE82GA
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
container.html
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FD12 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 29 Mar 2022 04:02:53 GMT
expires
Wed, 29 Mar 2023 04:02:53 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=c2p1WnhPTDVrd3d6aXErMDVMSFkrcnI0WkZHVUlVS0libVFuZVd5c3MyU0RtY3EyZGVZbXBCUVdIUTRLUmF2M1ZnNUNQaTBiVFM5dVBPTnVHWlJDam4wUHU3aEQxWDRqM2dUSDFjcEcyR3N6eUFNQy9QM0d0cU1na3JFbllXWHVBaDVwZHFVY2FDZURMUFpsZzlKVUFqZEVYWnllM2w1S2c0S3RLSWxGZy9yUWx6VFE0WERtNkFPTUhRaWt1OWtqMlF0L3lqSjRUd25QWVE5YjZ6UFdVd25XMEkrb25HVkxoZXNCbHFwckJVNHZRdlhFWWxnNXBYYmtFTnFaZHdxTw%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6688 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
79750
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame F7C5 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38fcab1d4b133bc615f84556edfd9610f12005922a41a3d1f68fd8bcff359e7a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4.js
static.adsafeprotected.com/ Frame F7C5
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/974135/61365881/4.js?ias_dspID=3&ias_campId=27188786&ias_pubId=pub-3191289882045155&ias_chanId=1&ias_placementId=16513943423&bidurl=https://ivona.ua/&ias_dealI...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:2246:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Un_.8Vp_TKwliNJVsYlZHVB1x_sghLWA
content-encoding
gzip
etag
W/"96e16e7453ae2e6952bc6d2a20ea29f7"
age
265962
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Mar 2022 19:10:48 GMT
server
AmazonS3
date
Sat, 26 Mar 2022 02:10:13 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 06d6f648c97d8c16ca5220ea2f4edf86.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
MXP63-P1
x-amz-cf-id
sfpwtA9eDMWtSzBiqBKZpl0WtawNEoehqeQeDPk_ugU_GMsjRgSB9g==

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
app03.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 6592 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2246:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
3593091
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 06d6f648c97d8c16ca5220ea2f4edf86.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P1
content-type
application/javascript
x-amz-cf-id
9kptkDQXJnHx7VaD1oG2tif-3w-AkhN9HNo8khZoDZuvrvvucJNhcA==
dt
dt.adsafeprotected.com/ Frame F7C5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=bf8a5836-cc21-8006-4566-fa89611e085b&tv=%7Bc:8dGSzQ,pingTime:-3,time:84,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:18%7D,%7Bpiv:0,vs:o,r:l,t:84%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:84,n:84,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~1,0~0%5D,as:%5B79~300.250%5D%7D%7D,%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1rjvkC+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1i14%7C1i151%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p*.974135-61365881%7C1p1%7C1p2%7C1p3%7C1q1%7C1r%7C1s%7C1t,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame F7C5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=bf8a5836-cc21-8006-4566-fa89611e085b&tv=%7Bc:8dGSzS,pingTime:-6,time:86,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:86,n:84,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~1,0~0%5D,as:%5B79~300.250%5D%7D%7D,%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1rjvkC+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1i14%7C1i151%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p*.974135-61365881%7C1p1%7C1p2%7C1p3%7C1q1%7C1r%7C1s%7C1t,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:ivona.ua*&br=c
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame CF09 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
22615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:45:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame F7C5 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvRobZ_xZOULXvt05fdA94-52rTKIuwqh8odlRzhf2i3clK2R1gh9UFxZ6K2lKM2KYCwmi0UCeZpQfSZvs3LiRE50yUEqT_o7VSO-qrczcStUhe7efYxuBEAXL0pBo--R7rnVXlVXzM0H-itM_IBYvlIM_YPxqoq9m4a2QT_iwRiGOS8Hj0Nwg0nGIMrhL2fXzh6Lo9HDr1s4nAyj481n-CYEsztJ09QjoyMVf7vsKrKt3FIuHF83cL0LHP4Rkx2hkqVO0l3BlRtTPgkA_4P_YdpTxraojkgkiPR4WazatrFaWn1Qv6xAvJnNxHZsJdg-ojkvADi6oy4jeaTTldjuON8-t1pvk8QdCtPLDyyInnnktM9MWG160ygRHQXAzviufXFPbey3lTIUuWFl0jGd0vLGRv1H4KKSwamxWczlTCPirgVJlspDJjP8Uu6ZkaGlD8qhH7bYsQJgKsjA3DzRshgA6YtFH-ITLOecP_ysxQ1AwPN9UFK0nbrXspNFXuhtC7IlaH0ZwO3W1CuQJq9rg82KZdTf2DS1hJr-h-tisUmsTA3bd02gS2djXG2E_U-6g00nxmLaI6b08GrboO07vdYsd3TxBDRinjIbcHeiEiOS0PVxU7Kw_ABEhitpVxsz3M5pl-P3PuNwyFpfn526_-c0e4eclQ5u7U6OhkhS3pOK1CIaXNR_kxlw_wkOnQOuF-2BnrDQBjV81Xe8sNLVK6qpaVHSwpP9oPijFPpARrbAeG0nAaQ34eo1HUE__wexy4qF1jDJTduDg5drIh-GiK-Rf1F6Slj0zqLwdYRpYDMe9BN94y9kTC1DgQwdwc_ovKySCsDCuZDUxLrjD-qFz1v6IQUDYRbNUNzj4ctxl1DzynFsI8x5x7WaHUeqUURpBKU8Bs65omJlDABkqS7Jdm44vJLJ4Q5mkNUA8LqH9GZkFlmIDv32Hw8qt6NA9O_KbjArmyHumPQ4CHBw6wrTgF36MxZdY1GqbwNAveTp8KCUf54lWMGvP74oHXmnqrgJuxdRLh6GLFPdv2Gc-hDGhLSDJlG0ZlKe_igbvo3QFRg59VJx5_hwLq5HeEaYQFH2K8Ngch5k1mQPv6_Ub5G52hHuFU2TW3uyRB63oD7n60M5QiioyPhNtUh4CEV_QolCJf-DVrG71SsJ_NwdzkpuCCUaDB0WqxNvVy2Ovhp197x-0jpyI04yUYi6wyFHQyua5SAWMXR54CB0vlpol1sGA&sai=AMfl-YQ1Ey-VBOw09ktoCvLdPw3a59D3wVF1NLQHfYkIrljOUtSEwr4Pndgg-0lrg2BOojt2cYNPR7c9n9qzJQmekyP1iakDw_oOSxT8qQFnkjU4EQxFM6jNEPFwuSZchPkdiVovhxH2iphQaLBzCLb9Vxozw5uvJaCV9qQJ4BUGAA2GARpYM_yA0B5yjDHQE9MkKwiVTgp_W4Ro_gtGDT3cs6N0gj8MpZHHg_VyrTmlK6aW&sig=Cg0ArKJSzE6Q5TPOkNc6EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=275&vt=11&dtpt=274&dett=2&cstd=0&cisv=r20220324.76489&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_KtYYnWMrrS1f5GMeClMxC7b0RR2D0q5ubA5vdWBRgbj1sTyU1s7RfcS5JNZ_jVramoJgMJuz7fbwfa1Spo9X2jJUufTxADF-GtzFRIQTaQnE4R-2OWDXb4B9LhRRsukj4Li1k54asNAMBXdaVRmJQWP4uA&dbm_d=AKAmf-DZIaLx-1jE5l8N2p4QDbi3iNL3uvBLsfxt1ce0OaMxicGZSfp4iK3NLzvmDfQoltWLBXN3wcIZS8vRtt9PQXmynuun22kbkr459qg0C7PBUq1UirW5kucsmgrY6XGiE2y5pEQWg5RAYPBvWLb_syuMfPeLd9OR7-ZLO8NwBQhiuEnNd6nhYaHHNJ2Lwnu8ypWCcc26sLuJn7etquqbrqx3adm6bg3yZX7k6yFhvYa4RXvamyleBVP5LoAMPSQ5r1Ar8SlgnKJp6NTp-5ZttluueJyzexBGYf7mnji2OpMgPeeLeW8IlJVU2SPhK4h0lGjKxTmMW0Kn3-M6t62sbISxkUb9_BoBHV6kQqEMyVuvm6MS12UKoMbWPZjPP1RZAY16ukvVAEsSXiKj9x5vn3LFB6BdvXaptkII4MJpmdc_H79b28f6w3wSK2aTejBEWn35wyVaUoAuNX1CgNWZDSA2P1XGE28KNaf5JX151yV0r3jtEUQTzhhrpStPSHI3lPwLqN_jOW7QwI3mAcM-1n71FUe_6EqDQTK4iRCu_HN8mWINi83t3U28ghUxDYSmE8T4MrXqbGVEZ48Tn7wUekyI7ieh0WosJXMF17LPEAoreOpTe7lPfXSk0guG4qwZXQRAFY2bz2o1R-RRY1t46h1taJIyIS0coFB296owkZhupfnJmbXcHZbE4CIRjPc-Mfs2rHZBDWd87h0PtcU3TmQnJEa_jUshYO7cJ2oXglD2NNBd9tKl8muPOa1IHkuzXqJdFHXHbTzfz0cXqLOWJutivIVWm4qWgXQkKT_kN28xg0ETJAbEhUuc3Qri4sPbTR8pUgxbtNEw8S9UdRaGPI0C3MvM6dOna1oD0YPsLa7DB6RSsX6ztoddgKsNahnK4UkazAtyHfVUfkggW_KLtpYoEndkHPUx3ghTLh4qbH9sIdQYrYWfuYQI4GVJ4cRdxEIB8KKU9dqeo1MUxsHvIsfeILkyOTNiwIYU8ERwB1hxqnw9Lmzv3RbOjuj1c-Ip9h71drhgWvZUicjuCr43nzRG6m8hS_TS2mKf6Q0pouo1ZSst7044xNSsZFU_afjaUg19HpAJqhthABhxibGXU_WbHSol1yk9rKrRLAtUBocpM4hELe0Acz6E2Gvzu38YqLipRSTSP95UzumPzJTDIxWYOqw4uJVBaFNh_NQt1mwSAfsR10qOAXKKqwotWWen3JTXWAzrI0B7WwNDKy_aUmJ6hkEoNkvQEksQsyGFnLhDA8frLtLjppWHTvhC9K8nCjWcMgJY4R6_JiuQY0a1Y57tpJjtL0yjYzgyk5BmKVKmWc38VsULk1RrU0WTMVMCpUahgLrHZ3s4xTJniN6zo4exrPO9x8hGkYYw_WStwuKYO6NQwhD3FyIGj007RzuXe34RYJLUoWEgvhC7TR-gKn1Qb9xzE9VUCQJn7eE_kQSCMIWc3An_84fNXxHQ6fry09okUTeWjMUCYN0gwqsnEH5aaeL7_27oI6asZEiUFRxeizLG7n4OdU7E9pI4M0auNz7LLi9UQHM6wTOrtSg05tbkdOSnaGoykaKVYK_OiHmNx4gvj8iRydiRZF_PMFkjpV8mF_5egZxtcmwuUuBm27UmJ7b6FbIsSG9yXwgbDizmr-m1uzdzhEItNnbkIJufeJT5CbZQ1PLuOUI3sUEjY9T3DX0tV84f4i4XXGrqhNKkWmlsFiQK6BkQp3gWKkzN1ehln0S6BG1W4uxOQPgwlBzJGORncnoF3QPsBQnRtMC-1DI7N7zPj6ld1lgnrDRu4vRvps2asxU6nFFqByfLQcA7nA6Tupi1Q-GmXLrBS1fc6G3FauEZiqTBG0yVFrwVUnfpm9UPjU5mlXED2bdHFe0kNBOxsn9-Clv-hL-9yvX0KDhSNmmdrgpJKXBMQ4nFiyJ0Z52LWe6M6PUIabsG6Ug8PYusAMfQ8H4jZ4nijnaJjxeem3VuX-GKAc80QpbSat-7W8rogPt_ZRYU_r_2_kn21RbQteZ_hDZvE2pBlvZOCyESrb5Wcf4MD7gjFv5zTja1LO_VkZsTbg6uEkeJkOMAg7NRilDeiQ4l4k_FGT0lpysjTd4IqoNmhoFRHzbDAJR-RitxxnkjEZN8MkPT-5ra1GEQ80DAr75seVy1BggC_wdg7w4xPXPTI78Aj90OuegCSlh9u1Sql16hjmA0qmYF6sUBx09nL0bMrz_fcZ4ufKR9rouVo1YTPPjAuaYVGuPwGP0IvcO3TMo3Q4TkrwzPk_PBK5zXC3H9A9FsfulMugkoby1SzrU0K6mY5JK5euHfe4-gq-WGol--NGP-njb-W5RUyNlLNQb9se61ro43qui5gx10_Vv8tIB9bWD0faifXzC82nkMcNy0GzVEGbBKVVxRSmWrrXR7nPjyFzx2AYm9AmJdRs3iOnW8-W0z6HkLXvor6h5mLFyVky9R1BAM3f923EhEDi5CPWrdOxRNvuwar1ZrFD5UvEpma-ZLmLAouCwU3NmipdFZZC0imGuAw__qTEKjHznf0wZ5VlVAjkH5jRdJkw1JVRfvwSxR48QzCDMClIIC0TX0Aj3Ce2fginsM4Wy4OARfT-ZnMxK-haVaXV36A7ovr-0ygtWy0eMB9vSptlPfSKXgwOxlIeQqCPhJUzpy3CwLP2EU5S3PTs9Sogz0Dl00gdj2x_2l0a9bJG-VFqNqZYBrQgFT9sPjL5waARM6Ey_mFIEyLD5_KrmyWRTg5eCMD8muzKV_refnBcQx0gZYM-p7WcWcnxZUMm3IsGrviSkEc7QOkNZhPkT7yh6ksc-HU3rtBNXJor0iEDDMBUdRlV3SIxXF4NDAglzv5SPFyS1rV5axpiZLEuwbV3VvTnm9Rz7MCSqhGQWrrAD788YFCgraEO9CXv2M4GkhT1nXMHCZ5zB_driXfr3zwKCHDBt95gogddj5eDlrgo-xO93dvup9vq1OPHWGxaqTItZJXKy0d700X72xg20hD8cCeiCPcOJeDXy193sjZQWaKGdZ4CXx7rqdthNJi3qF1JxdazBpK7xqjp2j3HtcW4VC_4PB3n0aMpBXsbXfp5c_RLNIhKcObSzGZPrMZs4TnGdh_0vqvpVeqPLN3Otj6cbYl6EZOtMB2pzs_kgL_MFQeFEWMC4vHIYSgCoKjucvl4U9A1cpvY7HdN9RhxTyJHY&cid=CAASJORo2TtRC6aNDMh3Tlmso4pl5qIvUpEfnonE64UW8uH6q6NYaQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:02:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
dt
dt.adsafeprotected.com/ Frame F7C5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=bf8a5836-cc21-8006-4566-fa89611e085b&tv=%7Bc:8dGSAb,pingTime:-2,time:105,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:504,beZ:505,mfA:506,cmA:507,inA:507,inZ:510,prA:510,prZ:518,si:523,poA:524,poZ:539,cmZ:539,mfZ:539,loA:590,loZ:592,ltA:609,ltZ:609%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:18%7D,%7Bpiv:0,vs:o,r:l,t:84%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:105,n:84,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~1,0~0%5D,as:%5B79~300.250%5D%7D%7D,%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B21~0%5D,as:%5B21~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1.995085-61697697%7C1i11%7C1i12%7C1i13%7C1i14%7C1i151%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p*.974135-61365881%7C1p1%7C1p2%7C1p3%7C1q1%7C1r%7C1s%7C1t,idMap:1p*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:85,readyFired:true%7D&br=c
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame CDDD 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
79750
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5937 		499 B
334 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMY76qExAEwAQ&v=APEucNUePJvSoH90TCOuWPjvsdw4Gp2OS1mHf7bNiHVeYn8rlpeWU2rfLu64awQ_x7s2tdk5piyy9kmBLFW3GawNgDQe61PMV5uiLfhuSIZ2493AFYuCLLcBAYD5dVkIxx9LwSsM5Sv5TRGr4Cv5zbrLQz-WfXXB6XWXh-ODHdBV2SinhJPVi_k
