wona.com.ua Open in urlscan Pro
31.131.28.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://wona.com.ua/
Effective URL:
https://wona.com.ua/
Submission: On December 12 via api (December 12th 2022, 7:29:51 am UTC) from GB — Scanned from GB

Summary HTTP 88 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 18 IPs in 5 countries across 13 domains to perform 88 HTTP transactions. The main IP is 31.131.28.81, located in Atlanta, United States and belongs to VPS-UA-AS, UA. The main domain is wona.com.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 2nd 2022. Valid for: a year.

This is the only time wona.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	31.131.28.81 31.131.28.81	56851 (VPS-UA-AS) (VPS-UA-AS)
4	2a03:90c0:41:... 2a03:90c0:41:2801::62	199524 (GCORE) (GCORE)
15	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
13	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	137.74.6.209 137.74.6.209	16276 (OVH) (OVH)
11	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
88	18

21 31.131.28.81 (Atlanta, United States) 1 redirects

ASN56851 (VPS-UA-AS, UA)
PTR: 81.28.131.31.uavip10.twinservers.net

wona.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro

file.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	439 KB
21	wona.com.ua 1 redirects wona.com.ua	540 KB
16	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 9870 file.adpartner.pro — Cisco Umbrella Rank: 384628	47 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	2 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	36 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	82 KB
4	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 49798	84 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 7344	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 11213	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	47 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 840	696 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
88	13

	Domain	Requested by
21	wona.com.ua	1 redirects wona.com.ua
15	pagead2.googlesyndication.com	wona.com.ua pagead2.googlesyndication.com file.adpartner.pro googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	a4p.adpartner.pro	wona.com.ua a4p.adpartner.pro
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com
4	cdn.admixer.net	wona.com.ua cdn.admixer.net
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	file.adpartner.pro	wona.com.ua a4p.adpartner.pro
3	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	www.google-analytics.com	wona.com.ua a4p.adpartner.pro
2	counter.yadro.ru	1 redirects wona.com.ua
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	wona.com.ua
88	17

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
wona.com.ua Sectigo RSA Domain Validation Secure Server CA	`2022-03-02` - `2023-03-12`	a year	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2022-06-08` - `2023-06-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
adpartner.pro R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://wona.com.ua/
Frame ID: D13996315575D3623D65E6DD1E07879C
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Frame ID: 2841DD1B52F06CC5277D772414228E7F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2561805517948093&output=html&h=120&slotname=4274494260&adk=1936529174&adf=730284512&pi=t.ma~as.4274494260&w=980&lmt=1670830185&format=980x120&url=https%3A%2F%2Fwona.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670830185308&bpp=4&bdt=553&idt=213&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&correlator=2537657187444&frm=20&pv=2&ga_vid=1770991966.1670830186&ga_sid=1670830186&ga_hid=1094424329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=374&ady=550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C31071220%2C44779793&oid=2&pvsid=1259025836945517&tmod=1831263842&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fPwhXcgP6s&p=https%3A//wona.com.ua&dtd=233
Frame ID: FA31821379C5E665FC22CBD1BD785858
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2561805517948093&output=html&adk=1812271804&adf=3025194257&lmt=1670830185&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwona.com.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670830185359&bpp=2&bdt=605&idt=195&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x120&nras=1&correlator=2537657187444&frm=20&pv=1&ga_vid=1770991966.1670830186&ga_sid=1670830186&ga_hid=1094424329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C31071220%2C44779793&oid=2&pvsid=1259025836945517&tmod=1831263842&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=205
Frame ID: A9B2848203E3468FAE33BC5012A23D35
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Frame ID: 93054CBA4E7A0E5A80BBEA8953D626B2
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=1f0835c2-b40a-4ced-b12b-671a8b69b581&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F&referer=
Frame ID: ED3F2BF9AE4D5D3D9829AB32899F5EDE
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=5023&apuid=05697699-4eea-40d6-a442-2c351167b038&session_pageview=1&session_id=1f0835c2-b40a-4ced-b12b-671a8b69b581&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
Frame ID: 116A51EA004D7CCC8E5F8A1D42615AFD
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=5289&bannerNum=50627580123927430&apuid=05697699-4eea-40d6-a442-2c351167b038&session_pageview=1&session_id=1f0835c2-b40a-4ced-b12b-671a8b69b581&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
Frame ID: B54C40C2E7757EA3FF4AA1E0E420F012
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252205697699-4eea-40d6-a442-2c351167b038%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297844%252C%2522rule_id%2522%253A209962%252C%2522show_id%2522%253A%2522e13c3fe4-4dc5-4dd2-8059-940b977220bb%2522%257D%255D%252C%2522unit_id%2522%253A5289%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e13c3fe4-4dc5-4dd2-8059-940b977220bb%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwona.com.ua%25252F%2522%257D
Frame ID: E816E355E43320E0E2CE448AEF3BD34A
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252205697699-4eea-40d6-a442-2c351167b038%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5023%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fwona.com.ua%252F%2522%257D
Frame ID: E34A58DDFA2E34FEF37C9FE9C6ABFE5F
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2297/2297844/wona.com.ua_160x600_br11.html?content_width=1190px&background_size=2077.090909090909&top_padding=0&side_width=205&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fbackground_empty.jpg&unit_num=5289_50627580123927430&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F5289%2F2297844%2Fe13c3fe4-4dc5-4dd2-8059-940b977220bb%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjcwODMwMTg1LCJzaG93X2lkIjoiZTEzYzNmZTQtNGRjNS00ZGQyLTgwNTktOTQwYjk3NzIyMGJiIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiMDU2OTc2OTktNGVlYS00MGQ2LWE0NDItMmMzNTExNjdiMDM4IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D60de1848f821a0406606690622280182
Frame ID: 4BD2E4EA3C9E576164DAD3059D50EE32
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252205697699-4eea-40d6-a442-2c351167b038%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297844%252C%2522rule_id%2522%253A209962%252C%2522show_id%2522%253A%2522e13c3fe4-4dc5-4dd2-8059-940b977220bb%2522%257D%255D%252C%2522unit_id%2522%253A5289%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e13c3fe4-4dc5-4dd2-8059-940b977220bb%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwona.com.ua%25252F%2522%257D
Frame ID: 75A9D9C1F372246AE26A212F4079AA7E
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252205697699-4eea-40d6-a442-2c351167b038%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297844%252C%2522rule_id%2522%253A209962%252C%2522show_id%2522%253A%2522e13c3fe4-4dc5-4dd2-8059-940b977220bb%2522%257D%255D%252C%2522unit_id%2522%253A5289%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e13c3fe4-4dc5-4dd2-8059-940b977220bb%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwona.com.ua%25252F%2522%257D
Frame ID: EA3BA232A545EEE7492948A7A0CA9FE2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_1&adk=2212855638&adf=2310543995&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1668719315&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_50627580123927430%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fe13c3fe4-4dc5-4dd2-8059-940b977220bb%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjcwODMwMTg1LCJzaG93X2lkIjoiZTEzYzNmZTQtNGRjNS00ZGQyLTgwNTktOTQwYjk3NzIyMGJiIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiMDU2OTc2OTktNGVlYS00MGQ2LWE0NDItMmMzNTExNjdiMDM4IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D60de1848f821a0406606690622280182&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670830186326&bpp=12&bdt=168&idt=272&shv=r20221206&mjsv=m202212010101&ptt=5&saldr=sa&correlator=7749646703214&frm=22&ife=1&pv=2&ga_vid=398067507.1670830187&ga_sid=1670830187&ga_hid=1694142742&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=676310700&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071167%2C44779793%2C44778740%2C31071260%2C44778767&oid=2&pvsid=3821376918664240&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.i5xtk6ut74bh&fsb=1&xpc=1CXc1Rf6oX&p=https%3A//file.adpartner.pro&dtd=291
Frame ID: 94A00525748B0C2F1D8A0362665EFA27
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_2&adk=3600042394&adf=162286152&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1668719315&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_50627580123927430%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fe13c3fe4-4dc5-4dd2-8059-940b977220bb%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjcwODMwMTg1LCJzaG93X2lkIjoiZTEzYzNmZTQtNGRjNS00ZGQyLTgwNTktOTQwYjk3NzIyMGJiIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiMDU2OTc2OTktNGVlYS00MGQ2LWE0NDItMmMzNTExNjdiMDM4IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D60de1848f821a0406606690622280182&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670830186342&bpp=2&bdt=184&idt=287&shv=r20221206&mjsv=m202212010101&ptt=5&saldr=sa&prev_slotnames=wona.com.ua_160x600_br_1&correlator=7749646703214&frm=22&ife=1&pv=1&ga_vid=398067507.1670830187&ga_sid=1670830187&ga_hid=1694142742&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=676310700&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071167%2C44779793%2C44778740%2C31071260%2C44778767&oid=2&pvsid=3821376918664240&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.vkqchy55vagb&fsb=1&xpc=4fTNyilWos&p=https%3A//file.adpartner.pro&dtd=293
Frame ID: C775CE17AD51A493D24F9A6E473D7408
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js
Frame ID: C9941945885DDC6C2F43A488A7F3D17A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 33E6C3ECB761C8F44510571E76E5326E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3EFC47393F60DA03F0EB57D62E8B659B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B831C479CBB31066F05B2BE5EB56E694
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F28B73E63466EF5DCA1AB3BB6F6684B0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