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 29 Mar 2022 04:02:54 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame FD12 		69 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8loTF1sdsVUXDUSoI4sT1jPGJeUH6uTcyqT6fKHSkLt1jeYLygu8E8ItYvliRkkkjlgsKy1XeXKmf5S8xLsBFhj4T1OxNwJqTsl_jANAXnkVEbxZv3ibrIVTzXqG-wBTW_q5NgVhJur5zkVdxz2S82xjWKA&dbm_d=AKAmf-D6BYFT_ZAQ5iTQ2h38puNnf3AZxa2u0MpoJdrUKLI_2e5O1k2zKyyb_eSkD0dLZReZcJyBKIEGYSUsumxAPg8KFsCbVQKMmvBFLP092z8OZDMgnxTfInLsbt3vynr6Z2ylIBE68KCNFDkGYNvZhVfIl1hP79nc_DQcfPMG5H5-AfAi1q0BPI4Cb2yVQwz6HJNUUarP_CYQ4ipOExPZg_Gnu-MjTESe9jBuBdiejpePV5_SDwZWT8LOoLAr8zbI5XR-F4XQkGpqWk5p-WDrNzhxSEauKv6eF4vhMRFUvEqr2N3OD5UbhHGjBROIheCKcj1iGgj7fLOLhUtYYdu_2_nc-BT4VnYrO0yI7eG3XUd4VDmYIEq4wc-kW-mHKbi9LEoqQ99mqwpcQnPIlnJbMPMFq9Yuh6mV2JL_4L3NJY9Lv2FRWLyRliEaAkDPU2ttskBfsU3n2tdnKHFsxKTouHM46jFr8-B8-DO_puzxWGec3Em2jszfi32_adAk0ZB9_K6xGmMhlJxcsyeJRRy1mKETlX6y33LkmitGTfvae3OzF6kbBu5Yqt0OcYZWyJIh4HamDsapQKUCvpFfLrm6rSUiKmfggi-u3n47IFSm6t4QaXzsZYet3_Z8WOCZVsjXqAea1ScnbR2bpirQx6NUIVVm09H2qzaFzZTysSmuRlaJeLwSO-HJjy09NbjequLHmMMPcvWhRmcFYqu-Uc6qCHS8REH8c8GBSuDIkIsSSgu1GS9QfTeyhySlDJY6TszAfyuA3qMsc554y0W-UVtYuBq8PhYzrjxW7i9kvgNY9pSn8juIyMJ-leU8CMeGeK8-0ZxPWKI6LI9jOypQHrQPQQwRMeFUySYXtI4MEh6Qpu2UghGyc2GAJQlI5bTQfCAtyjXdwS_c5Sug08KZZ4JLb65zJMjF_Vq84IXN8JccG2GTCzgVhN-wgFRQ-G3T1A1nmchfuiPC_V_jqt5LRkY_3HsP-_0gmM0lo9RkmNqUxUGxuob5E7RFKMh22-79zotc_a3l7vdgrx70wZ4ZwHc2iqBOLXDiJDgIOg3UxRg2UCobRVsJIqv0f3C593BVaf1sBzmItYluk_v7nZ2ANZuV89BID5Ex_QaBtuOmelvSkOnoNR5ptCgPECFTzHHE-q6doc7tO3pj70gNeUC80-JQL3umWWGO25xYCMqbsVullwDND1bLEngr6rOBC9B1DK42TXYkUTp1t1D66bKJWCJek7GW07P6WBbnBSGUzSoZljQY-Z_GJNX5kf51Vu5sBzZt6VkpYtFrWBzImiRfChpjH81wMYbWCEmJRcUjkWNYPre-VUggDg89txbfNvkSQ93QONOpmlt7myxFcWy2QOpGkgn06vezU5yBCwwOEtcd-JVFg5pBH7EyBVmpuc5h7yIFk3DBYncDCEas0WA0iD9gZ7BwA8Tv1MDu3yhnXiIxU_BWeniVEvSdfQkYphbmljPACfzMhFu7lXH-sSclIGFc-giJDG5kzZxJbUQuuJYzWCaLv9W3YQmo9ymtTH3hFwHPracnmxwlD3gM0wcA1_TYEbvyh7-nWFdQkNA0Nx-SPI1zAi5qx8ZpoCSYjgJCPcri9hbZu1hegKCFRc3LI7HF_PnhdSQ_r4iKyuoGbuuFCfNdbhkvTbAp0JupiOWg6at0IgLpWTc33vTiWddwHI-AKd8831UXRSw3GkMs_jvtF6h5YUJuTdygydCOo3j_3WgwORbKgeD57AhTMYb-g8TtHfZ8taMzi3Md8dy1Iip5rU5P8m0BUycC-cs02c_i3sBWV4OR1hvpopSGkq5fedRdiLN-fZMDyt12jXTlZHrAbmJyKK7vF01iaShdRlf8r1ml4rJMX8I-vlSZf8Ya5gTbKgIiPJqSmfDFlz5Ikg0N0UdCl3vd3A_ZYwd9F5uSTTwK15VCEgSLRLCW5Rn5vod63iFBMuLopSLhvtQs5MhMTJE5FhILPii1_arSkc5yI1Nq9B2Kc3nr-bSiN8A4yIHoUQLDxj5Y_pT9HwunCslak75ZsK8SAGt4bmYEI1IdycGhB-ubTZNXCN_Dgp5wEoR__o-jDi_1y20qaVliZ8D-iw66h652_SKQgjTut4783TIEJgvYcMsc2lxRrPXz8ljMkrzsWCF4Q8V4ranMlClFzvHVMaa3-izxCETghzkSpAEWjd8jh_c-mMhLDn9soIrHyq4rtl-ZVV_nVcUeamyefUP98mUEelsIVXWXYUGFvlOuxw8ZXtvYZEGqO5oLRPlWPuurfL4jzgcRJQ4MV7NATBqnYGUQvvWQ0rN83Iv7ZeRutQeGsvwXiDngHNhP7kajd7zBSNop3Q69AN-i6_dWvGSm-rO_7NVEMhElaKxElLjrf0zujgTICPdBz5-XxYgCdUjCXT05xd-TZ-7PMMmhDS_3xg4oVOnMuE2UdaoXRTS4YzvMSiQkmgo2eFp_x9NqN0uFrahrz3NZvYispjIQGgH_bflQ6-PkmhsxFRTB4lhKq3vJMp7t_kIHv_2WjscQkx3tBfqwGzJ2ZMUYm3ILdIWoZkcuvOGfIEXR5N5RVOWMU2UfEqAsPWyrFveIrH2nvw7g3hUlCovf2CXvr1tjKiRGbZrsnNOdTE9yXZKqq7RPmshQCHD9xHLWPzRvViRmKPhl9CRYhdyLPm3clrjGknwfZsPr-t9URzSLt0uHKLIUTevGuynoqCORolCMocudu_SZh5EYqmnrtJgBc0fJUorQFuVEHoL1pmXVQPna32wzm_CfN2pFVW6NxmcZ3D5gEkxM0ghySYL7e-W5Kkx-8qLHm01OJL_310xi7hZHnZ83-UsGZAknM57f6juUVquavXFLJ9atTQ6DIyoQZofZspZcFd4OwuDW3o6vOBaf-mD-wU_UNMoptc0FPwBEqJ-ieOJsuxvtSaJOFLYWvKZMIgcKPZo0UTdXXqZOVIX9eW2uqCiMc2txc-vJ2YfXZ4NgXhzSdSzOmmxNcTjmC-b-23uG2r4ZMvN6_aTxK0zgWBWi7ID58HdrADVdBRzmVGMQNgaNLQJ-f0ewlxnP6GqtbJglvVxbUC-qAF85YkhJUhIGaOI4IrofBLtulvB2i7gG9aoy86ZB-5t6jjAE3H2cqdobZ1HzcF4&cid=CAASJORoiq1lUO5X3OpYXBKIauChZJBMPJGMfU_ZtSbhS7kGr3OVIA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c793af0237e8d9a063ca6e4a0483e2dfcc0aeb30e7b4df8bd8d0b3f0e0506309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32590
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FD12 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BGsHqp3O-yKEL2mql6FS1kltHS45SRIOihPc2iQpKEePggH_EemTCTAOL_wcdOJgTTzASxAdAZN-5RYNuaOAQoLthk_td3I8Jey63x7pt1ytG1qCo
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame FD12 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/window_focus_fy2019.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:39:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1421
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:39:13 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FD12 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36904
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1648035241783118"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:02:54 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/ Frame FD12 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220324/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 02:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5130
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 02:37:24 GMT
l
www.google.com/ads/measurement/ Frame FD12 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIh7NVPUnQ8yIoXIizWiqJAU1CHIUBe4l7J0OGlO6nSyZdS16CcXviHoiq0jzdPHIEvs3pYurhl0NQjpZh8QDxiLdh3g
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
counter.php
autocounter.idealmedia.io/autocreative/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autocounter.idealmedia.io/autocreative/counter.php?id=466737&pid=49813&referer=&cxurl=https://ivona.ua/&undefinedh2=f4mNXHc2P8vJX4X5YKO1Vw8Jp_1RKQSmrLX5h6o9TLc*&cbuster=164852657465143481446
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6f35b673bd6154ca-MAN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
truncated
/ Frame F016 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b851983f5b99268f891f1394f605a078c312767000fcce82ad43a2becac56b6e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 6688
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1&google_push=AYg5qPLhV9MPh342SPVCCQAK6h_qCHOJNTzRlFznGiURUcVFMfIkd_J4SeNKLrWojrSZ3k0drQVwJ9uFaXotXqc4kPm4hMXHzfLc
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQxMzY4NDMwNzY1NjkwNzU1Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6688
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC_9F3E5bhidDqy8MDN3ywY&google_cver=1&google_push=AYg5qPKeYBll0CUxSKFzyAzjbPW835P_TsA6PiKDWSfyIJHVuGngQd78pk...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKeYBll0CUxSKFzyAzjbPW835P_TsA6PiKDWSfyIJHVuGngQd78pkZawB9M377QaNB49QLskPSubbnPxfLRttSzlUU680Es&google_hm=v6yOJjayfSGI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKeYBll0CUxSKFzyAzjbPW835P_TsA6PiKDWSfyIJHVuGngQd78pkZawB9M377QaNB49QLskPSubbnPxfLRttSzlUU680Es&google_hm=v6yOJjayfSGIBeLk0CjKoA
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKeYBll0CUxSKFzyAzjbPW835P_TsA6PiKDWSfyIJHVuGngQd78pkZawB9M377QaNB49QLskPSubbnPxfLRttSzlUU680Es&google_hm=v6yOJjayfSGIBeLk0CjKoA
pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6688
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEL8uMn8AixWqpeUaab1YK5o&google_cver=1&google_push=AYg5qPKA_7S8qfekIUJjnJHglnLb7dxm6iSSvfnszIbw2XTMb6SNQ1ugG0NSq6hK6ey6EzWOjBbAIFk0I4zWWL8a...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qXqiHOiZSMa_gIIaQa98Tw2&google_push=AYg5qPKA_7S8qfekIUJjnJHglnLb7dxm6iSSvfnszIbw2XTMb6SNQ1ugG0NSq6hK6ey6EzWOjBbAIFk0I4zWWL8au7tvU2x_aTgP
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qXqiHOiZSMa_gIIaQa98Tw2&google_push=AYg5qPKA_7S8qfekIUJjnJHglnLb7dxm6iSSvfnszIbw2XTMb6SNQ1ugG0NSq6hK6ey6EzWOjBbAIFk0I4zWWL8au7tvU2x_aTgP
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 29 Mar 2022 04:02:54 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qXqiHOiZSMa_gIIaQa98Tw2&google_push=AYg5qPKA_7S8qfekIUJjnJHglnLb7dxm6iSSvfnszIbw2XTMb6SNQ1ugG0NSq6hK6ey6EzWOjBbAIFk0I4zWWL8au7tvU2x_aTgP
x-host
tde-deliveryengine-production-6fbb5b866d-sw86k
alt-svc
clear
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 6688 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LDBqBvoQESUkfkij-RoVylg3QHhds0Vq2YV79Mt5CqyQ
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame F016 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 22:46:42 GMT
x-content-type-options
nosniff
age
537372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28328
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 21:57:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 22:46:42 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame F016 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjYUvaYr.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
977d7a1f66defb437e71c15dab19d4fdd7cc0d4ad9da121d26e4436b7c8a97eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 22:48:11 GMT
x-content-type-options
nosniff
age
537283
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13872
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 22:01:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Mar 2023 22:48:11 GMT
njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
pagead2.googlesyndication.com/bg/ Frame E245 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 20:32:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
27009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13638
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 20:32:45 GMT
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e3572ffa-e68d-39b8-08dc-b3dfaf959768&tv=%7Bc:8dGSBK,pingTime:-10,time:642,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1648526574715%7C%7Cfdb267c0933230f77fd080d0ca8a80d0%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Ce2fdd017ab357538c2d5e2ac5e4318fe%7C%7C3202b3a67de72c15b2b82cf2cad32c57%7C%7Cfb8cc84474647360f6a79808c8b63e33%7C%7Cd612a0638bf3d449a9a17b9dae2b42ae%7C%7Ccd230449bbd8ad114e115f92752fcd69%7C%7C1629390669%7D
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame CDDD
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1&google_push=AYg5qPLoRn2Xa0GjOSLHSsWHhdhYIK_1DrEAEMjWsW84vF6ciN875jg6VhcVD0McEsHqcPLiTPbu5tIHKeAk0ZCyi9_zja9LoKWF2g
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjQxMzY4NDMwNzY1NjkwNzU1Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFqMtms5wfaEsGwOuL3Q_sc&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CDDD
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC_9F3E5bhidDqy8MDN3ywY&google_cver=1&google_push=AYg5qPLZ6gP5cJ5yWJIzDPg7LdUCAb7J_APkxk5ILk7C913GI29V2MhfiT...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLZ6gP5cJ5yWJIzDPg7LdUCAb7J_APkxk5ILk7C913GI29V2MhfiTFi-xliQr9ogBSGOTaTuWBXlL7JHXWUBdScfJH5zfry&google_hm=v6yOJjayfSGI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLZ6gP5cJ5yWJIzDPg7LdUCAb7J_APkxk5ILk7C913GI29V2MhfiTFi-xliQr9ogBSGOTaTuWBXlL7JHXWUBdScfJH5zfry&google_hm=v6yOJjayfSGIBeLk0CjKoA
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLZ6gP5cJ5yWJIzDPg7LdUCAb7J_APkxk5ILk7C913GI29V2MhfiTFi-xliQr9ogBSGOTaTuWBXlL7JHXWUBdScfJH5zfry&google_hm=v6yOJjayfSGIBeLk0CjKoA
pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame CDDD
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEL8uMn8AixWqpeUaab1YK5o&google_cver=1&google_push=AYg5qPIbDHlEOfsuh5KuIzcjVEWuTpGEnT4VsTHmmJj3tgEU84WsdHqz8pHs59f3NkWZFWowNxtC6olO_irCn23Z...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qXqiHOiZSMa_gIIaQa98Tw2&google_push=AYg5qPIbDHlEOfsuh5KuIzcjVEWuTpGEnT4VsTHmmJj3tgEU84WsdHqz8pHs59f3NkWZFWowNxtC6olO_irCn23ZM-GXOGlLl0ZUdg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qXqiHOiZSMa_gIIaQa98Tw2&google_push=AYg5qPIbDHlEOfsuh5KuIzcjVEWuTpGEnT4VsTHmmJj3tgEU84WsdHqz8pHs59f3NkWZFWowNxtC6olO_irCn23ZM-GXOGlLl0ZUdg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 29 Mar 2022 04:02:54 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.15.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qXqiHOiZSMa_gIIaQa98Tw2&google_push=AYg5qPIbDHlEOfsuh5KuIzcjVEWuTpGEnT4VsTHmmJj3tgEU84WsdHqz8pHs59f3NkWZFWowNxtC6olO_irCn23ZM-GXOGlLl0ZUdg
x-host
tde-deliveryengine-production-6fbb5b866d-qttm4
alt-svc
clear
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame CDDD 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JjpIlQdq1wr4vnpi46deeJ7Y7DOJhfsTRj8go_QZF2IA
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
partner
sync.search.spotxchange.com/ Frame 5937
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOjSXvVZIlSkpXqhRmw78wk&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOjSXvVZIlSkpXqhRmw78wk&google_cver=1&__user_check__=1&sync_id=1c954de7-af15-11ec-b03b-11372f1a0406
43 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOjSXvVZIlSkpXqhRmw78wk&google_cver=1&__user_check__=1&sync_id=1c954de7-af15-11ec-b03b-11372f1a0406
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMY76qExAEwAQ&v=APEucNUePJvSoH90TCOuWPjvsdw4Gp2OS1mHf7bNiHVeYn8rlpeWU2rfLu64awQ_x7s2tdk5piyy9kmBLFW3GawNgDQe61PMV5uiLfhuSIZ2493AFYuCLLcBAYD5dVkIxx9LwSsM5Sv5TRGr4Cv5zbrLQz-WfXXB6XWXh-ODHdBV2SinhJPVi_k
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:55 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
116
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 29 Mar 2022 04:02:55 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEOjSXvVZIlSkpXqhRmw78wk&google_cver=1&__user_check__=1&sync_id=1c954de7-af15-11ec-b03b-11372f1a0406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
25
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5937
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MWM5NTRkYTUtYWYxNS0xMWVjLWIwM2ItMTEzNzJmMWEwNDA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MWM5NTRkYTUtYWYxNS0xMWVjLWIwM2ItMTEzNzJmMWEwNDA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMY76qExAEwAQ&v=APEucNUePJvSoH90TCOuWPjvsdw4Gp2OS1mHf7bNiHVeYn8rlpeWU2rfLu64awQ_x7s2tdk5piyy9kmBLFW3GawNgDQe61PMV5uiLfhuSIZ2493AFYuCLLcBAYD5dVkIxx9LwSsM5Sv5TRGr4Cv5zbrLQz-WfXXB6XWXh-ODHdBV2SinhJPVi_k
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 29 Mar 2022 04:02:55 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MWM5NTRkYTUtYWYxNS0xMWVjLWIwM2ItMTEzNzJmMWEwNDA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
17
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 5937 		0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJXmOhC6sWMY76qExAEwAQ&v=APEucNUePJvSoH90TCOuWPjvsdw4Gp2OS1mHf7bNiHVeYn8rlpeWU2rfLu64awQ_x7s2tdk5piyy9kmBLFW3GawNgDQe61PMV5uiLfhuSIZ2493AFYuCLLcBAYD5dVkIxx9LwSsM5Sv5TRGr4Cv5zbrLQz-WfXXB6XWXh-ODHdBV2SinhJPVi_k
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:54 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
skeleton.js
fw.adsafeprotected.com/rjss/st/974135/61365881/ Frame FD12 		232 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/974135/61365881/skeleton.js?ias_dspID=3&ias_campId=27188786&ias_pubId=pub-8610050614645263&ias_chanId=1&ias_placementId=16506055354&bidurl=https://ivona.ua/&ias_dealId=549644393847793680&adsafe_par&ias_impId=v4~~ABAjH0grsgzL0V9Cbp2U8q6TOlQz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8loTF1sdsVUXDUSoI4sT1jPGJeUH6uTcyqT6fKHSkLt1jeYLygu8E8ItYvliRkkkjlgsKy1XeXKmf5S8xLsBFhj4T1OxNwJqTsl_jANAXnkVEbxZv3ibrIVTzXqG-wBTW_q5NgVhJur5zkVdxz2S82xjWKA&dbm_d=AKAmf-D6BYFT_ZAQ5iTQ2h38puNnf3AZxa2u0MpoJdrUKLI_2e5O1k2zKyyb_eSkD0dLZReZcJyBKIEGYSUsumxAPg8KFsCbVQKMmvBFLP092z8OZDMgnxTfInLsbt3vynr6Z2ylIBE68KCNFDkGYNvZhVfIl1hP79nc_DQcfPMG5H5-AfAi1q0BPI4Cb2yVQwz6HJNUUarP_CYQ4ipOExPZg_Gnu-MjTESe9jBuBdiejpePV5_SDwZWT8LOoLAr8zbI5XR-F4XQkGpqWk5p-WDrNzhxSEauKv6eF4vhMRFUvEqr2N3OD5UbhHGjBROIheCKcj1iGgj7fLOLhUtYYdu_2_nc-BT4VnYrO0yI7eG3XUd4VDmYIEq4wc-kW-mHKbi9LEoqQ99mqwpcQnPIlnJbMPMFq9Yuh6mV2JL_4L3NJY9Lv2FRWLyRliEaAkDPU2ttskBfsU3n2tdnKHFsxKTouHM46jFr8-B8-DO_puzxWGec3Em2jszfi32_adAk0ZB9_K6xGmMhlJxcsyeJRRy1mKETlX6y33LkmitGTfvae3OzF6kbBu5Yqt0OcYZWyJIh4HamDsapQKUCvpFfLrm6rSUiKmfggi-u3n47IFSm6t4QaXzsZYet3_Z8WOCZVsjXqAea1ScnbR2bpirQx6NUIVVm09H2qzaFzZTysSmuRlaJeLwSO-HJjy09NbjequLHmMMPcvWhRmcFYqu-Uc6qCHS8REH8c8GBSuDIkIsSSgu1GS9QfTeyhySlDJY6TszAfyuA3qMsc554y0W-UVtYuBq8PhYzrjxW7i9kvgNY9pSn8juIyMJ-leU8CMeGeK8-0ZxPWKI6LI9jOypQHrQPQQwRMeFUySYXtI4MEh6Qpu2UghGyc2GAJQlI5bTQfCAtyjXdwS_c5Sug08KZZ4JLb65zJMjF_Vq84IXN8JccG2GTCzgVhN-wgFRQ-G3T1A1nmchfuiPC_V_jqt5LRkY_3HsP-_0gmM0lo9RkmNqUxUGxuob5E7RFKMh22-79zotc_a3l7vdgrx70wZ4ZwHc2iqBOLXDiJDgIOg3UxRg2UCobRVsJIqv0f3C593BVaf1sBzmItYluk_v7nZ2ANZuV89BID5Ex_QaBtuOmelvSkOnoNR5ptCgPECFTzHHE-q6doc7tO3pj70gNeUC80-JQL3umWWGO25xYCMqbsVullwDND1bLEngr6rOBC9B1DK42TXYkUTp1t1D66bKJWCJek7GW07P6WBbnBSGUzSoZljQY-Z_GJNX5kf51Vu5sBzZt6VkpYtFrWBzImiRfChpjH81wMYbWCEmJRcUjkWNYPre-VUggDg89txbfNvkSQ93QONOpmlt7myxFcWy2QOpGkgn06vezU5yBCwwOEtcd-JVFg5pBH7EyBVmpuc5h7yIFk3DBYncDCEas0WA0iD9gZ7BwA8Tv1MDu3yhnXiIxU_BWeniVEvSdfQkYphbmljPACfzMhFu7lXH-sSclIGFc-giJDG5kzZxJbUQuuJYzWCaLv9W3YQmo9ymtTH3hFwHPracnmxwlD3gM0wcA1_TYEbvyh7-nWFdQkNA0Nx-SPI1zAi5qx8ZpoCSYjgJCPcri9hbZu1hegKCFRc3LI7HF_PnhdSQ_r4iKyuoGbuuFCfNdbhkvTbAp0JupiOWg6at0IgLpWTc33vTiWddwHI-AKd8831UXRSw3GkMs_jvtF6h5YUJuTdygydCOo3j_3WgwORbKgeD57AhTMYb-g8TtHfZ8taMzi3Md8dy1Iip5rU5P8m0BUycC-cs02c_i3sBWV4OR1hvpopSGkq5fedRdiLN-fZMDyt12jXTlZHrAbmJyKK7vF01iaShdRlf8r1ml4rJMX8I-vlSZf8Ya5gTbKgIiPJqSmfDFlz5Ikg0N0UdCl3vd3A_ZYwd9F5uSTTwK15VCEgSLRLCW5Rn5vod63iFBMuLopSLhvtQs5MhMTJE5FhILPii1_arSkc5yI1Nq9B2Kc3nr-bSiN8A4yIHoUQLDxj5Y_pT9HwunCslak75ZsK8SAGt4bmYEI1IdycGhB-ubTZNXCN_Dgp5wEoR__o-jDi_1y20qaVliZ8D-iw66h652_SKQgjTut4783TIEJgvYcMsc2lxRrPXz8ljMkrzsWCF4Q8V4ranMlClFzvHVMaa3-izxCETghzkSpAEWjd8jh_c-mMhLDn9soIrHyq4rtl-ZVV_nVcUeamyefUP98mUEelsIVXWXYUGFvlOuxw8ZXtvYZEGqO5oLRPlWPuurfL4jzgcRJQ4MV7NATBqnYGUQvvWQ0rN83Iv7ZeRutQeGsvwXiDngHNhP7kajd7zBSNop3Q69AN-i6_dWvGSm-rO_7NVEMhElaKxElLjrf0zujgTICPdBz5-XxYgCdUjCXT05xd-TZ-7PMMmhDS_3xg4oVOnMuE2UdaoXRTS4YzvMSiQkmgo2eFp_x9NqN0uFrahrz3NZvYispjIQGgH_bflQ6-PkmhsxFRTB4lhKq3vJMp7t_kIHv_2WjscQkx3tBfqwGzJ2ZMUYm3ILdIWoZkcuvOGfIEXR5N5RVOWMU2UfEqAsPWyrFveIrH2nvw7g3hUlCovf2CXvr1tjKiRGbZrsnNOdTE9yXZKqq7RPmshQCHD9xHLWPzRvViRmKPhl9CRYhdyLPm3clrjGknwfZsPr-t9URzSLt0uHKLIUTevGuynoqCORolCMocudu_SZh5EYqmnrtJgBc0fJUorQFuVEHoL1pmXVQPna32wzm_CfN2pFVW6NxmcZ3D5gEkxM0ghySYL7e-W5Kkx-8qLHm01OJL_310xi7hZHnZ83-UsGZAknM57f6juUVquavXFLJ9atTQ6DIyoQZofZspZcFd4OwuDW3o6vOBaf-mD-wU_UNMoptc0FPwBEqJ-ieOJsuxvtSaJOFLYWvKZMIgcKPZo0UTdXXqZOVIX9eW2uqCiMc2txc-vJ2YfXZ4NgXhzSdSzOmmxNcTjmC-b-23uG2r4ZMvN6_aTxK0zgWBWi7ID58HdrADVdBRzmVGMQNgaNLQJ-f0ewlxnP6GqtbJglvVxbUC-qAF85YkhJUhIGaOI4IrofBLtulvB2i7gG9aoy86ZB-5t6jjAE3H2cqdobZ1HzcF4&cid=CAASJORoiq1lUO5X3OpYXBKIauChZJBMPJGMfU_ZtSbhS7kGr3OVIA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.155.69.185 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-155-69-185.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
25b0fe5e4814493293472cc355470e569019b4392697bf1704e9f18da39f16b7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:54 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
CV_UKFarfetch_Promo_CS_300x250_CT_BAN.jpg
s0.2mdn.net/6526861/ Frame FD12 		78 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/6526861/CV_UKFarfetch_Promo_CS_300x250_CT_BAN.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8loTF1sdsVUXDUSoI4sT1jPGJeUH6uTcyqT6fKHSkLt1jeYLygu8E8ItYvliRkkkjlgsKy1XeXKmf5S8xLsBFhj4T1OxNwJqTsl_jANAXnkVEbxZv3ibrIVTzXqG-wBTW_q5NgVhJur5zkVdxz2S82xjWKA&dbm_d=AKAmf-D6BYFT_ZAQ5iTQ2h38puNnf3AZxa2u0MpoJdrUKLI_2e5O1k2zKyyb_eSkD0dLZReZcJyBKIEGYSUsumxAPg8KFsCbVQKMmvBFLP092z8OZDMgnxTfInLsbt3vynr6Z2ylIBE68KCNFDkGYNvZhVfIl1hP79nc_DQcfPMG5H5-AfAi1q0BPI4Cb2yVQwz6HJNUUarP_CYQ4ipOExPZg_Gnu-MjTESe9jBuBdiejpePV5_SDwZWT8LOoLAr8zbI5XR-F4XQkGpqWk5p-WDrNzhxSEauKv6eF4vhMRFUvEqr2N3OD5UbhHGjBROIheCKcj1iGgj7fLOLhUtYYdu_2_nc-BT4VnYrO0yI7eG3XUd4VDmYIEq4wc-kW-mHKbi9LEoqQ99mqwpcQnPIlnJbMPMFq9Yuh6mV2JL_4L3NJY9Lv2FRWLyRliEaAkDPU2ttskBfsU3n2tdnKHFsxKTouHM46jFr8-B8-DO_puzxWGec3Em2jszfi32_adAk0ZB9_K6xGmMhlJxcsyeJRRy1mKETlX6y33LkmitGTfvae3OzF6kbBu5Yqt0OcYZWyJIh4HamDsapQKUCvpFfLrm6rSUiKmfggi-u3n47IFSm6t4QaXzsZYet3_Z8WOCZVsjXqAea1ScnbR2bpirQx6NUIVVm09H2qzaFzZTysSmuRlaJeLwSO-HJjy09NbjequLHmMMPcvWhRmcFYqu-Uc6qCHS8REH8c8GBSuDIkIsSSgu1GS9QfTeyhySlDJY6TszAfyuA3qMsc554y0W-UVtYuBq8PhYzrjxW7i9kvgNY9pSn8juIyMJ-leU8CMeGeK8-0ZxPWKI6LI9jOypQHrQPQQwRMeFUySYXtI4MEh6Qpu2UghGyc2GAJQlI5bTQfCAtyjXdwS_c5Sug08KZZ4JLb65zJMjF_Vq84IXN8JccG2GTCzgVhN-wgFRQ-G3T1A1nmchfuiPC_V_jqt5LRkY_3HsP-_0gmM0lo9RkmNqUxUGxuob5E7RFKMh22-79zotc_a3l7vdgrx70wZ4ZwHc2iqBOLXDiJDgIOg3UxRg2UCobRVsJIqv0f3C593BVaf1sBzmItYluk_v7nZ2ANZuV89BID5Ex_QaBtuOmelvSkOnoNR5ptCgPECFTzHHE-q6doc7tO3pj70gNeUC80-JQL3umWWGO25xYCMqbsVullwDND1bLEngr6rOBC9B1DK42TXYkUTp1t1D66bKJWCJek7GW07P6WBbnBSGUzSoZljQY-Z_GJNX5kf51Vu5sBzZt6VkpYtFrWBzImiRfChpjH81wMYbWCEmJRcUjkWNYPre-VUggDg89txbfNvkSQ93QONOpmlt7myxFcWy2QOpGkgn06vezU5yBCwwOEtcd-JVFg5pBH7EyBVmpuc5h7yIFk3DBYncDCEas0WA0iD9gZ7BwA8Tv1MDu3yhnXiIxU_BWeniVEvSdfQkYphbmljPACfzMhFu7lXH-sSclIGFc-giJDG5kzZxJbUQuuJYzWCaLv9W3YQmo9ymtTH3hFwHPracnmxwlD3gM0wcA1_TYEbvyh7-nWFdQkNA0Nx-SPI1zAi5qx8ZpoCSYjgJCPcri9hbZu1hegKCFRc3LI7HF_PnhdSQ_r4iKyuoGbuuFCfNdbhkvTbAp0JupiOWg6at0IgLpWTc33vTiWddwHI-AKd8831UXRSw3GkMs_jvtF6h5YUJuTdygydCOo3j_3WgwORbKgeD57AhTMYb-g8TtHfZ8taMzi3Md8dy1Iip5rU5P8m0BUycC-cs02c_i3sBWV4OR1hvpopSGkq5fedRdiLN-fZMDyt12jXTlZHrAbmJyKK7vF01iaShdRlf8r1ml4rJMX8I-vlSZf8Ya5gTbKgIiPJqSmfDFlz5Ikg0N0UdCl3vd3A_ZYwd9F5uSTTwK15VCEgSLRLCW5Rn5vod63iFBMuLopSLhvtQs5MhMTJE5FhILPii1_arSkc5yI1Nq9B2Kc3nr-bSiN8A4yIHoUQLDxj5Y_pT9HwunCslak75ZsK8SAGt4bmYEI1IdycGhB-ubTZNXCN_Dgp5wEoR__o-jDi_1y20qaVliZ8D-iw66h652_SKQgjTut4783TIEJgvYcMsc2lxRrPXz8ljMkrzsWCF4Q8V4ranMlClFzvHVMaa3-izxCETghzkSpAEWjd8jh_c-mMhLDn9soIrHyq4rtl-ZVV_nVcUeamyefUP98mUEelsIVXWXYUGFvlOuxw8ZXtvYZEGqO5oLRPlWPuurfL4jzgcRJQ4MV7NATBqnYGUQvvWQ0rN83Iv7ZeRutQeGsvwXiDngHNhP7kajd7zBSNop3Q69AN-i6_dWvGSm-rO_7NVEMhElaKxElLjrf0zujgTICPdBz5-XxYgCdUjCXT05xd-TZ-7PMMmhDS_3xg4oVOnMuE2UdaoXRTS4YzvMSiQkmgo2eFp_x9NqN0uFrahrz3NZvYispjIQGgH_bflQ6-PkmhsxFRTB4lhKq3vJMp7t_kIHv_2WjscQkx3tBfqwGzJ2ZMUYm3ILdIWoZkcuvOGfIEXR5N5RVOWMU2UfEqAsPWyrFveIrH2nvw7g3hUlCovf2CXvr1tjKiRGbZrsnNOdTE9yXZKqq7RPmshQCHD9xHLWPzRvViRmKPhl9CRYhdyLPm3clrjGknwfZsPr-t9URzSLt0uHKLIUTevGuynoqCORolCMocudu_SZh5EYqmnrtJgBc0fJUorQFuVEHoL1pmXVQPna32wzm_CfN2pFVW6NxmcZ3D5gEkxM0ghySYL7e-W5Kkx-8qLHm01OJL_310xi7hZHnZ83-UsGZAknM57f6juUVquavXFLJ9atTQ6DIyoQZofZspZcFd4OwuDW3o6vOBaf-mD-wU_UNMoptc0FPwBEqJ-ieOJsuxvtSaJOFLYWvKZMIgcKPZo0UTdXXqZOVIX9eW2uqCiMc2txc-vJ2YfXZ4NgXhzSdSzOmmxNcTjmC-b-23uG2r4ZMvN6_aTxK0zgWBWi7ID58HdrADVdBRzmVGMQNgaNLQJ-f0ewlxnP6GqtbJglvVxbUC-qAF85YkhJUhIGaOI4IrofBLtulvB2i7gG9aoy86ZB-5t6jjAE3H2cqdobZ1HzcF4&cid=CAASJORoiq1lUO5X3OpYXBKIauChZJBMPJGMfU_ZtSbhS7kGr3OVIA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69f2ffc26aab7a76d52a5d390dc41fb7229f0e9c7ada33f45d50a192f031577e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:06:35 GMT
x-content-type-options
nosniff
age
46579
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79790
x-xss-protection
0
last-modified