► Жіночий журнал ВОНА ❤ WONA.com.ua - новини та публікації

Page URL History Show full URLs

http://wona.com.ua/ HTTP 301
https://wona.com.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

99 %
HTTPS

76 %
IPv6

13
Domains

17
Subdomains

18
IPs

5
Countries

1300 kB
Transfer

4170 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://wona.com.ua/ HTTP 301
https://wona.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://counter.yadro.ru/hit?t41.13;r;s1600*1200*24;uhttps%3A//wona.com.ua/;h%u25BA%20%u0416%u0456%u043D%u043E%u0447%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0412%u041E%u041D%u0410%20%u2764%20WONA.com.ua%20-%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0442%u0430%20%u043F%u0443%u0431%u043B%u0456%u043A%u0430%u0446%u0456%u0457;0.9095086900601679 HTTP 302
https://counter.yadro.ru/hit?q;t41.13;r;s1600*1200*24;uhttps%3A//wona.com.ua/;h%u25BA%20%u0416%u0456%u043D%u043E%u0447%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0412%u041E%u041D%u0410%20%u2764%20WONA.com.ua%20-%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0442%u0430%20%u043F%u0443%u0431%u043B%u0456%u043A%u0430%u0446%u0456%u0457;0.9095086900601679

88 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
wona.com.ua/
Redirect Chain

http://wona.com.ua/
https://wona.com.ua/

112 KB
19 KB

208ms
69ms

Document
text/html

31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed / PHP/7.3.33
Resource Hash: 6679bdd7caedc990e14db8455c9605b510e118a92ee5f6d5060c5b61ef9757b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 18815
content-type: text/html; charset=UTF-8
date: Mon, 12 Dec 2022 07:29:44 GMT
etag: "2489612-1670750902;br"
link: <https://wona.com.ua/wp-json/>; rel="https://api.w.org/" <https://wona.com.ua/wp-json/wp/v2/pages/5798>; rel="alternate"; type="application/json" <https://wona.com.ua/>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-dns-prefetch-control: on
x-litespeed-cache: hit
x-powered-by: PHP/7.3.33

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Mon, 12 Dec 2022 07:29:44 GMT
location: https://wona.com.ua/
server: LiteSpeed
vary: User-Agent

GET
H2 200 webfontloader.min.js Show response
wona.com.ua/wp-content/plugins/litespeed-cache/assets/js/ 12 KB
5 KB 69ms
68ms Script
application/javascript 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wona.com.ua/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: 6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:44 GMT
content-encoding: br
last-modified: Sun, 27 Nov 2022 18:04:57 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
content-length: 4649
expires: Sun, 12 Mar 2023 07:29:44 GMT

GET
H2 200 bfef4edc09a856e0f6f53550791beefe.css
wona.com.ua/wp-content/litespeed/css/ 1 MB
184 KB 69ms
69ms Stylesheet
text/css 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wona.com.ua/wp-content/litespeed/css/bfef4edc09a856e0f6f53550791beefe.css?ver=6cd30
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: a5655fe77c6fcf660b7b84b20f2dc78f8d68dccf3def39c02df75cf601c6f87d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:44 GMT
content-encoding: br
last-modified: Wed, 07 Dec 2022 20:44:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 07:29:44 GMT

GET
H2 200 jquery.min.js Show response
wona.com.ua/wp-includes/js/jquery/ 87 KB
30 KB 139ms
139ms Script
application/javascript 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wona.com.ua/wp-includes/js/jquery/jquery.min.js
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:44 GMT
content-encoding: br
last-modified: Sun, 05 Sep 2021 09:06:59 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
content-length: 30273
expires: Sun, 12 Mar 2023 07:29:44 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 358ms
123ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Mon, 12 Dec 2022 07:29:45 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:42 GMT
server: nginx
etag: W/"6375fd62-2c101"
x-cached-since: 2022-12-12T07:24:44+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Sat, 19 Nov 2022 14:15:07 GMT

GET
H2 200 wonalogo.png
wona.com.ua/wp-content/uploads/2019/05/ 4 KB
4 KB 81ms
81ms Image
image/webp 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wona.com.ua/wp-content/uploads/2019/05/wonalogo.png
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: f8dddc457a0f71f45f3ac6fffa8c69b81559a76bbf2b8162cdf68448d97f49f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Sat, 27 Mar 2021 10:41:17 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3990
expires: Tue, 12 Dec 2023 07:29:45 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 217ms
111ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wona.com.ua
URL: https://wona.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25532787439cba1ca63c2cf96e2baa2ff8e6cb78f808f9db73412867c920e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49455
x-xss-protection: 0
server: cafe
etag: 11274862519834936822
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 07:29:45 GMT

GET
H2 200 e9b0c9d4c26015030e017fdcaa0d3d5c.js Show response
wona.com.ua/wp-content/litespeed/js/ 282 KB
79 KB 80ms
80ms Script
application/javascript 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wona.com.ua/wp-content/litespeed/js/e9b0c9d4c26015030e017fdcaa0d3d5c.js?ver=6cd30
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: 766b7afcec56cda913bd7b027b5888b296add4088f367a54d89073190f4a2d80

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
content-encoding: br
last-modified: Wed, 07 Dec 2022 20:44:05 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
content-length: 80868
expires: Sun, 12 Mar 2023 07:29:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 158ms
58ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:500%7CMontserrat:400,600,500,700&subset=cyrillic-ext,cyrillic&display=swap

Requested by

Host: wona.com.ua
URL: https://wona.com.ua/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c6a7dda53ed1e87ab2356cfb8db2b524abd31d444761239bd1f53a1c190a5696

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Dec 2022 07:29:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 07:29:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Dec 2022 07:29:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 143ms
44ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500%7CMontserrat:400,600,500,700&subset=cyrillic-ext,cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wona.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 11:59:40 GMT
x-content-type-options: nosniff
age: 329405
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 11:59:40 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 30 KB
30 KB 154ms
56ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500%7CMontserrat:400,600,500,700&subset=cyrillic-ext,cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wona.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 16:06:09 GMT
x-content-type-options: nosniff
age: 487416
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 16:06:09 GMT

GET
H2 200 fontawesome-webfont.woff2
wona.com.ua/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/ 75 KB
75 KB 72ms
72ms Font
font/woff2 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wona.com.ua/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/wp-content/litespeed/css/bfef4edc09a856e0f6f53550791beefe.css?ver=6cd30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://wona.com.ua/wp-content/litespeed/css/bfef4edc09a856e0f6f53550791beefe.css?ver=6cd30
Origin: https://wona.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Sat, 04 Sep 2021 21:52:36 GMT
server: LiteSpeed
vary: User-Agent
content-type: font/woff2
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 77160
expires: Tue, 12 Dec 2023 13:29:45 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 21 KB
21 KB 114ms
110ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500%7CMontserrat:400,600,500,700&subset=cyrillic-ext,cyrillic&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wona.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 17:43:57 GMT
x-content-type-options: nosniff
age: 567948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21276
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 19:01:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 17:43:57 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/ Frame 2841 10 KB
5 KB 145ms
45ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wona.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 63260
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 13:55:25 GMT
etag: 10353107486223812946
expires: Sun, 25 Dec 2022 13:55:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 356 KB
117 KB 109ms
108ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2561805517948093&plah=wona.com.ua&bust=31071220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f6a0f88344ac3c1fc4c788facdbfc5736cd335881bc59d98402036979f9a3b2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120024
x-xss-protection: 0
server: cafe
etag: 7581508822585412184
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 07:29:45 GMT

GET
H2 200 media Show response
a4p.adpartner.pro/ 11 KB
3 KB 201ms
63ms Script
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/media?site_id=1236&unit_id=5023
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 3f71c02492d45649f5009cd77647eb94cfb5c4d0c22f8db3b5f529cdb232d30a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t41.13;r;s1600*1200*24;uhttps%3A//wona.com.ua/;h%u25BA%20%u0416%u0456%u043D%u043E%u0447%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0412%u041E%u041D%u0410%20...
https://counter.yadro.ru/hit?q;t41.13;r;s1600*1200*24;uhttps%3A//wona.com.ua/;h%u25BA%20%u0416%u0456%u043D%u043E%u0447%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0412%u041E%u041D%u0410%...