Fri, 04 Mar 2022 11:05:48 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 29 Mar 2022 15:06:35 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/ Frame FD12 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8loTF1sdsVUXDUSoI4sT1jPGJeUH6uTcyqT6fKHSkLt1jeYLygu8E8ItYvliRkkkjlgsKy1XeXKmf5S8xLsBFhj4T1OxNwJqTsl_jANAXnkVEbxZv3ibrIVTzXqG-wBTW_q5NgVhJur5zkVdxz2S82xjWKA&dbm_d=AKAmf-D6BYFT_ZAQ5iTQ2h38puNnf3AZxa2u0MpoJdrUKLI_2e5O1k2zKyyb_eSkD0dLZReZcJyBKIEGYSUsumxAPg8KFsCbVQKMmvBFLP092z8OZDMgnxTfInLsbt3vynr6Z2ylIBE68KCNFDkGYNvZhVfIl1hP79nc_DQcfPMG5H5-AfAi1q0BPI4Cb2yVQwz6HJNUUarP_CYQ4ipOExPZg_Gnu-MjTESe9jBuBdiejpePV5_SDwZWT8LOoLAr8zbI5XR-F4XQkGpqWk5p-WDrNzhxSEauKv6eF4vhMRFUvEqr2N3OD5UbhHGjBROIheCKcj1iGgj7fLOLhUtYYdu_2_nc-BT4VnYrO0yI7eG3XUd4VDmYIEq4wc-kW-mHKbi9LEoqQ99mqwpcQnPIlnJbMPMFq9Yuh6mV2JL_4L3NJY9Lv2FRWLyRliEaAkDPU2ttskBfsU3n2tdnKHFsxKTouHM46jFr8-B8-DO_puzxWGec3Em2jszfi32_adAk0ZB9_K6xGmMhlJxcsyeJRRy1mKETlX6y33LkmitGTfvae3OzF6kbBu5Yqt0OcYZWyJIh4HamDsapQKUCvpFfLrm6rSUiKmfggi-u3n47IFSm6t4QaXzsZYet3_Z8WOCZVsjXqAea1ScnbR2bpirQx6NUIVVm09H2qzaFzZTysSmuRlaJeLwSO-HJjy09NbjequLHmMMPcvWhRmcFYqu-Uc6qCHS8REH8c8GBSuDIkIsSSgu1GS9QfTeyhySlDJY6TszAfyuA3qMsc554y0W-UVtYuBq8PhYzrjxW7i9kvgNY9pSn8juIyMJ-leU8CMeGeK8-0ZxPWKI6LI9jOypQHrQPQQwRMeFUySYXtI4MEh6Qpu2UghGyc2GAJQlI5bTQfCAtyjXdwS_c5Sug08KZZ4JLb65zJMjF_Vq84IXN8JccG2GTCzgVhN-wgFRQ-G3T1A1nmchfuiPC_V_jqt5LRkY_3HsP-_0gmM0lo9RkmNqUxUGxuob5E7RFKMh22-79zotc_a3l7vdgrx70wZ4ZwHc2iqBOLXDiJDgIOg3UxRg2UCobRVsJIqv0f3C593BVaf1sBzmItYluk_v7nZ2ANZuV89BID5Ex_QaBtuOmelvSkOnoNR5ptCgPECFTzHHE-q6doc7tO3pj70gNeUC80-JQL3umWWGO25xYCMqbsVullwDND1bLEngr6rOBC9B1DK42TXYkUTp1t1D66bKJWCJek7GW07P6WBbnBSGUzSoZljQY-Z_GJNX5kf51Vu5sBzZt6VkpYtFrWBzImiRfChpjH81wMYbWCEmJRcUjkWNYPre-VUggDg89txbfNvkSQ93QONOpmlt7myxFcWy2QOpGkgn06vezU5yBCwwOEtcd-JVFg5pBH7EyBVmpuc5h7yIFk3DBYncDCEas0WA0iD9gZ7BwA8Tv1MDu3yhnXiIxU_BWeniVEvSdfQkYphbmljPACfzMhFu7lXH-sSclIGFc-giJDG5kzZxJbUQuuJYzWCaLv9W3YQmo9ymtTH3hFwHPracnmxwlD3gM0wcA1_TYEbvyh7-nWFdQkNA0Nx-SPI1zAi5qx8ZpoCSYjgJCPcri9hbZu1hegKCFRc3LI7HF_PnhdSQ_r4iKyuoGbuuFCfNdbhkvTbAp0JupiOWg6at0IgLpWTc33vTiWddwHI-AKd8831UXRSw3GkMs_jvtF6h5YUJuTdygydCOo3j_3WgwORbKgeD57AhTMYb-g8TtHfZ8taMzi3Md8dy1Iip5rU5P8m0BUycC-cs02c_i3sBWV4OR1hvpopSGkq5fedRdiLN-fZMDyt12jXTlZHrAbmJyKK7vF01iaShdRlf8r1ml4rJMX8I-vlSZf8Ya5gTbKgIiPJqSmfDFlz5Ikg0N0UdCl3vd3A_ZYwd9F5uSTTwK15VCEgSLRLCW5Rn5vod63iFBMuLopSLhvtQs5MhMTJE5FhILPii1_arSkc5yI1Nq9B2Kc3nr-bSiN8A4yIHoUQLDxj5Y_pT9HwunCslak75ZsK8SAGt4bmYEI1IdycGhB-ubTZNXCN_Dgp5wEoR__o-jDi_1y20qaVliZ8D-iw66h652_SKQgjTut4783TIEJgvYcMsc2lxRrPXz8ljMkrzsWCF4Q8V4ranMlClFzvHVMaa3-izxCETghzkSpAEWjd8jh_c-mMhLDn9soIrHyq4rtl-ZVV_nVcUeamyefUP98mUEelsIVXWXYUGFvlOuxw8ZXtvYZEGqO5oLRPlWPuurfL4jzgcRJQ4MV7NATBqnYGUQvvWQ0rN83Iv7ZeRutQeGsvwXiDngHNhP7kajd7zBSNop3Q69AN-i6_dWvGSm-rO_7NVEMhElaKxElLjrf0zujgTICPdBz5-XxYgCdUjCXT05xd-TZ-7PMMmhDS_3xg4oVOnMuE2UdaoXRTS4YzvMSiQkmgo2eFp_x9NqN0uFrahrz3NZvYispjIQGgH_bflQ6-PkmhsxFRTB4lhKq3vJMp7t_kIHv_2WjscQkx3tBfqwGzJ2ZMUYm3ILdIWoZkcuvOGfIEXR5N5RVOWMU2UfEqAsPWyrFveIrH2nvw7g3hUlCovf2CXvr1tjKiRGbZrsnNOdTE9yXZKqq7RPmshQCHD9xHLWPzRvViRmKPhl9CRYhdyLPm3clrjGknwfZsPr-t9URzSLt0uHKLIUTevGuynoqCORolCMocudu_SZh5EYqmnrtJgBc0fJUorQFuVEHoL1pmXVQPna32wzm_CfN2pFVW6NxmcZ3D5gEkxM0ghySYL7e-W5Kkx-8qLHm01OJL_310xi7hZHnZ83-UsGZAknM57f6juUVquavXFLJ9atTQ6DIyoQZofZspZcFd4OwuDW3o6vOBaf-mD-wU_UNMoptc0FPwBEqJ-ieOJsuxvtSaJOFLYWvKZMIgcKPZo0UTdXXqZOVIX9eW2uqCiMc2txc-vJ2YfXZ4NgXhzSdSzOmmxNcTjmC-b-23uG2r4ZMvN6_aTxK0zgWBWi7ID58HdrADVdBRzmVGMQNgaNLQJ-f0ewlxnP6GqtbJglvVxbUC-qAF85YkhJUhIGaOI4IrofBLtulvB2i7gG9aoy86ZB-5t6jjAE3H2cqdobZ1HzcF4&cid=CAASJORoiq1lUO5X3OpYXBKIauChZJBMPJGMfU_ZtSbhS7kGr3OVIA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:54:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
533
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:54:01 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/ Frame FD12 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220324/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8loTF1sdsVUXDUSoI4sT1jPGJeUH6uTcyqT6fKHSkLt1jeYLygu8E8ItYvliRkkkjlgsKy1XeXKmf5S8xLsBFhj4T1OxNwJqTsl_jANAXnkVEbxZv3ibrIVTzXqG-wBTW_q5NgVhJur5zkVdxz2S82xjWKA&dbm_d=AKAmf-D6BYFT_ZAQ5iTQ2h38puNnf3AZxa2u0MpoJdrUKLI_2e5O1k2zKyyb_eSkD0dLZReZcJyBKIEGYSUsumxAPg8KFsCbVQKMmvBFLP092z8OZDMgnxTfInLsbt3vynr6Z2ylIBE68KCNFDkGYNvZhVfIl1hP79nc_DQcfPMG5H5-AfAi1q0BPI4Cb2yVQwz6HJNUUarP_CYQ4ipOExPZg_Gnu-MjTESe9jBuBdiejpePV5_SDwZWT8LOoLAr8zbI5XR-F4XQkGpqWk5p-WDrNzhxSEauKv6eF4vhMRFUvEqr2N3OD5UbhHGjBROIheCKcj1iGgj7fLOLhUtYYdu_2_nc-BT4VnYrO0yI7eG3XUd4VDmYIEq4wc-kW-mHKbi9LEoqQ99mqwpcQnPIlnJbMPMFq9Yuh6mV2JL_4L3NJY9Lv2FRWLyRliEaAkDPU2ttskBfsU3n2tdnKHFsxKTouHM46jFr8-B8-DO_puzxWGec3Em2jszfi32_adAk0ZB9_K6xGmMhlJxcsyeJRRy1mKETlX6y33LkmitGTfvae3OzF6kbBu5Yqt0OcYZWyJIh4HamDsapQKUCvpFfLrm6rSUiKmfggi-u3n47IFSm6t4QaXzsZYet3_Z8WOCZVsjXqAea1ScnbR2bpirQx6NUIVVm09H2qzaFzZTysSmuRlaJeLwSO-HJjy09NbjequLHmMMPcvWhRmcFYqu-Uc6qCHS8REH8c8GBSuDIkIsSSgu1GS9QfTeyhySlDJY6TszAfyuA3qMsc554y0W-UVtYuBq8PhYzrjxW7i9kvgNY9pSn8juIyMJ-leU8CMeGeK8-0ZxPWKI6LI9jOypQHrQPQQwRMeFUySYXtI4MEh6Qpu2UghGyc2GAJQlI5bTQfCAtyjXdwS_c5Sug08KZZ4JLb65zJMjF_Vq84IXN8JccG2GTCzgVhN-wgFRQ-G3T1A1nmchfuiPC_V_jqt5LRkY_3HsP-_0gmM0lo9RkmNqUxUGxuob5E7RFKMh22-79zotc_a3l7vdgrx70wZ4ZwHc2iqBOLXDiJDgIOg3UxRg2UCobRVsJIqv0f3C593BVaf1sBzmItYluk_v7nZ2ANZuV89BID5Ex_QaBtuOmelvSkOnoNR5ptCgPECFTzHHE-q6doc7tO3pj70gNeUC80-JQL3umWWGO25xYCMqbsVullwDND1bLEngr6rOBC9B1DK42TXYkUTp1t1D66bKJWCJek7GW07P6WBbnBSGUzSoZljQY-Z_GJNX5kf51Vu5sBzZt6VkpYtFrWBzImiRfChpjH81wMYbWCEmJRcUjkWNYPre-VUggDg89txbfNvkSQ93QONOpmlt7myxFcWy2QOpGkgn06vezU5yBCwwOEtcd-JVFg5pBH7EyBVmpuc5h7yIFk3DBYncDCEas0WA0iD9gZ7BwA8Tv1MDu3yhnXiIxU_BWeniVEvSdfQkYphbmljPACfzMhFu7lXH-sSclIGFc-giJDG5kzZxJbUQuuJYzWCaLv9W3YQmo9ymtTH3hFwHPracnmxwlD3gM0wcA1_TYEbvyh7-nWFdQkNA0Nx-SPI1zAi5qx8ZpoCSYjgJCPcri9hbZu1hegKCFRc3LI7HF_PnhdSQ_r4iKyuoGbuuFCfNdbhkvTbAp0JupiOWg6at0IgLpWTc33vTiWddwHI-AKd8831UXRSw3GkMs_jvtF6h5YUJuTdygydCOo3j_3WgwORbKgeD57AhTMYb-g8TtHfZ8taMzi3Md8dy1Iip5rU5P8m0BUycC-cs02c_i3sBWV4OR1hvpopSGkq5fedRdiLN-fZMDyt12jXTlZHrAbmJyKK7vF01iaShdRlf8r1ml4rJMX8I-vlSZf8Ya5gTbKgIiPJqSmfDFlz5Ikg0N0UdCl3vd3A_ZYwd9F5uSTTwK15VCEgSLRLCW5Rn5vod63iFBMuLopSLhvtQs5MhMTJE5FhILPii1_arSkc5yI1Nq9B2Kc3nr-bSiN8A4yIHoUQLDxj5Y_pT9HwunCslak75ZsK8SAGt4bmYEI1IdycGhB-ubTZNXCN_Dgp5wEoR__o-jDi_1y20qaVliZ8D-iw66h652_SKQgjTut4783TIEJgvYcMsc2lxRrPXz8ljMkrzsWCF4Q8V4ranMlClFzvHVMaa3-izxCETghzkSpAEWjd8jh_c-mMhLDn9soIrHyq4rtl-ZVV_nVcUeamyefUP98mUEelsIVXWXYUGFvlOuxw8ZXtvYZEGqO5oLRPlWPuurfL4jzgcRJQ4MV7NATBqnYGUQvvWQ0rN83Iv7ZeRutQeGsvwXiDngHNhP7kajd7zBSNop3Q69AN-i6_dWvGSm-rO_7NVEMhElaKxElLjrf0zujgTICPdBz5-XxYgCdUjCXT05xd-TZ-7PMMmhDS_3xg4oVOnMuE2UdaoXRTS4YzvMSiQkmgo2eFp_x9NqN0uFrahrz3NZvYispjIQGgH_bflQ6-PkmhsxFRTB4lhKq3vJMp7t_kIHv_2WjscQkx3tBfqwGzJ2ZMUYm3ILdIWoZkcuvOGfIEXR5N5RVOWMU2UfEqAsPWyrFveIrH2nvw7g3hUlCovf2CXvr1tjKiRGbZrsnNOdTE9yXZKqq7RPmshQCHD9xHLWPzRvViRmKPhl9CRYhdyLPm3clrjGknwfZsPr-t9URzSLt0uHKLIUTevGuynoqCORolCMocudu_SZh5EYqmnrtJgBc0fJUorQFuVEHoL1pmXVQPna32wzm_CfN2pFVW6NxmcZ3D5gEkxM0ghySYL7e-W5Kkx-8qLHm01OJL_310xi7hZHnZ83-UsGZAknM57f6juUVquavXFLJ9atTQ6DIyoQZofZspZcFd4OwuDW3o6vOBaf-mD-wU_UNMoptc0FPwBEqJ-ieOJsuxvtSaJOFLYWvKZMIgcKPZo0UTdXXqZOVIX9eW2uqCiMc2txc-vJ2YfXZ4NgXhzSdSzOmmxNcTjmC-b-23uG2r4ZMvN6_aTxK0zgWBWi7ID58HdrADVdBRzmVGMQNgaNLQJ-f0ewlxnP6GqtbJglvVxbUC-qAF85YkhJUhIGaOI4IrofBLtulvB2i7gG9aoy86ZB-5t6jjAE3H2cqdobZ1HzcF4&cid=CAASJORoiq1lUO5X3OpYXBKIauChZJBMPJGMfU_ZtSbhS7kGr3OVIA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 03:51:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
658
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Apr 2022 03:51:56 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FD12 		0
24 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9FaGjEBiSz5MWhNb7YrjCfbrfrqGxBe9gX2k4b3C7GnxC3auuNkYgj6-gLyfWN3KOEd2T-REEzpwLXekeNQo44SngW_DZhGQm_kb-B9CzyoG_T8f4vRkROYm73X0mIB5NdWC7HIL7m7Qr0ZJjfhjFdUUTjsrVK2X_-eiP9nYHRLHmhhmYDzGudOd0JD-mBjGhT3RizYisSUvP9nTST0cEKEr336TFgsYeqplnXADTdTF5XN3_qGiFFc3i6ibw6KhGakCIu90i9XNvZKI-cvJPyc5ZZn8WhWiDhCYIBkXMuTaJX6XVt8bAw97ooI5N1zJTDWuUUb2pKhSx-DXva9a5dtw6qOzOhDwnWl0_yTCwm7f4ohqTqx6uQaH0QckJf6tTTGEO_ZK2GmVLFu0XfVbBUM2pZKOkpBCW18J3QMHrQENa3vYORlUosNoSEh4r2x2kuD4ena7jPuHmOFS1gJy41cGHf7D3yeDIcqrHp4pA-37rYfGTmembbkBmnYl-2irlWXShTJi3N3he35raBDVVep3ogYDi8lV_H0KppSDo1LNWrOlfuX_oYzI4NzHvnbSbuDgKzYcUhRneYqc5Yt_jSZWzQbArjiE6ewMjDSz8zcy2o-L5IUVExbjiSbb4t9cmAGQ_qBJ8-3YmUMQdvThaaIhUuP-nOcqk78VRcs38fnLlCeBjeh-N133xXegL2Ut0mZnIz3vuEeqbYhE6qIpsw9j-huaTTpL2wfmxN0uOqPG87rW0oyyOPs_PwFxAZYKiHAngJY3FFCXpHKcMOr_yx34HnrUmwd11hSOe1QRCGt7InTwqYyThiI3tFoZcPTE3N5lazzoiw4gQt4JDGgu5BxxzCn3ifr06JQMlqtKtcbQguUiEqHA5H36K7BDeM_qPsvhnoLJOP5BgFZU58kCn5GQh9qAs2XT6uuzSB_KwtVG_W_L7zTTnrPtb_3iLf73fz5rIo6a1oLEheh0gBkS8kM6Hy75A37mNj6wsZ3Vaw3HZcJ-Fga6xMxKrRcphal5lCOpRELCQLv5g0nuhABeXX8xEWJ3O6nERZBJwn9iOt_w_KfXeSDWKvrnqqg0Nn0nOFQoNHdCarJS3-h7H9tRg-3mXr4RfINSq6qHN7VIhO0m7LYKyAwLdQllVSL6LDl1tdOfBi9Rvk1hmV1gOQYecuOAV4h3DrzDyyAeLE_UhmoN-q4do0BiREx_73laTo161kasn&sai=AMfl-YR0-ehz5bOx-44Gm6qhiHKc4GZ7gC2q-cYGvCmSz5AWzLTU-kDjSNb_u7ojWePrVXUDpz2KHSdjlj4b4KCWBIBX8aJzTTyJaabOq3sXQ8TvCM1DCZva3KdfW-5LrCLCJqt6HRGcE_cXimZi_nnSpjK1Ypeoxp1GQIyO7MtgkVKI0w60TOh2gKgC7YNg8IbPGRXBRqKBzzIcafP6YgufecMVIto6I7f1ckDljz5n8R2x&sig=Cg0ArKJSzGErvV_wtlGlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20220324.02154&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8loTF1sdsVUXDUSoI4sT1jPGJeUH6uTcyqT6fKHSkLt1jeYLygu8E8ItYvliRkkkjlgsKy1XeXKmf5S8xLsBFhj4T1OxNwJqTsl_jANAXnkVEbxZv3ibrIVTzXqG-wBTW_q5NgVhJur5zkVdxz2S82xjWKA&dbm_d=AKAmf-D6BYFT_ZAQ5iTQ2h38puNnf3AZxa2u0MpoJdrUKLI_2e5O1k2zKyyb_eSkD0dLZReZcJyBKIEGYSUsumxAPg8KFsCbVQKMmvBFLP092z8OZDMgnxTfInLsbt3vynr6Z2ylIBE68KCNFDkGYNvZhVfIl1hP79nc_DQcfPMG5H5-AfAi1q0BPI4Cb2yVQwz6HJNUUarP_CYQ4ipOExPZg_Gnu-MjTESe9jBuBdiejpePV5_SDwZWT8LOoLAr8zbI5XR-F4XQkGpqWk5p-WDrNzhxSEauKv6eF4vhMRFUvEqr2N3OD5UbhHGjBROIheCKcj1iGgj7fLOLhUtYYdu_2_nc-BT4VnYrO0yI7eG3XUd4VDmYIEq4wc-kW-mHKbi9LEoqQ99mqwpcQnPIlnJbMPMFq9Yuh6mV2JL_4L3NJY9Lv2FRWLyRliEaAkDPU2ttskBfsU3n2tdnKHFsxKTouHM46jFr8-B8-DO_puzxWGec3Em2jszfi32_adAk0ZB9_K6xGmMhlJxcsyeJRRy1mKETlX6y33LkmitGTfvae3OzF6kbBu5Yqt0OcYZWyJIh4HamDsapQKUCvpFfLrm6rSUiKmfggi-u3n47IFSm6t4QaXzsZYet3_Z8WOCZVsjXqAea1ScnbR2bpirQx6NUIVVm09H2qzaFzZTysSmuRlaJeLwSO-HJjy09NbjequLHmMMPcvWhRmcFYqu-Uc6qCHS8REH8c8GBSuDIkIsSSgu1GS9QfTeyhySlDJY6TszAfyuA3qMsc554y0W-UVtYuBq8PhYzrjxW7i9kvgNY9pSn8juIyMJ-leU8CMeGeK8-0ZxPWKI6LI9jOypQHrQPQQwRMeFUySYXtI4MEh6Qpu2UghGyc2GAJQlI5bTQfCAtyjXdwS_c5Sug08KZZ4JLb65zJMjF_Vq84IXN8JccG2GTCzgVhN-wgFRQ-G3T1A1nmchfuiPC_V_jqt5LRkY_3HsP-_0gmM0lo9RkmNqUxUGxuob5E7RFKMh22-79zotc_a3l7vdgrx70wZ4ZwHc2iqBOLXDiJDgIOg3UxRg2UCobRVsJIqv0f3C593BVaf1sBzmItYluk_v7nZ2ANZuV89BID5Ex_QaBtuOmelvSkOnoNR5ptCgPECFTzHHE-q6doc7tO3pj70gNeUC80-JQL3umWWGO25xYCMqbsVullwDND1bLEngr6rOBC9B1DK42TXYkUTp1t1D66bKJWCJek7GW07P6WBbnBSGUzSoZljQY-Z_GJNX5kf51Vu5sBzZt6VkpYtFrWBzImiRfChpjH81wMYbWCEmJRcUjkWNYPre-VUggDg89txbfNvkSQ93QONOpmlt7myxFcWy2QOpGkgn06vezU5yBCwwOEtcd-JVFg5pBH7EyBVmpuc5h7yIFk3DBYncDCEas0WA0iD9gZ7BwA8Tv1MDu3yhnXiIxU_BWeniVEvSdfQkYphbmljPACfzMhFu7lXH-sSclIGFc-giJDG5kzZxJbUQuuJYzWCaLv9W3YQmo9ymtTH3hFwHPracnmxwlD3gM0wcA1_TYEbvyh7-nWFdQkNA0Nx-SPI1zAi5qx8ZpoCSYjgJCPcri9hbZu1hegKCFRc3LI7HF_PnhdSQ_r4iKyuoGbuuFCfNdbhkvTbAp0JupiOWg6at0IgLpWTc33vTiWddwHI-AKd8831UXRSw3GkMs_jvtF6h5YUJuTdygydCOo3j_3WgwORbKgeD57AhTMYb-g8TtHfZ8taMzi3Md8dy1Iip5rU5P8m0BUycC-cs02c_i3sBWV4OR1hvpopSGkq5fedRdiLN-fZMDyt12jXTlZHrAbmJyKK7vF01iaShdRlf8r1ml4rJMX8I-vlSZf8Ya5gTbKgIiPJqSmfDFlz5Ikg0N0UdCl3vd3A_ZYwd9F5uSTTwK15VCEgSLRLCW5Rn5vod63iFBMuLopSLhvtQs5MhMTJE5FhILPii1_arSkc5yI1Nq9B2Kc3nr-bSiN8A4yIHoUQLDxj5Y_pT9HwunCslak75ZsK8SAGt4bmYEI1IdycGhB-ubTZNXCN_Dgp5wEoR__o-jDi_1y20qaVliZ8D-iw66h652_SKQgjTut4783TIEJgvYcMsc2lxRrPXz8ljMkrzsWCF4Q8V4ranMlClFzvHVMaa3-izxCETghzkSpAEWjd8jh_c-mMhLDn9soIrHyq4rtl-ZVV_nVcUeamyefUP98mUEelsIVXWXYUGFvlOuxw8ZXtvYZEGqO5oLRPlWPuurfL4jzgcRJQ4MV7NATBqnYGUQvvWQ0rN83Iv7ZeRutQeGsvwXiDngHNhP7kajd7zBSNop3Q69AN-i6_dWvGSm-rO_7NVEMhElaKxElLjrf0zujgTICPdBz5-XxYgCdUjCXT05xd-TZ-7PMMmhDS_3xg4oVOnMuE2UdaoXRTS4YzvMSiQkmgo2eFp_x9NqN0uFrahrz3NZvYispjIQGgH_bflQ6-PkmhsxFRTB4lhKq3vJMp7t_kIHv_2WjscQkx3tBfqwGzJ2ZMUYm3ILdIWoZkcuvOGfIEXR5N5RVOWMU2UfEqAsPWyrFveIrH2nvw7g3hUlCovf2CXvr1tjKiRGbZrsnNOdTE9yXZKqq7RPmshQCHD9xHLWPzRvViRmKPhl9CRYhdyLPm3clrjGknwfZsPr-t9URzSLt0uHKLIUTevGuynoqCORolCMocudu_SZh5EYqmnrtJgBc0fJUorQFuVEHoL1pmXVQPna32wzm_CfN2pFVW6NxmcZ3D5gEkxM0ghySYL7e-W5Kkx-8qLHm01OJL_310xi7hZHnZ83-UsGZAknM57f6juUVquavXFLJ9atTQ6DIyoQZofZspZcFd4OwuDW3o6vOBaf-mD-wU_UNMoptc0FPwBEqJ-ieOJsuxvtSaJOFLYWvKZMIgcKPZo0UTdXXqZOVIX9eW2uqCiMc2txc-vJ2YfXZ4NgXhzSdSzOmmxNcTjmC-b-23uG2r4ZMvN6_aTxK0zgWBWi7ID58HdrADVdBRzmVGMQNgaNLQJ-f0ewlxnP6GqtbJglvVxbUC-qAF85YkhJUhIGaOI4IrofBLtulvB2i7gG9aoy86ZB-5t6jjAE3H2cqdobZ1HzcF4&cid=CAASJORoiq1lUO5X3OpYXBKIauChZJBMPJGMfU_ZtSbhS7kGr3OVIA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 29 Mar 2022 04:02:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FD12 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8loTF1sdsVUXDUSoI4sT1jPGJeUH6uTcyqT6fKHSkLt1jeYLygu8E8ItYvliRkkkjlgsKy1XeXKmf5S8xLsBFhj4T1OxNwJqTsl_jANAXnkVEbxZv3ibrIVTzXqG-wBTW_q5NgVhJur5zkVdxz2S82xjWKA&dbm_d=AKAmf-D6BYFT_ZAQ5iTQ2h38puNnf3AZxa2u0MpoJdrUKLI_2e5O1k2zKyyb_eSkD0dLZReZcJyBKIEGYSUsumxAPg8KFsCbVQKMmvBFLP092z8OZDMgnxTfInLsbt3vynr6Z2ylIBE68KCNFDkGYNvZhVfIl1hP79nc_DQcfPMG5H5-AfAi1q0BPI4Cb2yVQwz6HJNUUarP_CYQ4ipOExPZg_Gnu-MjTESe9jBuBdiejpePV5_SDwZWT8LOoLAr8zbI5XR-F4XQkGpqWk5p-WDrNzhxSEauKv6eF4vhMRFUvEqr2N3OD5UbhHGjBROIheCKcj1iGgj7fLOLhUtYYdu_2_nc-BT4VnYrO0yI7eG3XUd4VDmYIEq4wc-kW-mHKbi9LEoqQ99mqwpcQnPIlnJbMPMFq9Yuh6mV2JL_4L3NJY9Lv2FRWLyRliEaAkDPU2ttskBfsU3n2tdnKHFsxKTouHM46jFr8-B8-DO_puzxWGec3Em2jszfi32_adAk0ZB9_K6xGmMhlJxcsyeJRRy1mKETlX6y33LkmitGTfvae3OzF6kbBu5Yqt0OcYZWyJIh4HamDsapQKUCvpFfLrm6rSUiKmfggi-u3n47IFSm6t4QaXzsZYet3_Z8WOCZVsjXqAea1ScnbR2bpirQx6NUIVVm09H2qzaFzZTysSmuRlaJeLwSO-HJjy09NbjequLHmMMPcvWhRmcFYqu-Uc6qCHS8REH8c8GBSuDIkIsSSgu1GS9QfTeyhySlDJY6TszAfyuA3qMsc554y0W-UVtYuBq8PhYzrjxW7i9kvgNY9pSn8juIyMJ-leU8CMeGeK8-0ZxPWKI6LI9jOypQHrQPQQwRMeFUySYXtI4MEh6Qpu2UghGyc2GAJQlI5bTQfCAtyjXdwS_c5Sug08KZZ4JLb65zJMjF_Vq84IXN8JccG2GTCzgVhN-wgFRQ-G3T1A1nmchfuiPC_V_jqt5LRkY_3HsP-_0gmM0lo9RkmNqUxUGxuob5E7RFKMh22-79zotc_a3l7vdgrx70wZ4ZwHc2iqBOLXDiJDgIOg3UxRg2UCobRVsJIqv0f3C593BVaf1sBzmItYluk_v7nZ2ANZuV89BID5Ex_QaBtuOmelvSkOnoNR5ptCgPECFTzHHE-q6doc7tO3pj70gNeUC80-JQL3umWWGO25xYCMqbsVullwDND1bLEngr6rOBC9B1DK42TXYkUTp1t1D66bKJWCJek7GW07P6WBbnBSGUzSoZljQY-Z_GJNX5kf51Vu5sBzZt6VkpYtFrWBzImiRfChpjH81wMYbWCEmJRcUjkWNYPre-VUggDg89txbfNvkSQ93QONOpmlt7myxFcWy2QOpGkgn06vezU5yBCwwOEtcd-JVFg5pBH7EyBVmpuc5h7yIFk3DBYncDCEas0WA0iD9gZ7BwA8Tv1MDu3yhnXiIxU_BWeniVEvSdfQkYphbmljPACfzMhFu7lXH-sSclIGFc-giJDG5kzZxJbUQuuJYzWCaLv9W3YQmo9ymtTH3hFwHPracnmxwlD3gM0wcA1_TYEbvyh7-nWFdQkNA0Nx-SPI1zAi5qx8ZpoCSYjgJCPcri9hbZu1hegKCFRc3LI7HF_PnhdSQ_r4iKyuoGbuuFCfNdbhkvTbAp0JupiOWg6at0IgLpWTc33vTiWddwHI-AKd8831UXRSw3GkMs_jvtF6h5YUJuTdygydCOo3j_3WgwORbKgeD57AhTMYb-g8TtHfZ8taMzi3Md8dy1Iip5rU5P8m0BUycC-cs02c_i3sBWV4OR1hvpopSGkq5fedRdiLN-fZMDyt12jXTlZHrAbmJyKK7vF01iaShdRlf8r1ml4rJMX8I-vlSZf8Ya5gTbKgIiPJqSmfDFlz5Ikg0N0UdCl3vd3A_ZYwd9F5uSTTwK15VCEgSLRLCW5Rn5vod63iFBMuLopSLhvtQs5MhMTJE5FhILPii1_arSkc5yI1Nq9B2Kc3nr-bSiN8A4yIHoUQLDxj5Y_pT9HwunCslak75ZsK8SAGt4bmYEI1IdycGhB-ubTZNXCN_Dgp5wEoR__o-jDi_1y20qaVliZ8D-iw66h652_SKQgjTut4783TIEJgvYcMsc2lxRrPXz8ljMkrzsWCF4Q8V4ranMlClFzvHVMaa3-izxCETghzkSpAEWjd8jh_c-mMhLDn9soIrHyq4rtl-ZVV_nVcUeamyefUP98mUEelsIVXWXYUGFvlOuxw8ZXtvYZEGqO5oLRPlWPuurfL4jzgcRJQ4MV7NATBqnYGUQvvWQ0rN83Iv7ZeRutQeGsvwXiDngHNhP7kajd7zBSNop3Q69AN-i6_dWvGSm-rO_7NVEMhElaKxElLjrf0zujgTICPdBz5-XxYgCdUjCXT05xd-TZ-7PMMmhDS_3xg4oVOnMuE2UdaoXRTS4YzvMSiQkmgo2eFp_x9NqN0uFrahrz3NZvYispjIQGgH_bflQ6-PkmhsxFRTB4lhKq3vJMp7t_kIHv_2WjscQkx3tBfqwGzJ2ZMUYm3ILdIWoZkcuvOGfIEXR5N5RVOWMU2UfEqAsPWyrFveIrH2nvw7g3hUlCovf2CXvr1tjKiRGbZrsnNOdTE9yXZKqq7RPmshQCHD9xHLWPzRvViRmKPhl9CRYhdyLPm3clrjGknwfZsPr-t9URzSLt0uHKLIUTevGuynoqCORolCMocudu_SZh5EYqmnrtJgBc0fJUorQFuVEHoL1pmXVQPna32wzm_CfN2pFVW6NxmcZ3D5gEkxM0ghySYL7e-W5Kkx-8qLHm01OJL_310xi7hZHnZ83-UsGZAknM57f6juUVquavXFLJ9atTQ6DIyoQZofZspZcFd4OwuDW3o6vOBaf-mD-wU_UNMoptc0FPwBEqJ-ieOJsuxvtSaJOFLYWvKZMIgcKPZo0UTdXXqZOVIX9eW2uqCiMc2txc-vJ2YfXZ4NgXhzSdSzOmmxNcTjmC-b-23uG2r4ZMvN6_aTxK0zgWBWi7ID58HdrADVdBRzmVGMQNgaNLQJ-f0ewlxnP6GqtbJglvVxbUC-qAF85YkhJUhIGaOI4IrofBLtulvB2i7gG9aoy86ZB-5t6jjAE3H2cqdobZ1HzcF4&cid=CAASJORoiq1lUO5X3OpYXBKIauChZJBMPJGMfU_ZtSbhS7kGr3OVIA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 09:30:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66748
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Mar 2023 09:30:26 GMT
CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
pagead2.googlesyndication.com/bg/ Frame 2E94 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 21:45:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
22615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13806
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 21:45:59 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame FD12 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9FaGjEBiSz5MWhNb7YrjCfbrfrqGxBe9gX2k4b3C7GnxC3auuNkYgj6-gLyfWN3KOEd2T-REEzpwLXekeNQo44SngW_DZhGQm_kb-B9CzyoG_T8f4vRkROYm73X0mIB5NdWC7HIL7m7Qr0ZJjfhjFdUUTjsrVK2X_-eiP9nYHRLHmhhmYDzGudOd0JD-mBjGhT3RizYisSUvP9nTST0cEKEr336TFgsYeqplnXADTdTF5XN3_qGiFFc3i6ibw6KhGakCIu90i9XNvZKI-cvJPyc5ZZn8WhWiDhCYIBkXMuTaJX6XVt8bAw97ooI5N1zJTDWuUUb2pKhSx-DXva9a5dtw6qOzOhDwnWl0_yTCwm7f4ohqTqx6uQaH0QckJf6tTTGEO_ZK2GmVLFu0XfVbBUM2pZKOkpBCW18J3QMHrQENa3vYORlUosNoSEh4r2x2kuD4ena7jPuHmOFS1gJy41cGHf7D3yeDIcqrHp4pA-37rYfGTmembbkBmnYl-2irlWXShTJi3N3he35raBDVVep3ogYDi8lV_H0KppSDo1LNWrOlfuX_oYzI4NzHvnbSbuDgKzYcUhRneYqc5Yt_jSZWzQbArjiE6ewMjDSz8zcy2o-L5IUVExbjiSbb4t9cmAGQ_qBJ8-3YmUMQdvThaaIhUuP-nOcqk78VRcs38fnLlCeBjeh-N133xXegL2Ut0mZnIz3vuEeqbYhE6qIpsw9j-huaTTpL2wfmxN0uOqPG87rW0oyyOPs_PwFxAZYKiHAngJY3FFCXpHKcMOr_yx34HnrUmwd11hSOe1QRCGt7InTwqYyThiI3tFoZcPTE3N5lazzoiw4gQt4JDGgu5BxxzCn3ifr06JQMlqtKtcbQguUiEqHA5H36K7BDeM_qPsvhnoLJOP5BgFZU58kCn5GQh9qAs2XT6uuzSB_KwtVG_W_L7zTTnrPtb_3iLf73fz5rIo6a1oLEheh0gBkS8kM6Hy75A37mNj6wsZ3Vaw3HZcJ-Fga6xMxKrRcphal5lCOpRELCQLv5g0nuhABeXX8xEWJ3O6nERZBJwn9iOt_w_KfXeSDWKvrnqqg0Nn0nOFQoNHdCarJS3-h7H9tRg-3mXr4RfINSq6qHN7VIhO0m7LYKyAwLdQllVSL6LDl1tdOfBi9Rvk1hmV1gOQYecuOAV4h3DrzDyyAeLE_UhmoN-q4do0BiREx_73laTo161kasn&sai=AMfl-YR0-ehz5bOx-44Gm6qhiHKc4GZ7gC2q-cYGvCmSz5AWzLTU-kDjSNb_u7ojWePrVXUDpz2KHSdjlj4b4KCWBIBX8aJzTTyJaabOq3sXQ8TvCM1DCZva3KdfW-5LrCLCJqt6HRGcE_cXimZi_nnSpjK1Ypeoxp1GQIyO7MtgkVKI0w60TOh2gKgC7YNg8IbPGRXBRqKBzzIcafP6YgufecMVIto6I7f1ckDljz5n8R2x&sig=Cg0ArKJSzGErvV_wtlGlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=71&vt=11&dtpt=71&dett=2&cstd=0&cisv=r20220324.02154&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C8loTF1sdsVUXDUSoI4sT1jPGJeUH6uTcyqT6fKHSkLt1jeYLygu8E8ItYvliRkkkjlgsKy1XeXKmf5S8xLsBFhj4T1OxNwJqTsl_jANAXnkVEbxZv3ibrIVTzXqG-wBTW_q5NgVhJur5zkVdxz2S82xjWKA&dbm_d=AKAmf-D6BYFT_ZAQ5iTQ2h38puNnf3AZxa2u0MpoJdrUKLI_2e5O1k2zKyyb_eSkD0dLZReZcJyBKIEGYSUsumxAPg8KFsCbVQKMmvBFLP092z8OZDMgnxTfInLsbt3vynr6Z2ylIBE68KCNFDkGYNvZhVfIl1hP79nc_DQcfPMG5H5-AfAi1q0BPI4Cb2yVQwz6HJNUUarP_CYQ4ipOExPZg_Gnu-MjTESe9jBuBdiejpePV5_SDwZWT8LOoLAr8zbI5XR-F4XQkGpqWk5p-WDrNzhxSEauKv6eF4vhMRFUvEqr2N3OD5UbhHGjBROIheCKcj1iGgj7fLOLhUtYYdu_2_nc-BT4VnYrO0yI7eG3XUd4VDmYIEq4wc-kW-mHKbi9LEoqQ99mqwpcQnPIlnJbMPMFq9Yuh6mV2JL_4L3NJY9Lv2FRWLyRliEaAkDPU2ttskBfsU3n2tdnKHFsxKTouHM46jFr8-B8-DO_puzxWGec3Em2jszfi32_adAk0ZB9_K6xGmMhlJxcsyeJRRy1mKETlX6y33LkmitGTfvae3OzF6kbBu5Yqt0OcYZWyJIh4HamDsapQKUCvpFfLrm6rSUiKmfggi-u3n47IFSm6t4QaXzsZYet3_Z8WOCZVsjXqAea1ScnbR2bpirQx6NUIVVm09H2qzaFzZTysSmuRlaJeLwSO-HJjy09NbjequLHmMMPcvWhRmcFYqu-Uc6qCHS8REH8c8GBSuDIkIsSSgu1GS9QfTeyhySlDJY6TszAfyuA3qMsc554y0W-UVtYuBq8PhYzrjxW7i9kvgNY9pSn8juIyMJ-leU8CMeGeK8-0ZxPWKI6LI9jOypQHrQPQQwRMeFUySYXtI4MEh6Qpu2UghGyc2GAJQlI5bTQfCAtyjXdwS_c5Sug08KZZ4JLb65zJMjF_Vq84IXN8JccG2GTCzgVhN-wgFRQ-G3T1A1nmchfuiPC_V_jqt5LRkY_3HsP-_0gmM0lo9RkmNqUxUGxuob5E7RFKMh22-79zotc_a3l7vdgrx70wZ4ZwHc2iqBOLXDiJDgIOg3UxRg2UCobRVsJIqv0f3C593BVaf1sBzmItYluk_v7nZ2ANZuV89BID5Ex_QaBtuOmelvSkOnoNR5ptCgPECFTzHHE-q6doc7tO3pj70gNeUC80-JQL3umWWGO25xYCMqbsVullwDND1bLEngr6rOBC9B1DK42TXYkUTp1t1D66bKJWCJek7GW07P6WBbnBSGUzSoZljQY-Z_GJNX5kf51Vu5sBzZt6VkpYtFrWBzImiRfChpjH81wMYbWCEmJRcUjkWNYPre-VUggDg89txbfNvkSQ93QONOpmlt7myxFcWy2QOpGkgn06vezU5yBCwwOEtcd-JVFg5pBH7EyBVmpuc5h7yIFk3DBYncDCEas0WA0iD9gZ7BwA8Tv1MDu3yhnXiIxU_BWeniVEvSdfQkYphbmljPACfzMhFu7lXH-sSclIGFc-giJDG5kzZxJbUQuuJYzWCaLv9W3YQmo9ymtTH3hFwHPracnmxwlD3gM0wcA1_TYEbvyh7-nWFdQkNA0Nx-SPI1zAi5qx8ZpoCSYjgJCPcri9hbZu1hegKCFRc3LI7HF_PnhdSQ_r4iKyuoGbuuFCfNdbhkvTbAp0JupiOWg6at0IgLpWTc33vTiWddwHI-AKd8831UXRSw3GkMs_jvtF6h5YUJuTdygydCOo3j_3WgwORbKgeD57AhTMYb-g8TtHfZ8taMzi3Md8dy1Iip5rU5P8m0BUycC-cs02c_i3sBWV4OR1hvpopSGkq5fedRdiLN-fZMDyt12jXTlZHrAbmJyKK7vF01iaShdRlf8r1ml4rJMX8I-vlSZf8Ya5gTbKgIiPJqSmfDFlz5Ikg0N0UdCl3vd3A_ZYwd9F5uSTTwK15VCEgSLRLCW5Rn5vod63iFBMuLopSLhvtQs5MhMTJE5FhILPii1_arSkc5yI1Nq9B2Kc3nr-bSiN8A4yIHoUQLDxj5Y_pT9HwunCslak75ZsK8SAGt4bmYEI1IdycGhB-ubTZNXCN_Dgp5wEoR__o-jDi_1y20qaVliZ8D-iw66h652_SKQgjTut4783TIEJgvYcMsc2lxRrPXz8ljMkrzsWCF4Q8V4ranMlClFzvHVMaa3-izxCETghzkSpAEWjd8jh_c-mMhLDn9soIrHyq4rtl-ZVV_nVcUeamyefUP98mUEelsIVXWXYUGFvlOuxw8ZXtvYZEGqO5oLRPlWPuurfL4jzgcRJQ4MV7NATBqnYGUQvvWQ0rN83Iv7ZeRutQeGsvwXiDngHNhP7kajd7zBSNop3Q69AN-i6_dWvGSm-rO_7NVEMhElaKxElLjrf0zujgTICPdBz5-XxYgCdUjCXT05xd-TZ-7PMMmhDS_3xg4oVOnMuE2UdaoXRTS4YzvMSiQkmgo2eFp_x9NqN0uFrahrz3NZvYispjIQGgH_bflQ6-PkmhsxFRTB4lhKq3vJMp7t_kIHv_2WjscQkx3tBfqwGzJ2ZMUYm3ILdIWoZkcuvOGfIEXR5N5RVOWMU2UfEqAsPWyrFveIrH2nvw7g3hUlCovf2CXvr1tjKiRGbZrsnNOdTE9yXZKqq7RPmshQCHD9xHLWPzRvViRmKPhl9CRYhdyLPm3clrjGknwfZsPr-t9URzSLt0uHKLIUTevGuynoqCORolCMocudu_SZh5EYqmnrtJgBc0fJUorQFuVEHoL1pmXVQPna32wzm_CfN2pFVW6NxmcZ3D5gEkxM0ghySYL7e-W5Kkx-8qLHm01OJL_310xi7hZHnZ83-UsGZAknM57f6juUVquavXFLJ9atTQ6DIyoQZofZspZcFd4OwuDW3o6vOBaf-mD-wU_UNMoptc0FPwBEqJ-ieOJsuxvtSaJOFLYWvKZMIgcKPZo0UTdXXqZOVIX9eW2uqCiMc2txc-vJ2YfXZ4NgXhzSdSzOmmxNcTjmC-b-23uG2r4ZMvN6_aTxK0zgWBWi7ID58HdrADVdBRzmVGMQNgaNLQJ-f0ewlxnP6GqtbJglvVxbUC-qAF85YkhJUhIGaOI4IrofBLtulvB2i7gG9aoy86ZB-5t6jjAE3H2cqdobZ1HzcF4&cid=CAASJORoiq1lUO5X3OpYXBKIauChZJBMPJGMfU_ZtSbhS7kGr3OVIA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:02:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4CE0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 28 Mar 2022 05:53:44 GMT
expires
Tue, 29 Mar 2022 05:53:44 GMT
cache-control
public, max-age=86400
age
79750
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6577 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 09:31:07 GMT
expires
Tue, 28 Mar 2023 09:31:07 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
66707
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FD12 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4799b1cb5c9dc44f6d184bff5024455090b6b4bcd00a8f16ae2b43d84ea852fc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
4.js
static.adsafeprotected.com/ Frame FD12
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/974135/61365881/4.js?ias_dspID=3&ias_campId=27188786&ias_pubId=pub-8610050614645263&ias_chanId=1&ias_placementId=16506055354&bidurl=https://ivona.ua/&ias_dealI...