104 B
590 B

76ms
76ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t41.13;r;s1600*1200*24;uhttps%3A//wona.com.ua/;h%u25BA%20%u0416%u0456%u043D%u043E%u0447%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0412%u041E%u041D%u0410%20%u2764%20WONA.com.ua%20-%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0442%u0430%20%u043F%u0443%u0431%u043B%u0456%u043A%u0430%u0446%u0456%u0457;0.9095086900601679

Requested by

Host: wona.com.ua
URL: https://wona.com.ua/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

c8e43d6643c8025468209470469d68f77f11ad7720c324d43e38051603f31b9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 07:29:45 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 104
Expires: Sat, 11 Dec 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 07:29:45 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t41.13;r;s1600*1200*24;uhttps%3A//wona.com.ua/;h%u25BA%20%u0416%u0456%u043D%u043E%u0447%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0412%u041E%u041D%u0410%20%u2764%20WONA.com.ua%20-%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0442%u0430%20%u043F%u0443%u0431%u043B%u0456%u043A%u0430%u0446%u0456%u0457;0.9095086900601679
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Sat, 11 Dec 2021 21:00:00 GMT

GET
H2 200 branding Show response
a4p.adpartner.pro/ 11 KB
3 KB 199ms
62ms Script
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding?id=5289&0.6762479790809395
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 8a2f59c8972ea5a16f4e41eca949158a6d3f8b04ccee5e26affd855afa5c229e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: text/html; charset=utf-8

GET
H2 200 bs-icons.woff
wona.com.ua/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/ 14 KB
14 KB 68ms
68ms Font
application/x-font-woff 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wona.com.ua/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/bs-icons.woff
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/wp-content/litespeed/css/bfef4edc09a856e0f6f53550791beefe.css?ver=6cd30
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: 8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c

Request headers

Referer: https://wona.com.ua/wp-content/litespeed/css/bfef4edc09a856e0f6f53550791beefe.css?ver=6cd30
Origin: https://wona.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Sat, 04 Sep 2021 21:52:36 GMT
server: LiteSpeed
vary: User-Agent
content-type: application/x-font-woff
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 13852
expires: Tue, 12 Dec 2023 07:29:45 GMT

POST
H2 200 collect
www.google-analytics.com/ 35 B
437 B 152ms
52ms Ping
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: wona.com.ua
URL: https://wona.com.ua/wp-content/litespeed/js/e9b0c9d4c26015030e017fdcaa0d3d5c.js?ver=6cd30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wona.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 07:29:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://wona.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dasha-kvitkova-368x441.jpg
wona.com.ua/wp-content/uploads/2022/12/ 25 KB
25 KB 377ms
76ms Image
image/jpeg 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wona.com.ua/wp-content/uploads/2022/12/dasha-kvitkova-368x441.jpg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: 642366b7d3d67887e9faea56d6ce33d8af5f1b422a2b72620e96cc70dcd8a4c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Mon, 05 Dec 2022 14:22:15 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 25219
expires: Tue, 12 Dec 2023 07:29:45 GMT

GET
H2 200 khrystyna-hornyak-368x422.jpg
wona.com.ua/wp-content/uploads/2022/12/ 26 KB
26 KB 379ms
78ms Image
image/jpeg 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wona.com.ua/wp-content/uploads/2022/12/khrystyna-hornyak-368x422.jpg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: 68fe4c3c10ccdce64082ad5c51a66b55e56c3a453548c69bc66bd87912756743

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Fri, 09 Dec 2022 16:56:33 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 26435
expires: Tue, 12 Dec 2023 07:29:45 GMT

GET
H2 200 dmytro-komarov-368x445.jpeg
wona.com.ua/wp-content/uploads/2022/11/ 27 KB
27 KB 386ms
85ms Image
image/jpeg 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wona.com.ua/wp-content/uploads/2022/11/dmytro-komarov-368x445.jpeg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: 6d343508dabc41ebe654fbbed2f979b709145004bf97160f43dda053bba16add

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Sun, 13 Nov 2022 13:33:34 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 27919
expires: Tue, 12 Dec 2023 07:29:45 GMT

GET
H2 200 lilia-rebrik-368x422.jpg
wona.com.ua/wp-content/uploads/2022/11/ 20 KB
20 KB 386ms
85ms Image
image/jpeg 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wona.com.ua/wp-content/uploads/2022/11/lilia-rebrik-368x422.jpg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: 8fd3e3f4d85724152a844acceec79633b21bf9a8fc4f86fbcc0d374d69deae7f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Sat, 19 Nov 2022 18:32:38 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20010
expires: Tue, 12 Dec 2023 07:29:45 GMT

GET
H2 200 kateryna-repyakhova.jpeg
wona.com.ua/wp-content/uploads/2022/12/ 15 KB
15 KB 388ms
86ms Image
image/webp 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wona.com.ua/wp-content/uploads/2022/12/kateryna-repyakhova.jpeg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: 3f40ade6acdc450e6d9e6dd578ddf4e6011d9fff50850485cc64bd6097a8fe2e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Sat, 10 Dec 2022 13:23:39 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 15790
expires: Tue, 12 Dec 2023 07:29:45 GMT

GET
H2 200 svetlana-tarabarova-2-86x64.jpg
wona.com.ua/wp-content/uploads/2022/12/ 2 KB
2 KB 389ms
88ms Image
image/jpeg 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wona.com.ua/wp-content/uploads/2022/12/svetlana-tarabarova-2-86x64.jpg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: 9990b1aa13dc514c59f666ea0a014b28136d8d5227b425c8df31d651880a4d5e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Sat, 10 Dec 2022 11:11:55 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2309
expires: Tue, 12 Dec 2023 07:29:45 GMT

GET
H2 200 taras-tsymbalyuk-1-86x64.jpg
wona.com.ua/wp-content/uploads/2022/12/ 2 KB
2 KB 390ms
88ms Image
image/jpeg 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wona.com.ua/wp-content/uploads/2022/12/taras-tsymbalyuk-1-86x64.jpg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: 9f364c52404f1ee6fca21d52b001b0052052b8aa1b4bc25fd540a2979df15df6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Sat, 10 Dec 2022 13:53:34 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2208
expires: Tue, 12 Dec 2023 07:29:45 GMT

GET
H2 200 nadia-dorofeeva-1-86x64.jpg
wona.com.ua/wp-content/uploads/2022/12/ 2 KB
2 KB 390ms
86ms Image
image/jpeg 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wona.com.ua/wp-content/uploads/2022/12/nadia-dorofeeva-1-86x64.jpg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: 421f4d878bc16373dfb59b601cedc45e106f7e4dcfce73052394baca05351b1f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Sat, 10 Dec 2022 12:46:23 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2077
expires: Tue, 12 Dec 2023 07:29:45 GMT

GET
H2 200 olya-polyakova-86x64.jpeg
wona.com.ua/wp-content/uploads/2022/12/ 3 KB
3 KB 391ms
87ms Image
image/jpeg 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wona.com.ua/wp-content/uploads/2022/12/olya-polyakova-86x64.jpeg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: 6a83a2d5550dfbf3cdc24c92ab0877f520c537371470603297c965b69e6c52b7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Sat, 10 Dec 2022 11:31:30 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3113
expires: Tue, 12 Dec 2023 07:29:45 GMT