  • https://static.adsafeprotected.com/4.js
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
2600:9000:2246:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id
Un_.8Vp_TKwliNJVsYlZHVB1x_sghLWA
content-encoding
gzip
etag
W/"96e16e7453ae2e6952bc6d2a20ea29f7"
age
265963
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 01 Mar 2022 19:10:48 GMT
server
AmazonS3
date
Sat, 26 Mar 2022 02:10:13 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 06d6f648c97d8c16ca5220ea2f4edf86.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
MXP63-P1
x-amz-cf-id
vvJoOmOKsIcKSHEsZVF4znANnCC1blT2JezM-wFMxmYdEtI3zAAuug==

Redirect headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-server-name
app07.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js
cache-control
no-cache
content-length
0
server
nginx
sca.17.5.12.js
static.adsafeprotected.com/ Frame 5D56 		80 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2246:cc00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 13:58:04 GMT
content-encoding
gzip
age
3593092
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
AmazonS3
etag
W/"9304f57298c3834ff107ea7ccb547996"
vary
Accept-Encoding
x-amz-version-id
9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via
1.1 06d6f648c97d8c16ca5220ea2f4edf86.cloudfront.net (CloudFront)
cache-control
max-age=315360000
x-amz-cf-pop
MXP63-P1
content-type
application/javascript
x-amz-cf-id
016ncfdcbcx4gUI4psQkPT-fSAPwOZ8mFbGD5s3Z-n3HyLF_EGkf5A==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8566 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Brsf37YRCYs2YOt2C7_UPh9aiuA8AAAAAOAHgBAI&bg=!dXaldjLNAAbzJazn0yU7ACkAdvg8WoQkeSx5NMYXcD4BSOCHjZqjyC2L2_xzUkQYORTCJSM9zfqt2gIAAAG5UgAAAAFoAQeZAyFnYPMNMhGKAHEGwASfcd9YbWzuui79JvSztiDUw99Vv56oG32CQp7y31Kn_gsOzp7K6G07aem7umXjNrws9EFWyZXE9s-LZRkW1B85wU4smkSR-081LMGXw58w9pdByM-SWNGS37sbe46rCJaolUBgoGIJ4NOKXJcCpVKMsKS3aNVppYQvMmZyWpAeb6mcN0YvaHbsbeKX65dX--5Ed-QDESzw4Y1xUyenI7_4eF5lv5tc_WzHkda0szPZioIHNHFHS5eDD5_S6mnaNecgXSSCVeVU-stdoxNPs95LQuWQ-XcweFqzklNo1sUVW6imuX4AencMkcjH9wN3A7Z6aG_-pIqjFUgKarC-YvsmKC6UI1VYqS6l6kmQ0ZbDDIgZEkf036em2TqqdOKZv9SYyCONAzaoKEEtK6wG59rVJV_9PU-C0OCXoToVcrvPXIkk04lHDWFcOSY9F8dnfx44-YC0Y0pC4wJf43k2AW3m2UYx9J9pNxv9YWk-G3XB0tsszJ0qQS9mBPHUR98hQ5DTufVxpWg-j4zi4up1am6p9coaT9cgqMqnqa1OH3XQUPb4bd7R6hTdXXk14XvCVh5MMIcJ8fODM0Pv5n7CaBuz_mdeeC6nH5djxZcF1LaiUjm0pZ6UhCm2PJVj_9ucPZogJuBvnCrcxkDt3GZkMOtVxQcaT1pG9EWetfNEw1TPUUODysJtWFQPSs-rBC9Bn0lWSGFGzQhWoyfKDAR-BlVSItdeG5Uki0N2ZV1XscAsvmdeeGP56QhUuNDbjAWvI7Ufg3CDDoWxIzFzWsqcCxjqQ4rmej4_bgCP6cZXP7VXnMZMfGBznsIs7fh7j1OqQU4lgwDqL0OicSsTDJe5HbCpmJkQCUuj1rsfeIhJ1QHFEtgbE2JhYWRXJaI20wyq6bx2beq0VXtQgmYdRhseRlBq-QdXVqB-cxQz66dtgNATj-DWR6lLrMy8hUlJMqGjsJ8Oo3QdilYbDsrmTzIWvARpVlARfA1QMlKsj4j5BniPKVT1Hnu_lU1Qk0r7PXYtNw4zPi6ouD7PQn4UieT9ODN28-HtYTM
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=b594bdda-c9c7-30cb-171d-ebe628589393&tv=%7Bc:8dGSGv,time:1497,type:e,im:%7Bpci:%7Btdr:1071%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:1497,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1492~0%5D,as:%5B1492~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:286,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.995085-61697697%7C1i11%7C1i12%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m%7C1n%7C1p.974135-61365881,idMap:1i1.e3572ffa-e68d-39b8-08dc-b3dfaf959768.41_10933%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame F7C5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=bf8a5836-cc21-8006-4566-fa89611e085b&tv=%7Bc:8dGSGR,pingTime:-10,time:519,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1648526575033%7C%7C27b6b02b5d777f144750f366ee09fbde%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Cd26f76a8b255906efbe88f34dc956e3b%7C%7C9ab3166de8f5ce66b79a7e9b25267b21%7C%7C9fd4cb5df192799a392e53b0362326fd%7C%7C55380cc54fe92d2fd9eb89be2e805cf5%7C%7C178958602afcfb14ad940879565a2f28%7C%7C1629390669%7D
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame FD12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=66fcae39-460a-8b26-a67b-cefd63296064&tv=%7Bc:8dGSHc,pingTime:-3,time:97,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:27%7D,%7Bpiv:0,vs:o,r:l,t:96%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:97,n:96,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B88~1,0~0%5D,as:%5B88~300.250%5D%7D%7D,%7Bsl:o,t:96,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1rjvrL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1p21%7C1p3%7C1p4%7C1q1%7C1q2%7C1r%7C1s1%7C1s2%7C1t*.974135-61365881%7C1t1%7C1t2%7C1t3,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame FD12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=66fcae39-460a-8b26-a67b-cefd63296064&tv=%7Bc:8dGSHd,pingTime:-6,time:98,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:98,n:96,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B88~1,0~0%5D,as:%5B88~300.250%5D%7D%7D,%7Bsl:o,t:96,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B3~0%5D,as:%5B3~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1rjvrL+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p1%7C1p21%7C1p3%7C1p4%7C1q1%7C1q2%7C1r%7C1s1%7C1s2%7C1t*.974135-61365881%7C1t1%7C1t2%7C1t3,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs%7D&tpiLookup=ao:ivona.ua*&br=c
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ev_view.aspx
inv-nets.admixer.net/ 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=98b8df611fd045c68d9c8d6855a92441&zone=E7702231-2E98-4FD2-8C48-2B474CAB0363&device=28&rule=367981D1-53B6-4DD6-8A3E-50DB6709E57C&requestId=06edbf2c-04e9-4510-b045-b55af17b953e&hp=-370074540&page=ivona.ua%2F&segments=5%2C1%2C490&ts=637841233723929476&ap=NDU%3D&asign=-1611683636&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-6&pxl=0&pvid=3307e8b1-e117-41c5-8f2f-fb7fe0668df7&ip=217.138.196.106&item=F8B2536D-904F-43FA-A7FF-34F8638AC44B&crid=F8B2536D-904F-43FA-A7FF-34F8638AC44B&profile=A882975B-8C3C-40D9-B188-89F4EF2DFCE1&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 29 Mar 2022 04:02:55 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
dt
dt.adsafeprotected.com/ Frame FD12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=66fcae39-460a-8b26-a67b-cefd63296064&tv=%7Bc:8dGSHG,pingTime:-2,time:127,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:489,beZ:490,mfA:492,cmA:494,inA:494,inZ:500,prA:500,prZ:512,si:517,poA:518,poZ:534,cmZ:534,mfZ:534,loA:588,loZ:590,ltA:616,ltZ:616%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:27%7D,%7Bpiv:0,vs:o,r:l,t:96%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:127,n:96,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B88~1,0~0%5D,as:%5B88~300.250%5D%7D%7D,%7Bsl:o,t:96,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B31~0%5D,as:%5B31~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1.995085-61697697%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p.974135-61365881%7C1p1%7C1p21%7C1p3%7C1p4%7C1q1%7C1q2%7C1r%7C1s1%7C1s2%7C1t*.974135-61365881%7C1t1%7C1t2%7C1t3,idMap:1t*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:98,readyFired:true%7D&br=c
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
pixel
cm.g.doubleclick.net/ Frame 4CE0
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEC_9F3E5bhidDqy8MDN3ywY&google_cver=1&google_push=AYg5qPKFiz8-SpIClqgK-AotpXq30Kq4k6gTmGzuYRrCbbVuK0pVZGGLk_...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKFiz8-SpIClqgK-AotpXq30Kq4k6gTmGzuYRrCbbVuK0pVZGGLk_MxtvhZlT_1mr9MAB9oim3TDZVMxoGNJuu_AcC6TS4&google_hm=v6yOJjayfSGIB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKFiz8-SpIClqgK-AotpXq30Kq4k6gTmGzuYRrCbbVuK0pVZGGLk_MxtvhZlT_1mr9MAB9oim3TDZVMxoGNJuu_AcC6TS4&google_hm=v6yOJjayfSGIBeLk0CjKoA
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPKFiz8-SpIClqgK-AotpXq30Kq4k6gTmGzuYRrCbbVuK0pVZGGLk_MxtvhZlT_1mr9MAB9oim3TDZVMxoGNJuu_AcC6TS4&google_hm=v6yOJjayfSGIBeLk0CjKoA
pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4CE0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L441k6dOYQjb_x1IEx5VCUwzceoMQl
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:55 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dt
dt.adsafeprotected.com/ Frame FD12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=66fcae39-460a-8b26-a67b-cefd63296064&tv=%7Bc:8dGSHZ,pingTime:-10,time:146,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85OS4wLjQ4NDQuNTEgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1648526575033%7C%7C27b6b02b5d777f144750f366ee09fbde%7C%7C6b9a00393fb1607b0ada13520f814ab5%7C%7Cd26f76a8b255906efbe88f34dc956e3b%7C%7C9ab3166de8f5ce66b79a7e9b25267b21%7C%7C9fd4cb5df192799a392e53b0362326fd%7C%7C55380cc54fe92d2fd9eb89be2e805cf5%7C%7C178958602afcfb14ad940879565a2f28%7C%7C1629390669,sca:%7Bspg:bf8a5836-cc21-8006-4566-fa89611e085b%7D%7D
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
pagead2.googlesyndication.com/bg/ Frame 6577 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 20:32:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
27010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13638
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 20:32:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E245 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVbGA7oRCYor_DIqNrASw4YnIDAAAAAA4AeAEAg&bg=!UFOlUxfNAAbzJazn0yU7ACkAdvg8WrnpDG7bx4GbdMzxoB_zaTO6T55g36uXx7mbQEQ5SuIpr5KTIQIAAAE7UgAAAANoAQeZAzIrcPkTkQ0foy-PSMEjyR-zFvrQu-inB6BlbKGxjnaipFjGpMjpzMvNFp_Hh-wWX8Eh8NIxL7EF1bCJl0r0HVtTOLzwpo-WvSAzVly-eY5m5BfE6jqAzFPqZRcc3S11rDNoXWArwRZ5DaVVUt7b-TqDTjHSU9W6_5tsue_190-j8CZ5OSWM8rTxdOOCAB9AluQ7om-lOhej4qBnLG4OTz72W5jTobj9Zwfl1zaz5awfb-MmeMht46aTK_rV_9Gq23AjQKU19GDsr34opNMovZaBYgqqG-_lkHLUqNV64HAhL6OgmMeyVLVOOCDXWmxwax_kUgkuXLqKoo8To_z6HKwViwb6C9SqUMldBGhQ1VjCF-7q53Xo7U-kKlN5WF3z5Oux9B3ebFW-JVYhj98Ckz8o6qj3B_vBh4HTXHlp9W5PvgYzAwZSmPtOIOAYg1-lcNYCUK7A44x4cIQwsV_-gLn9fayaeMp_U32Ic2ARfXpIXRjIDhHx7KF5pv68C_sRNeAVWDo5wFQLydXEATBklPUaPkvsIa3wgi6weKBfkFvqzJRdrY9cLpTeHAWZX3B-Pv_oUwtLryBjgCopyT18SZSZx-uTiSIDKGmZnl5GXKnLqEe7RIVzYS6tt8zISEbtLGyxRHxc8teovAJdx7ml_10cYRbc9UvThTzLYMCjNW4T36XlsNpdE_EoJq9y6zG7cgc-4tc1_eQ1KALmlNGSzFZCBMWytWHBIr4OjyzHtoxUEM5tErYmtN9mb6USE2GMyNKAKjXaDVs0_lEltRP6n8hES4Lqaf3NlmB-UKC0owLDFjS3cBIcFufX_VaXZy2j9yZFlyA_OMkkgMK--cGi-HTBY7s1PXCLX7kifRQqkbGZt_2HRck-bIi-54WGRuMZRKwj0C4vLdMK-mz9lXiOOCA5o68uiz74xUChi6x-wIlqQk7mn8yxmw8uzCbbtUWEkGr_WuEXH4aqozz9arlrDEIdlXnb1VJHjSQA5XBrTh8MJhagjXNfLEuBT646R10Y4knvFqEmiUOPrPokzShFkJPODzr-PRI2jFFS_LbnYlZEfQ7_5JjWWgbxFJ2vbNl-2d-HNg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6577 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0HTT7oRCYq63KbmDjuwPzbessAwAAAAAOAHgBAI&bg=!ammlaS3NAAbzJazn0yU7ACkAdvg8WgLgkabjiXiVaxzE9yR04m0hKpqVsnOQlGLYhqX8lhjj_9l0MwIAAABXUgAAAAJoAQeZAxwbsnihnarKNOvW4DKvS1q98IzZupwb_eF0l-WRer5WqNJ1IGIRHz477d_F1rFPftTf0I8MzmwvT3LXs9SQALmbc_06YAVQjEglmuqlQmOvq6VklB8zeu-iD9GCb0JjwWdQm-IPoUMAKFmm8fn9M_tYP7gQwJi3rDixl_pmCHxwbhba0AiGrSnMLgCNBz4SOMZZI1EIogiiCaRuOfthaan8GaUgB4fTReA4NqeQxBSPqouMB9r0G9K9zb9x46fdlFY3zg6x2GSqm9-eDYrHbl5mV4sXPNvglUuFnsFx2prus9ehJBsMgHjktqupFuPjLp5N7pBSXFCN4s6naO3Jw0qmWtMpqenBwrp2lgTpeps5XmF-6lxdbOE5_oP5HA7xp-ywDz2wouWE0IiLaiKD5TOQHjxLh1DqbCThRpVoJ9-tfj9EZI5Xf5KPZA7t2yCDVGxVYLQClaDn_zYpDz2E5sicpXx7y9DXEMh7Lj54lQ6Ht59HcI12ar4epNgMGgJT2puxf1q_xtO3hfeiVo7CCLmIeZ2TgItT5emtq7X_IFL6e_mf-beHWKq2J73S-HBUiihBtVlnO6InHnHNU-FHNzdRzh490EdUcdnyy-tpGKtTG-GTYmAWT4Y-SjhTJQGhdZpWifs4w9PDj94l_4acGYQNzHlpNqGy5bYyHc4NsiUbTvDTlEtWAEs9Q7JINonn844FTy-c_XyokJZNAKeWhoAfEoHXvwDBTuAK2tjepEGbAYEo9PDBVnhnfBLXJTk1CItpR_fOtuXKYCudndxooOah_RlrsSGIMRjyRkPH7xCB8_3GArZfq1PeK7za375-jjYAobJIpLpI6qGlHK0N9nupw6XPzwG6bDcQTMdcH5X4lKGydfEMybgcWwCr9KpIFI1wL0xRnecdD4AtA6i-GQWsgBpeiO5NjTNA0PeBUlwJEnasMfHyVK0-Z4rCPLr7b55hxufOxA5lESAvVnv512-ntfn_xaRButLq-efGt2UzwfSqnG_Dh6Pk5y45TV2XjOsjni0tkFADEZ2FDGbKYY2OCAiQGgQS5bQ4TigY
Requested by
Host: fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
URL: https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/login/ Frame F00D
Redirect Chain
  • https://www.facebook.com/v3.1/plugins/page.php?adapt_container_width=true&app_id=1797034293858937&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df314725eace276%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff1dc7bb952519c%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=0db15fe7ccd9fce134eaf35a9bfd7c13
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
5/mRvC57Gm0iW72KkD9nWAWDp+pgx1SZNeLZI8+0RXGv87xIDS2ftDl4gr5LbyDY79rKqYOUSJlslmPfUODLJQ==
date
Tue, 29 Mar 2022 04:02:55 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=0

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df314725eace276%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff1dc7bb952519c%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v6.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
yJOHBBqGTlNoAe6MMEaHB9UtqtNEUjvSm8Ma/rIaVQduXTX3Xg+VFob8fXFl/6UyvM3m6xGUGDA3MvKUysswwA==
content-length
0
date
Tue, 29 Mar 2022 04:02:55 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220324&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065859
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6945983d5e68de3c9ce6544a33846d85fccd7ba45195e506e9784330377aae8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 29 Mar 2022 04:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10578
x-xss-protection
0
truncated
/ 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
activeview
pagead2.googlesyndication.com/pcs/ Frame B414 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRdpBIyajhYlSIsf03EFKsMFEvwDNPeP8T2ebkmV96pNiaocYblyf05Y_BR9rIGjeY-tnkgsjWQZA5mWd7L2mb-ExCU9AHIQ&sig=Cg0ArKJSzIUUKllU0lB5EAE&id=lidar2&mcvt=1018&p=0,0,90,728&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=3430571816&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648526572930&rpt=1341&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B414 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEUNlxx0rVZSp7C0F98c1yRSon7D-k9RCOCpbO_Zu1wxH30XUhCYiXi9LDHg2lYNNSVEOS0cy5EBUdfPLIKWgwY5Lz74ZllpuySNVvfA8fDRy3Xf5etQ&sai=AMfl-YQaMurXxnSoOawon2Q47ANhai06vtpt-3J0gi5s7M4RxEX10-i2z9GN14p4nJDz33uhJkSZYhRvxWdo39SpY06EufxW8cmdY1oU-s59U9OC5S6VTJZSgaajoaA&sig=Cg0ArKJSzMY2Pmk_3Me8EAE&cid=CAASJORo8xXPkfT3u6gzrEmGuNoo3JSUYulfrYNjMFKNtVDkndnyhA&id=lidar2&mcvt=1019&p=0,0,94,728&mtos=0,1019,1019,1019,1019&tos=0,1019,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=739537396&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648526572930&rpt=1338&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31065859
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 29 Mar 2022 04:02:55 GMT
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e3572ffa-e68d-39b8-08dc-b3dfaf959768&tv=%7Bc:8dGSMx,pingTime:1,time:1311,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:217%7D,%7Bpiv:0,vs:o,r:l,t:263%7D,%7Bpiv:100,vs:i,r:,t:310%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1001,o:310,n:263,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:217,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1,0~0%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~728.90%5D%7D%7D,%7Bsl:i,t:310,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:348,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p.974135-61365881%7C1p1%7C1q%7C1r%7C1t.974135-61365881,idMap:1i1.b594bdda-c9c7-30cb-171d-ebe628589393.48_995085-61697697%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-server-name
dt08.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e3572ffa-e68d-39b8-08dc-b3dfaf959768&tv=%7Bc:8dGSMy,pingTime:1,time:1312,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:217%7D,%7Bpiv:0,vs:o,r:l,t:263%7D,%7Bpiv:100,vs:i,r:,t:310%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:310,n:263,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:217,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1,0~0%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~728.90%5D%7D%7D,%7Bsl:i,t:310,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:348,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p.974135-61365881%7C1p1%7C1q%7C1r%7C1t.974135-61365881,idMap:1i1.b594bdda-c9c7-30cb-171d-ebe628589393.48_995085-61697697%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-server-name
dt07.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e3572ffa-e68d-39b8-08dc-b3dfaf959768&tv=%7Bc:8dGSMy,pingTime:1,time:1312,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:217%7D,%7Bpiv:0,vs:o,r:l,t:263%7D,%7Bpiv:100,vs:i,r:,t:310%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:310,n:263,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:217,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1,0~0%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~728.90%5D%7D%7D,%7Bsl:i,t:310,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:348,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p.974135-61365881%7C1p1%7C1q%7C1r%7C1t.974135-61365881,idMap:1i1.b594bdda-c9c7-30cb-171d-ebe628589393.48_995085-61697697%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7BA7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 28 Mar 2022 21:47:23 GMT
expires
Tue, 28 Mar 2023 21:47:23 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
22532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame AB01 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bddaef7995c0a4e0354c95353ff162e49369530106b69d2ae955992013afd029
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-violuj3JYsY7hTHgH+lr1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 29 Mar 2022 04:02:55 GMT
date
Tue, 29 Mar 2022 04:02:55 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-violuj3JYsY7hTHgH+lr1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame AB01 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220324&jk=3184350614233474&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
pagead2.googlesyndication.com/bg/ Frame 7BA7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/njEQSFvQmVZPXGz1GqDnvx6UYUmy29w-ZdzcuuIp78M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 20:32:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
27010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13638
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 28 Mar 2023 20:32:45 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F7C5 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuR-0PrLOrgDEfa75QQ_qlD79DG7jgT7c8uKEtpwGLgkXrchnL5Z-Y302wOJ39fY9kynaO-6_fDnTA3aq1pVtW-wo4qOo09hbGJL7_X&sai=AMfl-YRaaMrZvg3-NouX2QIIeybHlcbqRQd8HCy5EnZtg-ARmMKMeSR83RIFI7XjthH-ruiDbwmNZpyIWs0-DHaBYGaZXsco9rTJd24QQegjcI2_x5fs0oiwl4c7G2w&sig=Cg0ArKJSzEL7OEKacfQ0EAE&cid=CAASJORo2TtRC6aNDMh3Tlmso4pl5qIvUpEfnonE64UW8uH6q6NYaQ&id=lidar2&mcvt=1009&p=950,0,1200,300&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2377197373&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648526574010&rpt=485&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame F7C5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=bf8a5836-cc21-8006-4566-fa89611e085b&tv=%7Bc:8dGSQD,pingTime:1,time:1125,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:18%7D,%7Bpiv:0,vs:o,r:l,t:84%7D,%7Bpiv:100,vs:i,r:,t:109%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1016,o:109,n:84,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~1,0~0%5D,as:%5B79~300.250%5D%7D%7D,%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B25~0%5D,as:%5B25~300.250%5D%7D%7D,%7Bsl:i,t:109,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1016~100%5D,as:%5B1016~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:194,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1.995085-61697697%7C1i11%7C1i12%7C1i13%7C1i14%7C1i151%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p*.974135-61365881%7C1p1%7C1p2%7C1p3%7C1q1%7C1r%7C1s%7C1t.974135-61365881,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame F7C5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=bf8a5836-cc21-8006-4566-fa89611e085b&tv=%7Bc:8dGSQD,pingTime:1,time:1125,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:18%7D,%7Bpiv:0,vs:o,r:l,t:84%7D,%7Bpiv:100,vs:i,r:,t:109%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1016,o:109,n:84,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~1,0~0%5D,as:%5B79~300.250%5D%7D%7D,%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B25~0%5D,as:%5B25~300.250%5D%7D%7D,%7Bsl:i,t:109,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1016~100%5D,as:%5B1016~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:194,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1.995085-61697697%7C1i11%7C1i12%7C1i13%7C1i14%7C1i151%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p*.974135-61365881%7C1p1%7C1p2%7C1p3%7C1q1%7C1r%7C1s%7C1t.974135-61365881,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame F7C5 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=bf8a5836-cc21-8006-4566-fa89611e085b&tv=%7Bc:8dGSQE,pingTime:1,time:1126,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:18%7D,%7Bpiv:0,vs:o,r:l,t:84%7D,%7Bpiv:100,vs:i,r:,t:109%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1017,o:109,n:84,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:18,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B79~1,0~0%5D,as:%5B79~300.250%5D%7D%7D,%7Bsl:o,t:84,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B25~0%5D,as:%5B25~300.250%5D%7D%7D,%7Bsl:i,t:109,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1017~100%5D,as:%5B1017~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:194,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1.995085-61697697%7C1i11%7C1i12%7C1i13%7C1i14%7C1i151%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p*.974135-61365881%7C1p1%7C1p2%7C1p3%7C1q1%7C1r%7C1s%7C1t.974135-61365881,idMap:1p*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:55 GMT
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
generate_204
tpc.googlesyndication.com/ Frame 7BA7 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?7LM4EQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 04:02:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame FD12 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFOr0nQWGxNB4tIdT0gbVPASRvgWOcyb9azHw4UgrEIWSIOSsyYXiz0XLvanWofwW_HKLbikn-CA7Ozj52QIhLpf-fLjhZgYS-UKRn&sai=AMfl-YRrJkhmvRulDw8Oyr8KSJVX9K79f8YoIJ8m8mUfhUdG40tv_uKAoa5ErZHviWpIQzWBWMVNsbkrDeU8N70l83HWOlDmaDw8uRbYhr143j7OMhiIELj_vV0wSjc&sig=Cg0ArKJSzA4DQG4_upZbEAE&cid=CAASJORoiq1lUO5X3OpYXBKIauChZJBMPJGMfU_ZtSbhS7kGr3OVIA&id=lidar2&mcvt=1000&p=889,980,1139,1280&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2121196142&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648526574468&rpt=432&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame FD12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=66fcae39-460a-8b26-a67b-cefd63296064&tv=%7Bc:8dGSXR,pingTime:1,time:1130,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:27%7D,%7Bpiv:0,vs:o,r:l,t:96%7D,%7Bpiv:100,vs:i,r:,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:129,n:96,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B88~1,0~0%5D,as:%5B88~300.250%5D%7D%7D,%7Bsl:o,t:96,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~300.250%5D%7D%7D,%7Bsl:i,t:129,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:181,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1.995085-61697697%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p.974135-61365881%7C1p1%7C1p21%7C1p3%7C1p4%7C1q1%7C1q2%7C1r%7C1s1%7C1s2%7C1t*.974135-61365881%7C1t1%7C1t2%7C1t3,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:56 GMT
x-server-name
dt06.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame FD12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=66fcae39-460a-8b26-a67b-cefd63296064&tv=%7Bc:8dGSXR,pingTime:1,time:1130,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:27%7D,%7Bpiv:0,vs:o,r:l,t:96%7D,%7Bpiv:100,vs:i,r:,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:129,n:96,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B88~1,0~0%5D,as:%5B88~300.250%5D%7D%7D,%7Bsl:o,t:96,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~300.250%5D%7D%7D,%7Bsl:i,t:129,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:181,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1.995085-61697697%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p.974135-61365881%7C1p1%7C1p21%7C1p3%7C1p4%7C1q1%7C1q2%7C1r%7C1s1%7C1s2%7C1t*.974135-61365881%7C1t1%7C1t2%7C1t3,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:56 GMT
x-server-name
dt05.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame FD12 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=974135&asId=66fcae39-460a-8b26-a67b-cefd63296064&tv=%7Bc:8dGSXS,pingTime:1,time:1131,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:27%7D,%7Bpiv:0,vs:o,r:l,t:96%7D,%7Bpiv:100,vs:i,r:,t:129%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:129,n:96,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B88~1,0~0%5D,as:%5B88~300.250%5D%7D%7D,%7Bsl:o,t:96,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B33~0%5D,as:%5B33~300.250%5D%7D%7D,%7Bsl:i,t:129,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:181,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1.995085-61697697%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i16%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p.974135-61365881%7C1p1%7C1p21%7C1p3%7C1p4%7C1q1%7C1q2%7C1r%7C1s1%7C1s2%7C1t*.974135-61365881%7C1t1%7C1t2%7C1t3,idMap:1t*,rmeas:1,rend:1,renddet:IMG.qs,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:56 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220324&jk=3184350614233474&bg=!NDelN3PNAAbzJazn0yU7ACkAdvg8WnT4S4-JoT-SLIilzObPNf09apnmX4A4WkGdNPIZB15lw3mHXgIAAABzUgAAAANoAQcKAFBeMSkQA7MdEJYsSvr1_Bf3EbU5q1Opbq3nylSYRzsW5ydalg4UHHsi7oD25aWfaNVRE85ZNITG2HuWQxpSegKsDax1BVu14znAwchGW8aqXpkC32z-Wt701KxB2ncx29XaAM6nGiBuCcESOXJEVBQ0-2k9OUXjS3tWGL-oDz_Rv140J1J2IJ-JgEx81ER6FhYxC16DkuDsa9w7wJgC2GuApTp-vFT9NdHWCRle1GWZ7-zJQ0TbCmLW_Y2NxupNH1YxgE6ghTC9yMJaVUImnC98DiKDbdYhnhfTJJOOXyTtjCydClddexwCb-P8sTHSoVDAhzMHLid35vF6ap6PX7CCmLf5X5OCrFWiAu4jeAbFUEW5YtMxCstEi-O0sq3942G-4TK2cHNVmI-VaxfGf2IikKmPeCuGWYAiJL3P2W7lvKCScQHHgLjgzFXcb0mRos9K90uXq96y77B9AGB1lvUHMz40ayS3doYimFZV8Re0bjK5Ta4Vuz3Z44v0yEMhveG87ZVQzJ0Ug5X6oTPe4kBJ-xduhz_qV4DrTQ5coBbzx5xL8UkO6ufP2dFixRfDr3GdWnxV-34TRdc35zuwjwY_cZ4sDkL94l2rDNn1_VinoQ52bggSyzRbkEQiMZfvFqHam5xp9OloaL1ho5vs-MaCS25g3wDjhLOZYyxmrhOGdPr-E9sMa1P8Vtyn9oLhxCWmXgvXooAvUYP6fWHYi-fmqSsKEpHTURIMsBS69Rnc7Z74CuXYsJPvlCVNWxryryxfQ4iNQp1D2dN5OqcSInqwFbF9gDShE8yasIb-9_dwN_DWtz5x85z05zhj9b2GzCVJk6wcwom2WAoXfUH17SpQN8Opl7myNKIJIxr8IJhdKbWf5MrGq_Gwnj6cwdR5N3K-6bfu3eiEbWlLdFkwK2fcVZFPx_Mg0tiV0jzq7iY0oO3qa5pE3QYbrWkWqDiUPvcoJ4ybvBVUn85FUqO79z5BvSHJde-Wwnc7l3avbQ-6gADoRddW-t72VgSORKPnrLrU4VqgJWaUwZVBh1VVYa8ySBeAaC5zPo2vWeVL-XRnfeoTqJ9tilLr99BsZcERgnQ3bQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=b594bdda-c9c7-30cb-171d-ebe628589393&tv=%7Bc:8dGT0t,pingTime:1,time:2735,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:1734%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1001,o:1734,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1729~0,1~100%5D,as:%5B1730~728.90%5D%7D%7D,%7Bsl:i,t:1734,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.995085-61697697%7C1i11%7C1i12%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m%7C1n%7C1p.974135-61365881%7C1t.974135-61365881,idMap:1i1.e3572ffa-e68d-39b8-08dc-b3dfaf959768.41_10933%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:56 GMT
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=995085&asId=b594bdda-c9c7-30cb-171d-ebe628589393&tv=%7Bc:8dGT0u,pingTime:1,time:2736,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:20%7D,%7Bpiv:100,vs:i,r:,t:1734%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:1002,o:1734,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:20,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1729~0,1~100%5D,as:%5B1730~728.90%5D%7D%7D,%7Bsl:i,t:1734,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:200,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.995085-61697697%7C1i11%7C1i12%7C1i2%7C1i3%7C1j%7C1k%7C1l%7C1m%7C1n%7C1p.974135-61365881%7C1t.974135-61365881,idMap:1i1.e3572ffa-e68d-39b8-08dc-b3dfaf959768.41_10933%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:56 GMT
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 29 Mar 2022 04:02:58 GMT
server
nginx/1.18.0
content-length
36
content-type
application/json
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/ 		36 B
130 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=037AA113CC9843B28CC0F80698867D8A&time=1648526577987&location=https%3A%2F%2Fivona.ua%2F&referrer=&is_flash=0&session_id=546649480&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=holder&param1=~cm_timer~&param2=5&param3=1200&param4=3888&param5=7&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 29 Mar 2022 04:02:58 GMT
server
nginx/1.18.0
content-length
36
content-type
application/json
bca7f6fc668870f441699d6abb73a65a-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
i.ivona.ua/i/62/66/64/9/6266649/image_main/ 		204 KB
205 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/62/66/64/9/6266649/image_main/bca7f6fc668870f441699d6abb73a65a-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-64.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
825464b78676d5467ef0c55dce7aefa615ade53767137152561a3b016b3fc87e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 28 Mar 2022 15:16:38 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 28 Mar 2022 15:16:38 GMT
server
AmazonS3
age
45982
etag
"4c54791deae778842d8e077ce8354267"
x-cache
Hit from cloudfront
x-amz-version-id
aNNI40ZZaUecDj6gF1gfe2vmt51hLCkB
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
208905
x-amz-cf-id
yHaepKmCoOb_kF79vzslnDzRw02JmQ7pbmw3Sfl5MTPdUcZlMluMUg==
dt
dt.adsafeprotected.com/ Frame B414 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=10933&asId=e3572ffa-e68d-39b8-08dc-b3dfaf959768&tv=%7Bc:8dGTP3,pingTime:5,time:5311,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:217%7D,%7Bpiv:0,vs:o,r:l,t:263%7D,%7Bpiv:100,vs:i,r:,t:310%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5001,o:310,n:263,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:217,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B57~1,0~0%5D,as:%5B57~728.90%5D%7D%7D,%7Bsl:o,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B47~0%5D,as:%5B47~728.90%5D%7D%7D,%7Bsl:i,t:310,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:188,fm:t1rjv4u+11%7C12%7C13%7C14%7C15%7C16%7C17%7C18%7C19%7C1a%7C1b%7C1c%7C1d%7C1e%7C1f%7C1g%7C1h%7C1i1*.10933%7C1i11%7C1i12%7C1i13%7C1i14%7C1i15%7C1i2%7C1j%7C1k%7C1l%7C1m%7C1n%7C1o%7C1p.974135-61365881%7C1p1%7C1q%7C1r%7C1t.974135-61365881,idMap:1i1.b594bdda-c9c7-30cb-171d-ebe628589393.48_995085-61697697%7C1i1*,rmeas:1,rend:1,renddet:IMG.qs%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.26.244.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-26-244-156.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 29 Mar 2022 04:02:59 GMT
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 function| structuredClone object| oncontextlost object| oncontextrestored number| H_DEV object| holderPlaces function| holder function| gtag object| dataLayer function| $ function| jQuery string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| ABNS string| ABNSh object| ABNSl object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad function| Popper object| hb_dmx_res object| bootstrap object| jQuery11240764864589070696 function| setUMHBibbCode function| loadUMHBranding function| admixerLisBrndMsg function| runZoneJS object| UMH function| ABN object| pr number| pos string| k number| v object| e object| b function| lazyload function| LazyLoad function| phnx_frontend_get_var function| phnx_article_stat_view_complete function| phnx_article_stat_view_add function| md5 object| toastr function| phnx_set_data_message function| phnx_notice function| phnx_notice_session_save function| phnx_notice_session_start function| phnx_scroll_to object| name288now object| FB boolean| admixerLisBrndMsgSet object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| google_tag_data string| GoogleAnalyticsObject function| ga string| google_user_agent_client_hint object| s object| p string| bn_url object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| html2canvas function| _open number| tns_already object| tnscm_adn string| tnscm_pak object| cm_events object| regeneratorRuntime object| mwayss object| loadedBanners string| scr object| div object| x number| len undefined| newScript function| getApuID object| APC object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID object| shownAds7161 object| initRtb1648526572779379090 object| result string| key string| apuid boolean| initVisitTime object| logVisitTime number| sessionPageview object| sessionData object| googletag function| setImmediate function| clearImmediate function| Achernar function| idCoreOnReady function| tnsOnStatResult object| IDCore object| __cm object| _mgIntExchangeNews object| IdealmediaInfC1211636 function| IdealmediaCContextBlock1211636 function| IdealmediaCMainBlock1211636 function| IdealmediaCInternalExchangeBlock1211636 function| IdealmediaCRejectBlock1211636 function| IdealmediaCInternalExchangeLoggerBlock1211636 function| IdealmediaCObserverBlock1211636 function| IdealmediaCSendDimensionsBlock1211636 function| IdealmediaCRtbBlock1211636 function| IdealmediaCIframeSizeChangerBlock1211636 function| IdealmediaCContentPreviewBlock1211636 function| IdealmediaCResponsiveBlock1211636 boolean| mg_loaded_466737_1211636 function| pbjsChunk object| pbjs object| _pbjsGlobals function| Swiper object| banner7161_1648526572779379090 object| banner1648526572779379090 function| CrossDomainStorage object| onClickExcludes function| mgReject1211636 function| mgLoadAds1211636_0a3c9 function| IdealmediaCReject1211636 function| IdealmediaLoadGoods1211636_0a3c9 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint466737 string| _mgPvid boolean| _mgPageView466737 boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgRequests object| GoogleGcLKhOms object| google_image_requests

116 Cookies

Domain/Path Name / Value
ivona.ua/ Name: b
Value: b
ivona.ua/ Name:
Value: store.test
.cdn.umh.ua/ Name: AU
Value: 6034be5065608541
.admixer.net/ Name: am-uid
Value: 98b8df611fd045c68d9c8d6855a92441
ivona.ua/ Name: am-uid
Value: 98b8df611fd045c68d9c8d6855a92441
.ivona.ua/ Name: __gfp_64b
Value: 4A8rou0YZibwa3V1ArSLsyUdxPlruNx3MCji8eS7RL..p7|1648526572
.ivona.ua/ Name: _ga
Value: GA1.2.865945863.1648526572
.ivona.ua/ Name: _gid
Value: GA1.2.350001041.1648526572
.ivona.ua/ Name: _gat_gtag_UA_206274582_1
Value: 1
ivona.ua/ Name: cbtYmTName
Value: 0qnwu7bw6PCxseOz4bG35bHh6+vr5+Dg8K/r
ivona.ua/ Name: lapuid
Value: e0f56bea-2b5d-43f6-8da9-ba8578653ecd
ivona.ua/ Name: session_id
Value: 6cd0e4a5-d984-4d13-b7f8-9a0f01800667
ivona.ua/ Name: session_pageview
Value: 1648526573.1
ivona.ua/ Name: site_visited
Value: 1648612973.1
.hit.gemius.pl/ Name: Gdyn
Value: KlGYJRaGQMQGKxUQx5SPBasissGMXP8c25nSGutBVCLBFRxSL8_nnGGfGSfmHBExSQGgr2xaG0F6Sssa
a4p.adpartner.pro/ Name: ivona.ua_ref
Value:
ad.mox.tv/ Name: moxuuid
Value: 3106066f-55c1-4e5f-bfc3-24134808b296
ad.mox.tv/ Name: _mwayss_zone_imp[4730][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[4730][frequencyPeriodEnd]
Value: 1648612972
ad.mox.tv/ Name: _mwayss_imp[15455][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15455][frequencyPeriodEnd]
Value: 1648612972
ad.mox.tv/ Name: _mwayss_camp_imp[4847][frequencyPeriodEnd]
Value: 1648612972
ad.mox.tv/ Name: _mwayss_imp[15595][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15595][frequencyPeriodEnd]
Value: 1648612972
ad.mox.tv/ Name: _mwayss_camp_imp[3877][frequencyPeriodEnd]
Value: 1648612972
ad.mox.tv/ Name: _mwayss_imp[15442][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15442][frequencyPeriodEnd]
Value: 1648612972
ad.mox.tv/ Name: _mwayss_camp_imp[4418][frequencyPeriodEnd]
Value: 1648612972
ad.mox.tv/ Name: _mwayss_imp[15792][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15792][frequencyPeriodEnd]
Value: 1648612972
ad.mox.tv/ Name: _mwayss_camp_imp[4942][frequencyPeriodEnd]
Value: 1648612972
ad.mox.tv/ Name: _mwayss_imp[15362][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15362][frequencyPeriodEnd]
Value: 1648612972
ad.mox.tv/ Name: _mwayss_camp_imp[1954][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[1954][frequencyPeriodEnd]
Value: 1648612972
a4p.adpartner.pro/ Name: apuid
Value: e0f56bea-2b5d-43f6-8da9-ba8578653ecd
a4p.adpartner.pro/ Name: apudmg
Value: 1
loadercdn.net/ Name: vui
Value: 4e9571e2b04c4cfc9ed94169bb1bb5e1
.quantserve.com/ Name: mc
Value: 624284ec-f3adb-49718-d448c
.bidswitch.net/ Name: tuuid
Value: 3a0db163-c932-48bd-84d4-48775b180e5c
.bidswitch.net/ Name: c
Value: 1648526573
.bidswitch.net/ Name: tuuid_lu
Value: 1648526573
ad.mox.tv/ Name: _mwayss_zone_imp[1025][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[1025][frequencyPeriodEnd]
Value: 1648612973
ad.mox.tv/ Name: _mwayss_imp[15459][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15459][frequencyPeriodEnd]
Value: 1648612973
ad.mox.tv/ Name: _mwayss_camp_imp[4847][count]
Value: 1
ad.mox.tv/ Name: _mwayss_imp[15597][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15597][frequencyPeriodEnd]
Value: 1648612973
ad.mox.tv/ Name: _mwayss_camp_imp[3877][count]
Value: 1
ad.mox.tv/ Name: _mwayss_imp[11767][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[11767][frequencyPeriodEnd]
Value: 1648612973
ad.mox.tv/ Name: _mwayss_camp_imp[2282][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[2282][frequencyPeriodEnd]
Value: 1648612973
ad.mox.tv/ Name: _mwayss_imp[15444][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15444][frequencyPeriodEnd]
Value: 1648612973
ad.mox.tv/ Name: _mwayss_camp_imp[4418][count]
Value: 1
ad.mox.tv/ Name: _mwayss_imp[15789][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15789][frequencyPeriodEnd]
Value: 1648612973
ad.mox.tv/ Name: _mwayss_camp_imp[4942][count]
Value: 1
ad.mox.tv/ Name: _mwayss_imp[15780][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15780][frequencyPeriodEnd]
Value: 1648612973
ad.mox.tv/ Name: _mwayss_camp_imp[4912][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4912][frequencyPeriodEnd]
Value: 1648612973
.eskimi.com/ Name: __eConsent
Value: 1
.uuidksinc.net/ Name: jcsuuid
Value: Zm14PEJs9chAVPCO48wP
.doubleclick.net/ Name: IDE
Value: AHWqTUlPHOod4H4DTxR4S_t9iVzD1sCdqRTddGU87B_-9q2sjXhq9CD0lYDW64RG_aI
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWJChO1beAfDzARDAuFQZgAvGdACyJjADfz/LHYLnDSh
.adhigh.net/ Name: gi_u
Value: gc0pCHCA15M.AikABlF_09c-_A
.acint.net/ Name: cSyncDp14v3
Value: 1648526573
.betweendigital.com/ Name: dc
Value: mow1
.betweendigital.com/ Name: ss
Value: 1
.adnxs.com/ Name: uuid2
Value: 8446380494489449916
a4p.adpartner.pro/ Name: buyeruid_64
Value: cba59736-afbc-4882-6ae8-3b9bfcc0c97a
a4p.adpartner.pro/ Name: buyeruid_63
Value: 52d114a3-bc6f-460e-6a30-d323a1ff280f
.betweendigital.com/ Name: tuuid
Value: a71929b6-60de-5158-a8b7-46cecaf5c223
.betweendigital.com/ Name: ut
Value: YkKE7QAHblhIxhLKxV9YcjQToUkRAGKzIyrE6w==
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWJChO2kyAA2NdZ0AnZVHLp18ZmjeOfJ7Wl/1Y3c3Xym
.casalemedia.com/ Name: CMPS
Value: 712
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E><swyJd!]tbPl1M>e)ZlrFUfJ+tGXxpOHiLK*8zS?aIOng<XS43kZ9TQk`dY^G^#@JF%nugO%v4VB%nm4.)oPdA
a4p.adpartner.pro/ Name: buyeruid_57
Value: c496122b-ef93-5158-ab1e-7dfcc95cf911
a4p.adpartner.pro/ Name: buyeruid_47
Value: a71929b6-60de-5158-a8b7-46cecaf5c223
.casalemedia.com/ Name: CMID
Value: YkKE7Z46PoB8N0qwNdGtnAAA
.casalemedia.com/ Name: CMPRO
Value: 241
.casalemedia.com/ Name: CMST
Value: YkKE7WJChO0A
a4p.adpartner.pro/ Name: buyeruid_55
Value: 0100007FED844262C307785B024304CC
a4p.adpartner.pro/ Name: buyeruid_53
Value: 0100007FED844262C307785B024304CC
.casalemedia.com/ Name: CMRUM3
Value: 2d624284ed2760CAESEPLFA65zAXwWnX37xhRfv0s
.idealmedia.io/ Name: muidn
Value: m2sRJGgnC32l
.mathtag.com/ Name: uuid
Value: 77576242-84ee-4b00-9ff6-e5ec22d80b65
.ivona.ua/ Name: __gads
Value: ID=6c7be81ad532e759:T=1648526572:S=ALNI_MY_p7rdst6uRI8J1wnSizbXPrwbiA
ivona.ua/ Name: IdealmediaStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1211636%22%3A%7B%22page%22%3A1%2C%22time%22%3A1648526574051%7D%7D
ad.mox.tv/ Name: bdswtch_sync
Value: 3a0db163-c932-48bd-84d4-48775b180e5c
.agkn.com/ Name: ab
Value: 0001%3A6eis4IQsc9hA4PWtzVa4s%2BGrcm5T4faT
.agkn.com/ Name: u
Value: C|0EAAp1UFuKdVBbgAAAAAAAQAHAAAAAAGja7D__x4AAAAAABDqNAAAAAATxVhxAAAAAAoIWR0AAAAAHzbK5QA
ad.mediawayss.com/ Name: bdswtch_sync
Value: 3a0db163-c932-48bd-84d4-48775b180e5c
ad.mediawayss.com/ Name: moxuuid
Value: 3106066f-55c1-4e5f-bfc3-24134808b296
.quantserve.com/ Name: d
Value: EF4BCQHjJYEA
.rlcdn.com/ Name: rlas3
Value: PV+/qJny6t1XyaqZWwUv9zQVgoDvLubWjHegH9wvCyo=
ad.outstream.today/ Name: bdswtch_sync
Value: 3a0db163-c932-48bd-84d4-48775b180e5c
ad.outstream.today/ Name: moxuuid
Value: 3106066f-55c1-4e5f-bfc3-24134808b296
.rlcdn.com/ Name: pxrc
Value: CO6JipIGEgUI6AcQABIGCOndKhAA
ad.adopx.net/ Name: bdswtch_sync
Value: 3a0db163-c932-48bd-84d4-48775b180e5c
ad.adopx.net/ Name: moxuuid
Value: 3106066f-55c1-4e5f-bfc3-24134808b296
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22A97AA21C-E899-48C6-BF80-821A41AF7C4F%22%7D
.turn.com/ Name: uid
Value: 2413684307656907557
ad.invamia.com/ Name: bdswtch_sync
Value: 3a0db163-c932-48bd-84d4-48775b180e5c
ad.invamia.com/ Name: moxuuid
Value: 3106066f-55c1-4e5f-bfc3-24134808b296
ad.vidverto.io/ Name: bdswtch_sync
Value: 3a0db163-c932-48bd-84d4-48775b180e5c
ad.vidverto.io/ Name: moxuuid
Value: 3106066f-55c1-4e5f-bfc3-24134808b296
.spotxchange.com/ Name: audience
Value: 1c954da5-af15-11ec-b03b-11372f1a0406
ad.vidver.to/ Name: bdswtch_sync
Value: 3a0db163-c932-48bd-84d4-48775b180e5c
ad.vidver.to/ Name: moxuuid
Value: 3106066f-55c1-4e5f-bfc3-24134808b296
.facebook.com/ Name: sb
Value: 74RCYk6jhgeXLc8GgoDhw21x
.facebook.com/ Name: fr
Value: 0Hs1mdTjhPnISr3s2..BiQoTs.kx.AAA.0.0.BiQoTv.AWUcq0UdgeI

18 Console Messages

Source Level URL
Text
network error URL: https://h.holder.com.ua/s?ta&bholder_320x100_5759&c1&r28783193&dholder2068016217&hhttps%3A//ivona.ua/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://h.holder.com.ua/s?ta&bholder_320x100_4084&c1&r28783193&dholder1217097366&hhttps%3A//ivona.ua/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
security error URL: https://pa.tns-ua.com/viewability/cm.html(Line 25)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://googleads.g.doubleclick.net') does not match the recipient window's origin ('https://ivona.ua').