GET
H2 200 nikita-dobrynin-86x64.jpg
wona.com.ua/wp-content/uploads/2022/12/ 2 KB
2 KB 392ms
88ms Image
image/jpeg 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wona.com.ua/wp-content/uploads/2022/12/nikita-dobrynin-86x64.jpg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: b6347bd5da211b9b91beff8ded08be638527b53ffbceb83e8706e83acb9a0c59

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Fri, 09 Dec 2022 09:36:27 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2233
expires: Tue, 12 Dec 2023 07:29:45 GMT

GET
H2 200 bd8cfc69-86x64.jpg
wona.com.ua/wp-content/uploads/2022/12/ 3 KB
3 KB 436ms
132ms Image
image/jpeg 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wona.com.ua/wp-content/uploads/2022/12/bd8cfc69-86x64.jpg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: f63bbc46ed9fa56e0a412f4f3cd851ac56b194618dedc43f052906ca6c432e88

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Wed, 07 Dec 2022 12:09:17 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 3382
expires: Tue, 12 Dec 2023 07:29:45 GMT

GET
H2 200 kateryna-repyakhova-86x64.jpeg
wona.com.ua/wp-content/uploads/2022/12/ 3 KB
3 KB 436ms
133ms Image
image/jpeg 31.131.28.81
VPS-UA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wona.com.ua/wp-content/uploads/2022/12/kateryna-repyakhova-86x64.jpeg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS: 81.28.131.31.uavip10.twinservers.net
Software: LiteSpeed /
Resource Hash: e96444655780ef6de0fa07a2cf0b6754803c656de4ccaf9eab3edc8701c25bd8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Sat, 10 Dec 2022 13:23:36 GMT
server: LiteSpeed
vary: User-Agent,Accept
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2609
expires: Tue, 12 Dec 2023 07:29:45 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
696 B 154ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=wona.com.ua&callback=_gfp_s_&client=ca-pub-2561805517948093&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2561805517948093&plah=wona.com.ua&bust=31071220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

068a2c61161e4235d2518fdc95409069ea80b7ef1ebffdca2faf7603caf2ab51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 187ms
55ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=wona.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 153ms
54ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=wona.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA31 430 B
230 B 299ms
205ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2561805517948093&output=html&h=120&slotname=4274494260&adk=1936529174&adf=730284512&pi=t.ma~as.4274494260&w=980&lmt=1670830185&format=980x120&url=https%3A%2F%2Fwona.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670830185308&bpp=4&bdt=553&idt=213&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&correlator=2537657187444&frm=20&pv=2&ga_vid=1770991966.1670830186&ga_sid=1670830186&ga_hid=1094424329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=374&ady=550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C31071220%2C44779793&oid=2&pvsid=1259025836945517&tmod=1831263842&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fPwhXcgP6s&p=https%3A//wona.com.ua&dtd=233

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37ce9528db3f0a7fb1b4d8a7012053dae66bb6e4f6725ee5f971f348535c5213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wona.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 07:29:45 GMT
expires: Mon, 12 Dec 2022 07:29:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A9B2 0
19 B 128ms
56ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2561805517948093&output=html&adk=1812271804&adf=3025194257&lmt=1670830185&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwona.com.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670830185359&bpp=2&bdt=605&idt=195&shv=r20221206&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x120&nras=1&correlator=2537657187444&frm=20&pv=1&ga_vid=1770991966.1670830186&ga_sid=1670830186&ga_hid=1094424329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44777876%2C31071220%2C44779793&oid=2&pvsid=1259025836945517&tmod=1831263842&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=205

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wona.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 07:29:45 GMT
expires: Mon, 12 Dec 2022 07:29:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/51428/ Frame 9305 738 B
519 B 114ms
113ms Document
text/html 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://wona.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Mon, 12 Dec 2022 07:29:45 GMT
etag: W/"6375fd72-2e2"
expires: Wed, 06 Dec 2023 18:50:09 GMT
last-modified: Thu, 17 Nov 2022 09:22:58 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-12-05T18:50:09+00:00
x-id: fr5-up-gc31

GET
H2 200 a21031c0f6a0994b3314.b.js Show response
cdn.admixer.net/scripts3/51428/ 23 KB
8 KB 118ms
118ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/a21031c0f6a0994b3314.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Mon, 12 Dec 2022 07:29:45 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:56 GMT
server: nginx
etag: W/"6375fd70-5d41"
vary: Accept-Encoding
x-cached-since: 2022-11-28T18:27:54+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Wed, 29 Nov 2023 18:27:54 GMT

GET
H2 200 0a75d04ce9f53a1a35b6.b.js Show response
cdn.admixer.net/scripts3/51428/ 75 KB
20 KB 129ms
128ms Script
application/javascript 2a03:90c0:41:2801::62
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/51428/0a75d04ce9f53a1a35b6.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Mon, 12 Dec 2022 07:29:45 GMT
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 09:22:47 GMT
server: nginx
etag: W/"6375fd67-12c39"
vary: Accept-Encoding
x-cached-since: 2022-11-29T13:09:50+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 30 Nov 2023 13:09:50 GMT

GET
H2 200 media.min.js Show response
a4p.adpartner.pro/apstc/ 15 KB
4 KB 63ms
62ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.428
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=1236&unit_id=5023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
cache-control: no-store no-transform
content-encoding: br
last-modified: Thu, 17 Nov 2022 09:59:21 GMT
server: nginx
etag: W/"637605f9-3ac0"
content-type: application/javascript

GET
H2 204 tt
a4p.adpartner.pro/ Frame ED3F 0
0 785ms
784ms Document
text/plain 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=1f0835c2-b40a-4ced-b12b-671a8b69b581&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F&referer=
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=1236&unit_id=5023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash

Request headers

Referer: https://wona.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
date: Mon, 12 Dec 2022 07:29:46 GMT
server: nginx

GET
H2 200 ls Show response
a4p.adpartner.pro/media/ Frame 116A 5 KB
2 KB 64ms
63ms Document
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/media/ls?mediaunit=5023&apuid=05697699-4eea-40d6-a442-2c351167b038&session_pageview=1&session_id=1f0835c2-b40a-4ced-b12b-671a8b69b581&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=1236&unit_id=5023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 241450aa549338d2ba705351f5b1d10eb2d05e0c79177baac5145f162fdc90fc

Request headers

Referer: https://wona.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Dec 2022 07:29:45 GMT
server: nginx

GET
H2 200 branding.min.js Show response
a4p.adpartner.pro/apstc/ 13 KB
3 KB 63ms
62ms Script
application/javascript 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.428
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=5289&0.6762479790809395
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
cache-control: no-store no-transform
content-encoding: br
last-modified: Thu, 17 Nov 2022 09:59:21 GMT
server: nginx
etag: W/"637605f9-35bf"
content-type: application/javascript

GET
H2 200 ls Show response
a4p.adpartner.pro/branding/ Frame B54C 5 KB
2 KB 64ms
63ms Document
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding/ls?branding=5289&bannerNum=50627580123927430&apuid=05697699-4eea-40d6-a442-2c351167b038&session_pageview=1&session_id=1f0835c2-b40a-4ced-b12b-671a8b69b581&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=5289&0.6762479790809395
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: f1b87027750f05151795d8dbdb51ee5af3454902cf1a082354ce59849921faec

Request headers

Referer: https://wona.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store no-transform
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 12 Dec 2022 07:29:45 GMT
server: nginx

POST
H3 204 ping
pagead2.googlesyndication.com/pagead/ 0
0 174ms
80ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://wona.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 116A 49 KB
20 KB 141ms
49ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=5023&apuid=05697699-4eea-40d6-a442-2c351167b038&session_pageview=1&session_id=1f0835c2-b40a-4ced-b12b-671a8b69b581&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://a4p.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 07:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 839
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 12 Dec 2022 09:15:46 GMT

POST
H2 200 media Show response
a4p.adpartner.pro/ Frame 116A 1 KB
482 B 69ms
69ms XHR
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/media?id=5023&session_id=1f0835c2-b40a-4ced-b12b-671a8b69b581&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=5023&apuid=05697699-4eea-40d6-a442-2c351167b038&session_pageview=1&session_id=1f0835c2-b40a-4ced-b12b-671a8b69b581&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 2a1982fe3ff9ef9060be75ba0b8e04cd338b08dc8cb84da721ff250655179b88

Request headers

Referer: https://a4p.adpartner.pro/media/ls?mediaunit=5023&apuid=05697699-4eea-40d6-a442-2c351167b038&session_pageview=1&session_id=1f0835c2-b40a-4ced-b12b-671a8b69b581&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: text/html; charset=utf-8

POST
H2 200 branding Show response
a4p.adpartner.pro/ Frame B54C 1 KB
884 B 68ms
67ms XHR
text/html 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/branding?id=5289&session_id=1f0835c2-b40a-4ced-b12b-671a8b69b581&session_pageview=1&site_visited=1
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=5289&bannerNum=50627580123927430&apuid=05697699-4eea-40d6-a442-2c351167b038&session_pageview=1&session_id=1f0835c2-b40a-4ced-b12b-671a8b69b581&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e7ddb10791144e26d0c6e67f7377869624be960042d77f996d39b9363fdc1389

Request headers

Referer: https://a4p.adpartner.pro/branding/ls?branding=5289&bannerNum=50627580123927430&apuid=05697699-4eea-40d6-a442-2c351167b038&session_pageview=1&session_id=1f0835c2-b40a-4ced-b12b-671a8b69b581&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
cache-control: no-store no-transform
content-encoding: br
server: nginx
content-type: text/html; charset=utf-8

GET
H2 200 background_empty.jpg
file.adpartner.pro/2297/2297844/ 13 KB
13 KB 203ms
62ms Image
image/jpeg 137.74.6.209
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.adpartner.pro/2297/2297844/background_empty.jpg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-02.adpartner.pro
Software: nginx /
Resource Hash: 86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:45 GMT
last-modified: Thu, 17 Nov 2022 21:08:35 GMT
server: nginx
etag: "6376a2d3-3439"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store
accept-ranges: bytes
content-length: 13369

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame E816 0
139 B 64ms
59ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252205697699-4eea-40d6-a442-2c351167b038%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297844%252C%2522rule_id%2522%253A209962%252C%2522show_id%2522%253A%2522e13c3fe4-4dc5-4dd2-8059-940b977220bb%2522%257D%255D%252C%2522unit_id%2522%253A5289%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e13c3fe4-4dc5-4dd2-8059-940b977220bb%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwona.com.ua%25252F%2522%257D
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Mon, 12 Dec 2022 07:29:45 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame E34A 0
139 B 63ms
63ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252205697699-4eea-40d6-a442-2c351167b038%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5023%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fwona.com.ua%252F%2522%257D
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Mon, 12 Dec 2022 07:29:45 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 wona.com.ua_160x600_br11.html Show response
file.adpartner.pro/2297/2297844/ Frame 4BD2 3 KB
1 KB 63ms
63ms Document
text/html 137.74.6.209
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://file.adpartner.pro/2297/2297844/wona.com.ua_160x600_br11.html?content_width=1190px&background_size=2077.090909090909&top_padding=0&side_width=205&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fbackground_empty.jpg&unit_num=5289_50627580123927430&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F5289%2F2297844%2Fe13c3fe4-4dc5-4dd2-8059-940b977220bb%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjcwODMwMTg1LCJzaG93X2lkIjoiZTEzYzNmZTQtNGRjNS00ZGQyLTgwNTktOTQwYjk3NzIyMGJiIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiMDU2OTc2OTktNGVlYS00MGQ2LWE0NDItMmMzNTExNjdiMDM4IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D60de1848f821a0406606690622280182
Requested by: Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.428
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-02.adpartner.pro
Software: nginx /
Resource Hash: 7235a3708c37b45ba47fe0aef331fe7bbdb6ea337f7b614fb55f5009d416efd8

Request headers

Referer: https://wona.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-store
content-encoding: br
content-type: text/html
date: Mon, 12 Dec 2022 07:29:46 GMT
etag: W/"6376a2d3-ce9"
last-modified: Thu, 17 Nov 2022 21:08:35 GMT
server: nginx

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame 75A9 0
139 B 64ms
63ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252205697699-4eea-40d6-a442-2c351167b038%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297844%252C%2522rule_id%2522%253A209962%252C%2522show_id%2522%253A%2522e13c3fe4-4dc5-4dd2-8059-940b977220bb%2522%257D%255D%252C%2522unit_id%2522%253A5289%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e13c3fe4-4dc5-4dd2-8059-940b977220bb%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwona.com.ua%25252F%2522%257D
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Mon, 12 Dec 2022 07:29:46 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H2 200 if Show response
a4p.adpartner.pro/tracker/ Frame EA3B 0
139 B 65ms
65ms Document
image/gif 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%252205697699-4eea-40d6-a442-2c351167b038%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297844%252C%2522rule_id%2522%253A209962%252C%2522show_id%2522%253A%2522e13c3fe4-4dc5-4dd2-8059-940b977220bb%2522%257D%255D%252C%2522unit_id%2522%253A5289%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522e13c3fe4-4dc5-4dd2-8059-940b977220bb%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwona.com.ua%25252F%2522%257D
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate no-store no-transform
content-length: 0
content-type: image/gif
date: Mon, 12 Dec 2022 07:29:46 GMT
expires: 0
pragma: no-cache
server: nginx

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4BD2 98 KB
33 KB 137ms
137ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: file.adpartner.pro
URL: https://file.adpartner.pro/2297/2297844/wona.com.ua_160x600_br11.html?content_width=1190px&background_size=2077.090909090909&top_padding=0&side_width=205&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fbackground_empty.jpg&unit_num=5289_50627580123927430&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F5289%2F2297844%2Fe13c3fe4-4dc5-4dd2-8059-940b977220bb%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjcwODMwMTg1LCJzaG93X2lkIjoiZTEzYzNmZTQtNGRjNS00ZGQyLTgwNTktOTQwYjk3NzIyMGJiIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiMDU2OTc2OTktNGVlYS00MGQ2LWE0NDItMmMzNTExNjdiMDM4IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D60de1848f821a0406606690622280182

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fce82adb22a4c890f2a4947c83945b2db00fd53589b98a4c90b666c3da2a078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://file.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34114
x-xss-protection: 0
server: cafe
etag: 7686582933629733927
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 07:29:46 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ Frame 4BD2 356 KB
117 KB 108ms
108ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31071167

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

746b39381c5dc83ad51e6ee6f203f7a5d70c8879395ea2da807e8015d2c16090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://file.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119957
x-xss-protection: 0
server: cafe
etag: 15833104812122410217
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 07:29:46 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame 4BD2 107 B
122 B 149ms
55ms Script
application/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=file.adpartner.pro

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro&bust=31071167

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://file.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4BD2 107 B
122 B 150ms
56ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://file.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 94A0 84 KB
31 KB 309ms
308ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_1&adk=2212855638&adf=2310543995&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1668719315&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_50627580123927430%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fe13c3fe4-4dc5-4dd2-8059-940b977220bb%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjcwODMwMTg1LCJzaG93X2lkIjoiZTEzYzNmZTQtNGRjNS00ZGQyLTgwNTktOTQwYjk3NzIyMGJiIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiMDU2OTc2OTktNGVlYS00MGQ2LWE0NDItMmMzNTExNjdiMDM4IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D60de1848f821a0406606690622280182&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670830186326&bpp=12&bdt=168&idt=272&shv=r20221206&mjsv=m202212010101&ptt=5&saldr=sa&correlator=7749646703214&frm=22&ife=1&pv=2&ga_vid=398067507.1670830187&ga_sid=1670830187&ga_hid=1694142742&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=676310700&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071167%2C44779793%2C44778740%2C31071260%2C44778767&oid=2&pvsid=3821376918664240&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.i5xtk6ut74bh&fsb=1&xpc=1CXc1Rf6oX&p=https%3A//file.adpartner.pro&dtd=291