security error URL: https://pa.tns-ua.com/viewability/cm.html(Line 25)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://googleads.g.doubleclick.net') does not match the recipient window's origin ('https://ivona.ua').
security error URL: https://pa.tns-ua.com/viewability/cm.html(Line 25)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://googleads.g.doubleclick.net') does not match the recipient window's origin ('https://ivona.ua').
security error URL: https://pa.tns-ua.com/viewability/cm.html(Line 25)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://ivona.ua').
security error URL: https://pa.tns-ua.com/viewability/cm.html(Line 25)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://googleads.g.doubleclick.net') does not match the recipient window's origin ('https://ivona.ua').
security error URL: https://pa.tns-ua.com/viewability/cm.html(Line 25)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://ivona.ua').
security error URL: https://pa.tns-ua.com/viewability/cm.html(Line 25)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://ivona.ua').
security error URL: https://pa.tns-ua.com/viewability/cm.html(Line 25)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://googleads.g.doubleclick.net') does not match the recipient window's origin ('https://ivona.ua').
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
security error URL: https://pa.tns-ua.com/viewability/cm.html(Line 25)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://googleads.g.doubleclick.net') does not match the recipient window's origin ('https://ivona.ua').
security error URL: https://pa.tns-ua.com/viewability/cm.html(Line 25)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://ivona.ua').
security error URL: https://pa.tns-ua.com/viewability/cm.html(Line 25)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://googleads.g.doubleclick.net') does not match the recipient window's origin ('https://ivona.ua').
security error URL: https://pa.tns-ua.com/viewability/cm.html(Line 25)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://googleads.g.doubleclick.net') does not match the recipient window's origin ('https://ivona.ua').
security error URL: https://pa.tns-ua.com/viewability/cm.html(Line 25)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com') does not match the recipient window's origin ('https://ivona.ua').

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
acint.net
ad.adopx.net
ad.doubleclick.net
ad.invamia.com
ad.mediawayss.com
ad.mox.tv
ad.outstream.today
ad.turn.com
ad.vidver.to
ad.vidverto.io
ads.betweendigital.com
ads.travelaudience.com
ads.yahoo.com
adservice.google.co.uk
adservice.google.com
autocounter.idealmedia.io
bgstats.mox.tv
c.idealmedia.io
cdn.admixer.net
cdn.idealmedia.io
cdn.jsdelivr.net
cdn.umh.ua
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cms.quantserve.com
connect.facebook.net
d.agkn.com
dm.hybrid.ai
dsp-trk.eskimi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
exchange.buzzoola.com
exchange.informer.ua
fb37dd78c54424212891d74ad3025faa.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
gaua.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
h.holder.com.ua
i.holder.com.ua
i.ivona.ua
ib.adnxs.com
id.rlcdn.com
inv-nets.admixer.net
ivona.ua
jsc.idealmedia.io
kolobok.ua
loadercdn.net
ls.hit.gemius.pl
match.new-programmatic.com
mts0.google.com
odr.mookie1.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.adsafeprotected.com
pixel.quantserve.com
pixel.rubiconproject.com
prebid-eu.creativecdn.com
prg.smartadserver.com
px.adhigh.net
r.turn.com
recreativ.ru
rtb.openx.net
s-img.idealmedia.io
s.uuidksinc.net
s.zmctrack.net
s0.2mdn.net
securepubads.g.doubleclick.net
servicer.idealmedia.io
source.mmi.bemobile.ua
sslpagestat.mmi.bemobile.ua
ssp-rtb.sape.ru
stackpath.bootstrapcdn.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.mathtag.com
sync.search.spotxchange.com
sync.teads.tv
t.trafmag.com
tpc.googlesyndication.com
unpkg.com
us-u.openx.net
ww251.smartadserver.com
www.acint.net
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.cdn.umh.ua
103.229.206.241
104.16.199.73
104.89.28.165
136.243.84.74
141.95.66.118
142.250.181.226
142.250.184.194
142.250.186.130
142.250.186.134
142.250.186.66
143.204.215.64
143.204.98.18
144.76.118.233
146.0.227.110
146.59.30.104
157.90.179.218
167.71.9.19
185.180.223.67
185.184.8.65
185.187.81.40
185.33.221.15
185.86.137.114
185.86.138.121
185.94.180.125
190.2.151.10
190.2.153.150
193.200.65.5
193.232.150.68
193.29.200.142
193.29.200.162
194.247.175.19
194.247.175.26
194.247.175.38
195.201.243.71
2.18.234.21
2001:678:cb4:bbbb::11
212.8.250.83
217.65.2.150
23.111.200.118
2600:9000:2246:cc00:8:48e:53c0:93a1
2606:4700::6810:125e
2606:4700::6810:5614
2606:4700::6810:7eaf
2606:4700::6812:acf
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:80:807::2
2a00:1450:4001:800::2003
2a00:1450:4001:800::200a
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2006
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c06::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
3.124.249.183
31.220.27.134
34.120.139.69
34.98.67.61
35.186.253.211
35.190.0.66
35.244.159.8
35.244.174.68
37.18.16.23
52.26.244.156
52.29.167.104
54.155.69.185
54.37.238.28
54.38.197.123
54.73.39.178
69.173.144.139
78.159.118.240
91.198.36.26
91.198.36.35
007d95e83b813a6354f3308188fc514c79070647c53f1e61a08b23debcce50b8
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
01cbb105faef1373e9d53ddc5e62c9c7b5f66cbc64c2c045a3daec0328b831e6
05629dc66c729c5123326a21d8833779720da0714aac4d6c03a20e5830fadc7e
06e45edfd9b21f54f5f8b18c9036355fa9a7844a7867caebd0363fe4b8cf3077
0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7
0862b2b7a0f842e3721727ad3c1c1587dea2456187d44800d374c1936749afb5
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f
0a112e85ed2edc04d844b8cc32954409644f5d99f557cca61b4b8b171764d81d
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd7c3682f9b8f21c91a78027d27190c46253893c3486de582ceac4612f94fa2
0c1564d6e5e5ed7e23f57a70f81fe67535a765574f375192f022ea8c4cbdec71
0c816db78c9677581e1a5944e4822496ff397e2fdba0df34a2f809b49562f3cf
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0e1335803c3991eec989177e5267914f4945ab34b49ed762106be5b47d79ae5f
10170c539294ae2894b51415541b5f8ec5d973447f88fa42a0507ee2c5ec162b
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10a42ee3fda60eabd130443f980087bf6713c6c6783795c9eed0bdbeb5f17a43
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1292a4b14a8a253fa80fc34fd6f1f73df6e81020fe98b5af62f11c3e9999c833
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
1558ea296d11c7a4fd4d49002715e26626ba334d5588be62c3a37beed9fa606c
158a521224d4472b08585062dca8bffd492975c13baef608bed3534a75c2b6b8
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
1713a1dc09693d01f4724c48cfaab88da8b9a434a417bfc33be94f6e566fa731
17c937d3517a31144e4f19b86034091a13c2821d2dfb94e38fc98e3e4b609644
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1aa6cd2f6a79dc1eb078f7556470e21ca2e75b73725093bf027aa9fb42c2e9fe
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e2fdfc8f14c1d5239ab5d1d388955f987ae940753213a89265c083af8aee570
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
24b8dee038e42eb0a35f5f2250385a6e7821a0410a4c55f4afaab79dad56b470
258648f036b2724ed8b9868d5e04d05d6f76b6a9aed313da504c76e436a127c8
25b0fe5e4814493293472cc355470e569019b4392697bf1704e9f18da39f16b7
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29f319db920127c3cf6882a7c8bae4705d2022717834f5850b19bba16e5304b2
2a5ffc4b5364d3c9b497b0358cec59b47658cdbb7455e840977d80dffcc4c37b
2c87d3e2f818ba84a6d76a422499b997d743c05d936adfd84539290a8f0fec42
2cb6aa168491f0d76255839ccbed19fba4f560bcf0b95aea1dc84aa257ac685c
2cf4688d523276511fac7912d3b9ab38ab205c61da7d4c75072bcc5f92683a44
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
30b2aa4d03886eb2eda080aeb4e7863f242d5945ad7d1b0e82c6ce364a2d2f45
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33ba16e1b1d8a7bd9b5fd855dbe3db459460d39b818944c98fa56efc03d04070
33e16199d9717148e8043208cda7ac30a9140610e98aaab2d6ac8bfd8a6e5e74
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
36e8435564fbeaa59d7c1b052cc8297092a2fce7471d86976777f7027daef8a5
38f0551a9127dc092f8f3033f3a600deb8c19c55bf4cc981201fdedd4a61f4d6
38fcab1d4b133bc615f84556edfd9610f12005922a41a3d1f68fd8bcff359e7a
3a3548844d6ef8052c0ba5224cce751e398e05d6bd972aa13da90628aa9bb9cc
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
41b7f4ef86f2344e72da822fe79265700ff1bf3361450a02ab4397ff1a5eb040
42f0036ed1523d990f4fdcedf7a7c19e47ca4ee579adf74a1a4e8a20a9fa9c4c
44340c836637045fb006301a4d8c73d02e6c3df9c65454f4d434c7921fd14c92
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
4799b1cb5c9dc44f6d184bff5024455090b6b4bcd00a8f16ae2b43d84ea852fc
47ce51c3069cb0507187cde559f47c88e1593ec71d745cc4c4a3dcd204b28023
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49bf127b8aa313b260af91ab55a98cab24fcdef75b3a1790d2463b05e28bc452
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4a6be2093e3e0effead5f267e134429c4645c7a98141e4b47dc025e9a2d069a7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8b1f7b6bd6c8a628ea7352e4b7865dfcce9d5068ddfc6e57a403d055483bf4
4bdcb4278670deec323fd239bda3e1be5e8e29a5d8fcf55b8c8f5828d54c9041
4d59a8b7cb8e999393a65c1c51a6af58b6798fb50d27bc5b4fe97c782697658e
4dc4ab2d89fc387fd172e2415cccc96ad1bf124696a54c81c43677be51e44780
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
4f98188ccc14e9a5390a01c8d676ab9699e41e1a8f593a2d974f9413225be4d1
503a1dd70b8b9c286875f5f7de72bce93c664b79f3fcfeefa1150d2384df33a0
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51963d3074e03b274597ec8a657697e989d104197d060d7f71e4df8971c25edb
54307fa49935b3477a3714cf18f290722cd1436330847d07fa2eb99ac061250f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff
57390a59a4e6bc139c12e476c0811a97ba27438d8281070035d778f336ddb30c
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5980440538506168aeab524e11d7566397592005bfb4c57bdd670f1d3441c061
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5f5b90fdfc7080e5555801ee7b2e34f670f9ba62a00081f37e6e309ff33c0977
6056ffc424715134bc8cb5583ce0af5e2bb6c2eb772550a0519e1afd163eb4d6
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
65f22d8aa0690bd9cf8ffe5d68e5f6866b05ed8fc6f6c9083b996c1b3c4c75f4
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6945983d5e68de3c9ce6544a33846d85fccd7ba45195e506e9784330377aae8b
69f2ffc26aab7a76d52a5d390dc41fb7229f0e9c7ada33f45d50a192f031577e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bdc397f15aaf13d1d53fa82dc2b2b44fb65561176562d0f46e7cfd2e277b6b6
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
70bfc1c96f8c5227c62c6e519741e52083222743d6d55ae2887ff3cc20d16d10
72f3e79de2c309bf00c759747335460c1e0c7100fc1ff8446a475b4584a7efcb
7337a38ce3a732e5243bd354ad12d96b4d5512e283a8dd70d129b730d7a5d3d3
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
73bbba217d6d927ae0828869cb80b9cb4d1b482ba845dae54c55e37b6e7caa7d
759834b7316b31b838b427955065153b2eda46f8022fe1e0892323f599d6947e
75b250119bfa62ae30cffa47f67c637e7429de07a5b7758fcca0c4942c7bb2d9
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b
76e49115526453de96a772c70c6c021b844fde78b5aa5a467b40c33c0dd8f783
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7a3e2211e9bf114d049bb17ffdab66a889f20a55770d462a3136b573e23c439c
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7aaac6438548344f8d37e6c1612c33e7cf2385f49906089a00b5eab707be6e9b
7b4b07d23354c543dc43e161b5abe841f026ebaf1d53ac0cce0e3884b970f871
7b8e36274e8930a38a94c85117c749376c2a1d7a219fe1558e2a58dd39e9e1dd
7d0439ce0023de30b240f896e1057c5c8b4bacb347b428be259ef0881bff048d
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
7f77d5733f3174af38e674d28c0529846df53983d2e49bbef949b8f26c5bc2cc
813e00e93ee3876232674bfb1e27eebbeebc4a9494fbe02aff87c00aa6834ee9
8233613c0e307e4d2e9c46e7b33888ec40c835a2eec32b8b39233338aa478fb2
825464b78676d5467ef0c55dce7aefa615ade53767137152561a3b016b3fc87e
83dc9d5f6403b50388c76777b5ccba100981b4257b0c9d6924815ad1efe91171
86a676d25a23c478b5064a3f6d9275179f67de2bbebe1bfa842719f73658650a
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
88d047024f1b28ecf53b8256093ae46cc8d966a019ff477dd624a20443429d0f
88ead3fa2ff6d9e978c921ed0f52ab854e56a5267aa0452056f945a45d2a6c45
8c49566661e25a56098710ae7c23c306a8cd94bf3ac3614686aa7f9a3afb1c32
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a
8e5fe001221e86b18e5a98fc712b7f89176932b342e7daca7ce4612e5c84ff51
8fc1968b29dece9ab454a19447e2ba9565358032217a6b3b9fe2f8b25e0c209e
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
935d1594cbece7e708bb5160426c7b718609bd05f3c7eef1a96ac725e41cbbdb
944dda9c01ac7ea7c9fce5328675ff966c6b8d45c77885503e4cdfd3bba3cb1c
97067fdf89f4fc70caa40e1039c811b53a8ae5fdee20a509d5b38a8bc132e2c2
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac
977d7a1f66defb437e71c15dab19d4fdd7cc0d4ad9da121d26e4436b7c8a97eb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9e3110485bd099564f5c6cf51aa0e7bf1e946149b2dbdc3e65dcdcbae229efc3
9e770586901ced365e1f42f570a51ce172b5bead7d3c2d650d56171270236fb6
9ea2b1bc53a99795110fda3c9c7777868faa878c496901d039df158cdebc70a7
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10e7064bf6a788c67304be2dacba454fca986a3bac0d0de71c79fb6a54bd1bc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5961f80bc208ec79cddf49a4f44a82e10ed501c2f521344d5c9b5c7ec85ecf6
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abda83b7b0fcad530a82341fef5a3b7acdfa13778c13debf5bddcc21beea49c5
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b399c2ff396c7d23f6bdc690036432a15802497213cf91eef69fb7af31c8c896
b431f1335351d5a4c3c5d86c2a2d9e33bfe2394d887e7f7d66b7273b800f61b2
b4401a7763fab4e88135158911f68155723d4064a51740d9b4a89446fe98a077
b6ce302111de6cc0467e584ea54cd79e186e2c2d2872c1809ff7548ed750ce96
b851983f5b99268f891f1394f605a078c312767000fcce82ad43a2becac56b6e
b9bf5688337b06cd543a8a58b89ed9b1ec6f7c96a5fd201e441733f20cf57acf
bbe867aea6b6027b76950eecaa41a0bb32c01b2dce3ecce2495ab88d13665877
bddaef7995c0a4e0354c95353ff162e49369530106b69d2ae955992013afd029
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
be705c134d98e7a215275e82ed9d928f4361b65143517f9809ae1c9e113eeb42
c1088fc8df45d28a28dd65a0b4ad3022be4eda0cb84458c81e47ebc77824ec11
c228cfe6b3ebb46f183eda1d08be68dfc80fd7680ce97ec6daef9b3d81f52b44
c235bdd0da66fcda9675dcddac554bcd92ea32c66c459896714ac298146a9fe5
c30b014e3192d3d0d52b07e96b08e53ae72996798717bd8a46eeecfb353e7f16
c3d225028d2ce32ffa49d917311a6b6d1df60e099f5cd095d44dd4985576d390
c793af0237e8d9a063ca6e4a0483e2dfcc0aeb30e7b4df8bd8d0b3f0e0506309
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ca18a695aa649c8be202136c7e83fe201f90b7c3391d45fbe971689d9bb3ebcd
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd00440f6da93229b6f0fba9599508cf1e3abe53ab8aa61f5f0f929f32ef79d2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf85b18454160224995c4f521a926909f8cbfdfc2a3182580b1d3223562f8f2f
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3d194f07bacec16b798ed587e9efdbc8f37507f6a5f1c236c2a3de4c2ec892c
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d6889aa46851f9cd1eff8a5e83237b23d51ce586fd1f41c4f45258801721463e
d721aacf97121ed8355b0991047479a563cce60dc96b29a61a52b3cfff931d98
d9c622624aefa41bebd149c7eb7af2d54d490b5b2e88c6b316e4ef38a8d9cc51
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0258e66eddc5ec291e7b9089c7c1897ae1b38c693f5627aaa3911f83d83d26e
e09b2dd8838df37e9abab83c276821dce1d4484bf03e0b2d6bdea6a454e8657d
e0aa33565d329e1218a6d190b0aa8c20e73d637429df09713949330e4632d7cd
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e26c83c0f3b5248b7d703fa1d78eefa161766cf1c5514d0bd59030746b711abf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e573b3438610358a1fa5b58b55cb9936be23e27b6e55793d7fbb01e4105c1671
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6a0e1abeb86c143068b8084dfac81424d053f366cc996bcb841e415100751d1
e90c6c2f3570b956300fc428598718475bd34e65dfde3a934da9249ef109c3e0
ea01beb73825d049675e46d49cd6031859f94de42e559ce9b42e109e8bd37863
eae815dc1973e970d8e5d40774e27ca32b2ad24dd5ad0a5dffd863d0c40e4655
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d8df5d1e57c625a957971d571a7dbccff3ac747d4797e6c1830b630141cdc7
f464a37673a9d21587d7935623937d9ee4827ad588cb50b6c359c171dfab9c10
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fdee4b804d836555ae9361f5319feb7ad8aaf8e4d4cae9a48a92bbffd675da56