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fcd1295152d0dbf9c70d017f69e6f206c7d91d53b3f96404d1c9936e3204ee7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://file.adpartner.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31934
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 07:29:46 GMT
expires: Mon, 12 Dec 2022 07:29:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C775 603 B
69 B 314ms
313ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_2&adk=3600042394&adf=162286152&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1668719315&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_50627580123927430%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fe13c3fe4-4dc5-4dd2-8059-940b977220bb%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjcwODMwMTg1LCJzaG93X2lkIjoiZTEzYzNmZTQtNGRjNS00ZGQyLTgwNTktOTQwYjk3NzIyMGJiIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiMDU2OTc2OTktNGVlYS00MGQ2LWE0NDItMmMzNTExNjdiMDM4IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D60de1848f821a0406606690622280182&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670830186342&bpp=2&bdt=184&idt=287&shv=r20221206&mjsv=m202212010101&ptt=5&saldr=sa&prev_slotnames=wona.com.ua_160x600_br_1&correlator=7749646703214&frm=22&ife=1&pv=1&ga_vid=398067507.1670830187&ga_sid=1670830187&ga_hid=1694142742&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=676310700&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071167%2C44779793%2C44778740%2C31071260%2C44778767&oid=2&pvsid=3821376918664240&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.vkqchy55vagb&fsb=1&xpc=4fTNyilWos&p=https%3A//file.adpartner.pro&dtd=293

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://file.adpartner.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 07:29:46 GMT
expires: Mon, 12 Dec 2022 07:29:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 94A0 2 KB
818 B 173ms
59ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_1&adk=2212855638&adf=2310543995&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1668719315&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_50627580123927430%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fe13c3fe4-4dc5-4dd2-8059-940b977220bb%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjcwODMwMTg1LCJzaG93X2lkIjoiZTEzYzNmZTQtNGRjNS00ZGQyLTgwNTktOTQwYjk3NzIyMGJiIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiMDU2OTc2OTktNGVlYS00MGQ2LWE0NDItMmMzNTExNjdiMDM4IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D60de1848f821a0406606690622280182&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670830186326&bpp=12&bdt=168&idt=272&shv=r20221206&mjsv=m202212010101&ptt=5&saldr=sa&correlator=7749646703214&frm=22&ife=1&pv=2&ga_vid=398067507.1670830187&ga_sid=1670830187&ga_hid=1694142742&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=676310700&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071167%2C44779793%2C44778740%2C31071260%2C44778767&oid=2&pvsid=3821376918664240&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.i5xtk6ut74bh&fsb=1&xpc=1CXc1Rf6oX&p=https%3A//file.adpartner.pro&dtd=291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 12:10:29 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 94A0 23 KB
10 KB 156ms
45ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 12:10:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 94A0 3 KB
1 KB 169ms
59ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 20:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 20:19:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 94A0 18 KB
7 KB 161ms
52ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 69558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 12:10:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 94A0 0
0 153ms
53ms Image
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRHmrXpDCBItUhHoHYqWgjij_ASIg_GXXJ5q3r4QCgCjSnUUKmn6oqYrHVgcFriCJzFIZzXw7WUN1NUr2D4QbgPFzUYmQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_1&adk=2212855638&adf=2310543995&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1668719315&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_50627580123927430%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fe13c3fe4-4dc5-4dd2-8059-940b977220bb%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjcwODMwMTg1LCJzaG93X2lkIjoiZTEzYzNmZTQtNGRjNS00ZGQyLTgwNTktOTQwYjk3NzIyMGJiIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiMDU2OTc2OTktNGVlYS00MGQ2LWE0NDItMmMzNTExNjdiMDM4IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D60de1848f821a0406606690622280182&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670830186326&bpp=12&bdt=168&idt=272&shv=r20221206&mjsv=m202212010101&ptt=5&saldr=sa&correlator=7749646703214&frm=22&ife=1&pv=2&ga_vid=398067507.1670830187&ga_sid=1670830187&ga_hid=1694142742&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=676310700&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31071167%2C44779793%2C44778740%2C31071260%2C44778767&oid=2&pvsid=3821376918664240&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.i5xtk6ut74bh&fsb=1&xpc=1CXc1Rf6oX&p=https%3A//file.adpartner.pro&dtd=291
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 94A0 153 KB
47 KB 156ms
58ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 07:29:47 GMT

GET
H2 200 5abbe811e7745ada511aeaa994a13f9f.js Show response
www.gstatic.com/mysidia/ Frame 94A0 34 KB
14 KB 145ms
45ms Script
text/javascript 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 21:34:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 554107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 20:45:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 05 Mar 2023 21:34:40 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4BD2 14 KB
11 KB 92ms
92ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66828b7897b00c96ee5580afceb2f7dc277ed99ee88c9b5be10eb9855b0a2876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://file.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11108
x-xss-protection: 0

GET
H2 200 background_empty.jpg
file.adpartner.pro/2297/2297844/ Frame 4BD2 13 KB
13 KB 124ms
124ms Image
image/jpeg 137.74.6.209
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.adpartner.pro/2297/2297844/background_empty.jpg
Requested by: Host: wona.com.ua
URL: https://wona.com.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-02.adpartner.pro
Software: nginx /
Resource Hash: 86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://file.adpartner.pro/2297/2297844/wona.com.ua_160x600_br11.html?content_width=1190px&background_size=2077.090909090909&top_padding=0&side_width=205&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fbackground_empty.jpg&unit_num=5289_50627580123927430&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F5289%2F2297844%2Fe13c3fe4-4dc5-4dd2-8059-940b977220bb%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjcwODMwMTg1LCJzaG93X2lkIjoiZTEzYzNmZTQtNGRjNS00ZGQyLTgwNTktOTQwYjk3NzIyMGJiIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiMDU2OTc2OTktNGVlYS00MGQ2LWE0NDItMmMzNTExNjdiMDM4IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D60de1848f821a0406606690622280182
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:47 GMT
last-modified: Thu, 17 Nov 2022 21:08:35 GMT
server: nginx
etag: "6376a2d3-3439"
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-store
accept-ranges: bytes
content-length: 13369

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 99ms
98ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5c4e16759aae2e15425928731b861077f3ad6c39de287176cb0be8820b9fb57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11232
x-xss-protection: 0

GET
H3 200 10293425198853276205
tpc.googlesyndication.com/daca_images/simgad/ Frame 94A0 11 KB
11 KB 217ms
123ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/10293425198853276205?w=180&h=360

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a72c1e5102c14083e516e5474f58bbd59db4bd9723c10cf77e8fa6e503a52119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:47 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11093
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 05:05:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 19 Dec 2022 07:29:47 GMT

GET
DATA 200
OK truncated
/ Frame 94A0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 928a352e474e238e0b2f9d3d78ed1b7dec28ddad0d8b1445c34a3857f981c53c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C994 36 KB
16 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 17:48:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 17:48:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4BD2 17 KB
6 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://file.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 07:29:47 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 85ms
85ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 07:29:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 33E6 13 KB
5 KB 53ms
51ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://file.adpartner.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 40200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 20:19:47 GMT
expires: Mon, 11 Dec 2023 20:19:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3EFC 783 B
533 B 152ms
57ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c628ba2394cdefd9c6ff81b3d1f32f9a974f46ae4f6b788dfd3f4703d6722c8d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ugYE34eAsn52Ae2i3levug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://file.adpartner.pro/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-ugYE34eAsn52Ae2i3levug' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 07:29:47 GMT
expires: Mon, 12 Dec 2022 07:29:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B831 13 KB
5 KB 48ms
48ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wona.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 40200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 20:19:47 GMT
expires: Mon, 11 Dec 2023 20:19:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F28B 783 B
534 B 131ms
57ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4fd2115906b84acb69d3a465980ee9f4c53c433690658da93c421d24a8793eb2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R9zn_kThfhQtlPS0eO0Njg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wona.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-R9zn_kThfhQtlPS0eO0Njg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 07:29:47 GMT
expires: Mon, 12 Dec 2022 07:29:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 33E6 36 KB
16 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 17:48:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 17:48:06 GMT

GET
H3 200 z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B831 36 KB
16 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/z7cUAtzL1u1d_2AGWF4wFgnTveRSMJLcB1xcawACHJQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 17:48:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49301
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16132
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 11 Dec 2023 17:48:06 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3EFC 0
0 79ms
79ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=3821376918664240&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F28B 0
0 79ms
79ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=1259025836945517&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 33E6 0
10 B 45ms
45ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ROU3Sg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B831 0
10 B 46ms
45ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mw-2Yw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 07:29:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4BD2 0
0 82ms
82ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=3821376918664240&bg=!vb6lvvrNAAYgquz3AKo7ACkAdvg8WtnaUkqjxEH9NZaf9za63enat_O5dtOa-lmI6xgIQGh1hEnh1wIAAACXUgAAAARoAQeZAscuT2c4hLwmwCtUGRYrh3yRVYmWMdQMnMRFJwX3N5rkWvfFstg07TghlUHuEjjsDX1HTXpead5-HLENp4PHWgSDtK_j6fsf6QPSRn_y01dZwKcoa8z_3wu3W241nClZcfv9eUrhqcxLPWJd2xdQ4ydS0LL9b27n7f1zgtOJ7hpUyCIKcoy-DSMLOyqSbuEh2f5-mrQvfYrxBFQzox6Y1TT9TQf3y50XzJ9P5gWRptg6Ufh2klrtQtnsJxrHuVfPb69fWK-FXPxY_gFSV9BfLYOH8lgqyq9U4u1W81j07wQiD8ghrXB7aqCDGwMQ0gj63YizpNavxCGIStfuyHKksIAZRX_PGT_74N7c66l695-PN0ymJH7hEtCGFmMC17FNR-5lDOF6yTGaxLB4HOJu782YMQGrxs0ch60buF3g7DJiYARRyhYl2ZxNaeXz0zXEEGSsRCuzAVsBj7e4YCviwRP3teO8kiVnHr-P-CwZQqa5TILEqFTtwGNhHdjDtSBKYr7b9I9pU7bh6UH7gdB-F6IHE-5r5mwR1lYyylgBa5ywQQlrfGY4ygmy0Qc8ATWhLItDtBbVfjuJNjTr8sIMGNPQFA5DHnvN92FOPTBHsUtLlUHtnBjN3ZcULPwwGGh1tIjDYcdmK8lockCPF9BQs5658oBB2xfA52GnesfLulGw_WAKwtFQVkQmv5e1KO2SPIsCeysUf37EIrkr9s_33mpG_gVXFyj43NHXlLoA_KPfErmOL72pJhxjTQzG9IRmtfSXuY9ZzuTh6kvup3e9C8HMfAIrK9Ufze7FeFgCr-OMD14R7vWUPSk9GorWoAp4-CTId9YBlCZiC0DWwZKdn1b3eBq3wCUgueH8Npfh-fAdx7sDu9leUCGIzUk8Qp038aYAPM_pXtXED8iNs4mwZ0hPuYmoJJoyCkrpdionWKZ5_wJtNpgQaX0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://file.adpartner.pro/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
83ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=1259025836945517&bg=!JiWlJWHNAAYgquz3AKo7ACkAdvg8Wr2pdwD7btcNsVSq6tP-I1mo0Q-Nx1YOu_qsaZlJRMqmiNAscgIAAACLUgAAAANoAQcKAJox35w48y2n9do7gMX4RkD8E5hgIVPEXOr-ROJrqkspqO85zK7wg7zrP5vU7aXXx5rPt9IaksA4BY57PvbB2eq4DNFuoN32I6XWJjP889anF2hls7vL-4Ni0lRW4wl46ZAfMx3s1hZvVb7ECtlQQ7L5CixaUK-0ssb7gZjF1-M6EvxAsSBPIJUKAQGysm4iPD36-BbIzD7ZX2MJmQKYH-tdPEPwKGPXGV2YgHszHmaHl-D-6WNRSrm3doLPwqwk9MBFsgxkeyrahz1PTtoRovBInRQKJwH91teRMmrAgLrJprNqVUZYBAvYWhnb4Q1pU9ThOzz0i141xjIkh6CREUnf_nX6Ug0-rLULATl4mp2M1jLsgX6Yq3IgDjOyuMkLluvLyz6evrzPVV89YKpUkueonKDltqRAz1uyNXP-Ke8udemF1wGO_Uhw_fU4CWb603Z_IKFtFDEDEwQPdkxw_RTyJqVhMhivR-CDjA_HVNv1diLOckwOEJrYJhUbdyAiFbmnCP9avsuifs-toNy-y0xls8sL95jNWUIqNKx1vjEijjMuImWDkpfyRzjAG98p30tiXHSou71UKk_mrmwSlEoO50WPGKJ40gM2IkW1-yKBEPda-OXDTfYPP6kw2iwUeouvJ-IY1ttyRGyK1fXvPz9fio9HLCLvDT8eGiv7RCyyOHqLvLH2W-KANqfqS9VUkRPyNljW7uLaWH2v5Q4qXcAhoayDkpJ3ia3tGQaF7frFapGilZwTRwP1q_apw3e3Og5CSer123koCeUwjyKKXmpi-ONpnbvXSV9WjX88o8ya-4Zu9W5fOUGLENwlNaTJUaGZBbRY1UJRg1GC2dJDlyMui3jX5EcdA7q3024RWnUQXRhmMV8o2TLe1xiRF4ZJQCsfQdkcNApgrJsFdwIYXjsETmbi00K5Qe_yX9_RxHtDsFqaK30tffJ8h_lOBd4CjIsxgiz2AUhMGwthxHdeE7sKl18_3bjd_u96fb6GEwd1RyIyrxqqu7e0K5ePKp6rHqTmH8DYh0GUlnZ4M0uNUM27nBT8wieA3e6i5o-kInoyCGXaxD4MjLBxt3t4FTrLffkJVdnn-w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://wona.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 94A0 42 B
64 B 89ms
89ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstf965xsNiNWtuC8Rz1G9J-rcKRbH-erg1VOI5PGMh8BijdfKOefVLrp1OQ33v8cHuj4MlNV7h-USR1o8kAhZ0y5CA3QYGI530noGlvMYgALevIOy9xrXce8uFtqD4VGE-OVDSKtMeatS8arEjzam9nExhsGZf8JutsFBMfe9FGJChpOhGEhuUPd4TQStSxAygfmJh0_wWfUtEj6r0L2Wwu9QpPkGn2Sqcn2R95XPQyJ9Cp71480__74Zj_f1Dya-kQ32ya7TUkNvI2OIqyzePiYvOWxKMwVACc6bkqQqk4T9buxz3Ee6IpN4znyuXeAy44GHvUv23AZR-w9AnnBwqGlNt59pq3mVJHibjIEC7U4PRJ1MQ1oZyG754poRRoIOmfPD7oZHgTdYJBJxiH0PSjj_3ulfBTgPI8-wJkEBIFBIa2Dp4fT10nsgRV_zI8ee_3Q-ydpU8-jvcWVqQEPnZjOFDZMoGtukJjiXPwIX3lEMhaHEy0B3AHLVZPG4d1Xn5nIeUDcnQo4e9KrHudYUFCF7EAJxUytTmJloysmnrrnLGIy1AI3J0MpUKB_XxW6b2caMfz_1eLea-SPADCjGNos0gaL9wSk1aHpgULgLyF4xplSjtK3n-O0lcvU6QuaFM6DJL0Pjh87l9IVeFjdS_6n8dFGRHo4QmmuSmcGsHXO_wuGq9w_iFEHHqjnwDmWi7JW81nHWKrfranIpnwsk0-tRzBzYQT7mGIpCIheJmCZwgVdO-tRRwRxaheOLda6sMl7mxEG8pTOQcrtrtZSU4kRQQIzuG6RIvXOnjtW77G_kj8HGQr0Eo03mYcw-NS-iBXj1FIqetpjNysjTw6LH_T9KWZubOjgF8bOtSCWCnzwNEjnTtKrSyGcTtVFE2n9xOjg21_0vfgZxZ_tb71CbMO2QJt0m_vZMHGioOLo7pku_Z7v1UqL68LSBK4KjYOuOR4Ep6Xmm8ow1MMU7WVVllR_a5Qr2OHua2Aw8HjBJtuQCKg8ISrKsrGo7lpiOeb4qzVkXUjXKlqPAlTTjb0vM_YnG4y8QmKsJMuo6FKdZNbUSnmrrE8ATE0fqEGck44EqRvmcAVfw1i8cuX5UUDW8u75e-egYdnP3Aey_XY6adu9bp7BGZTiKOwueqlN2D89fZ2kyQ9eMxGdBqxX4SyOwiaUeD7ZtebO0NG3I-kORpdzWb9bknVYjSxsjmn-Vh4ZXGgRHzD8tQtoIKeWDumFPabuft-q7Ng9pWuB2APZ1SaNyqYZqSBxjgFudEy7kOsqSFIP303s_28mrRdximsw9lj137u_Bl_WvTpfa1_feo4NCrsEmFvI8gb5g9GYdJFi5UaPNW4EuEYvPY-7TqrWK2eKSc_WO23cjA7zWCMM9aIj2vCjbjGypL2AO_9HLPPxYLd6XsjVk21BlzfQDrHhyAM5rKAErXBHykDeNrnuP0k8Pauhens4DzTt71JwNLl-w&sai=AMfl-YTLHxbdPt8snFehVBlVmu1OpukEZGauxksIFbOQ6WyGwLY05yKAESrgplBJIA3UHeMxHKgLcLF7L10O1pcJo1CQLEnIME4ZdNlS6aGOqRiFQIl80MTmaNE&sig=Cg0ArKJSzI7x0ULyzIJrEAE&cid=CAQSKQDq26N9qGifd0jZgV5TtwYxcYlLvNVQIKFuVk_sgG34JX55PwQdagJEGAEgEw&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2212855638&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670830186619&rpt=607&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 07:29:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

157 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.yadro.ru/	1970-01-20 16:52:08	Name: FTID Value: 1ZbjXf36mUOS1ZbjXf003MDy
wona.com.ua/	1969-12-31 23:59:59	Name: Value: store.test
wona.com.ua/	1970-01-20 08:07:11	Name: session_id Value: 1f0835c2-b40a-4ced-b12b-671a8b69b581
wona.com.ua/	1970-01-20 08:07:11	Name: session_pageview Value: 1670830186.1
wona.com.ua/	1970-01-20 08:50:22	Name: site_visited Value: 1670916586.1
wona.com.ua/	1970-01-20 17:43:10	Name: lapuid Value: 05697699-4eea-40d6-a442-2c351167b038
.yadro.ru/	1970-01-20 16:52:08	Name: VID Value: 3ENKmd1JTd8S1ZbjXf003BvU
a4p.adpartner.pro/	1970-01-20 17:43:10	Name: apuid Value: 05697699-4eea-40d6-a442-2c351167b038
a4p.adpartner.pro/	1970-01-20 17:43:10	Name: apudmg Value: 1
.wona.com.ua/	1970-01-20 17:28:46	Name: __gads Value: ID=c2ede0ea55d28464-221e2364fcd900f3:T=1670830185:RT=1670830185:S=ALNI_MZD5Jd9HxXWH68QfF5bNbAIO0df_g
.wona.com.ua/	1970-01-20 17:28:46	Name: __gpi Value: UID=00000b9170d83c80:T=1670830185:RT=1670830185:S=ALNI_MYQ50sF1Fs9bGWAb_S_FFkzNg3crw
.doubleclick.net/	1970-01-20 17:28:46	Name: IDE Value: AHWqTUlj8AJXtf_bj-8edEQdO_zh4lt2S-l3z92cHAUPN3_ecklQrs5xmDgo3W3qsKA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
adservice.google.co.uk
adservice.google.com
cdn.admixer.net
counter.yadro.ru
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
wona.com.ua
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
137.74.6.209
2a00:1450:4001:800::2003
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a03:90c0:41:2801::62
31.131.28.81
51.83.220.94
88.212.202.52
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
068a2c61161e4235d2518fdc95409069ea80b7ef1ebffdca2faf7603caf2ab51
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1fcd1295152d0dbf9c70d017f69e6f206c7d91d53b3f96404d1c9936e3204ee7
241450aa549338d2ba705351f5b1d10eb2d05e0c79177baac5145f162fdc90fc
25532787439cba1ca63c2cf96e2baa2ff8e6cb78f808f9db73412867c920e104
2a1982fe3ff9ef9060be75ba0b8e04cd338b08dc8cb84da721ff250655179b88
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37ce9528db3f0a7fb1b4d8a7012053dae66bb6e4f6725ee5f971f348535c5213
3f40ade6acdc450e6d9e6dd578ddf4e6011d9fff50850485cc64bd6097a8fe2e
3f71c02492d45649f5009cd77647eb94cfb5c4d0c22f8db3b5f529cdb232d30a
421f4d878bc16373dfb59b601cedc45e106f7e4dcfce73052394baca05351b1f
4fd2115906b84acb69d3a465980ee9f4c53c433690658da93c421d24a8793eb2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
642366b7d3d67887e9faea56d6ce33d8af5f1b422a2b72620e96cc70dcd8a4c9
6679bdd7caedc990e14db8455c9605b510e118a92ee5f6d5060c5b61ef9757b4
66828b7897b00c96ee5580afceb2f7dc277ed99ee88c9b5be10eb9855b0a2876
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
68fe4c3c10ccdce64082ad5c51a66b55e56c3a453548c69bc66bd87912756743
6a83a2d5550dfbf3cdc24c92ab0877f520c537371470603297c965b69e6c52b7
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6d343508dabc41ebe654fbbed2f979b709145004bf97160f43dda053bba16add
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
7235a3708c37b45ba47fe0aef331fe7bbdb6ea337f7b614fb55f5009d416efd8
746b39381c5dc83ad51e6ee6f203f7a5d70c8879395ea2da807e8015d2c16090
766b7afcec56cda913bd7b027b5888b296add4088f367a54d89073190f4a2d80
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97
7fce82adb22a4c890f2a4947c83945b2db00fd53589b98a4c90b666c3da2a078
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8a2f59c8972ea5a16f4e41eca949158a6d3f8b04ccee5e26affd855afa5c229e
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
8fd3e3f4d85724152a844acceec79633b21bf9a8fc4f86fbcc0d374d69deae7f
928a352e474e238e0b2f9d3d78ed1b7dec28ddad0d8b1445c34a3857f981c53c
9990b1aa13dc514c59f666ea0a014b28136d8d5227b425c8df31d651880a4d5e
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9f364c52404f1ee6fca21d52b001b0052052b8aa1b4bc25fd540a2979df15df6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5655fe77c6fcf660b7b84b20f2dc78f8d68dccf3def39c02df75cf601c6f87d
a72c1e5102c14083e516e5474f58bbd59db4bd9723c10cf77e8fa6e503a52119
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6347bd5da211b9b91beff8ded08be638527b53ffbceb83e8706e83acb9a0c59
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c628ba2394cdefd9c6ff81b3d1f32f9a974f46ae4f6b788dfd3f4703d6722c8d
c6a7dda53ed1e87ab2356cfb8db2b524abd31d444761239bd1f53a1c190a5696
c8e43d6643c8025468209470469d68f77f11ad7720c324d43e38051603f31b9e
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
cfb71402dccbd6ed5dff6006585e301609d3bde4523092dc075c5c6b00021c94
d5c4e16759aae2e15425928731b861077f3ad6c39de287176cb0be8820b9fb57
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ddb10791144e26d0c6e67f7377869624be960042d77f996d39b9363fdc1389
e96444655780ef6de0fa07a2cf0b6754803c656de4ccaf9eab3edc8701c25bd8
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b87027750f05151795d8dbdb51ee5af3454902cf1a082354ce59849921faec
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f63bbc46ed9fa56e0a412f4f3cd851ac56b194618dedc43f052906ca6c432e88
f6a0f88344ac3c1fc4c788facdbfc5736cd335881bc59d98402036979f9a3b2b
f8dddc457a0f71f45f3ac6fffa8c69b81559a76bbf2b8162cdf68448d97f49f9

wona.com.ua Open in urlscan Pro 31.131.28.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

88 Requests

99 %HTTPS

76 %IPv6

13 Domains

17 Subdomains

18 IPs

5 Countries

1300 kBTransfer

4170 kBSize

12 Cookies

1 Outgoing links

Page URL History

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

wona.com.ua Open in urlscan Pro
31.131.28.81 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

99 %
HTTPS

76 %
IPv6

13
Domains

17
Subdomains

18
IPs

5
Countries

1300 kB
Transfer

4170 kB
Size

12
Cookies

88 HTTP transactions
1 data transactions