urlscan.io logo urlscan.io
SecurityTrails logo

wona.com.ua Open in urlscan Pro
31.131.28.81  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wona.com.ua/
Effective URL: https://wona.com.ua/
Submission: On November 27 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 5 countries across 13 domains to perform 87 HTTP transactions. The main IP is 31.131.28.81, located in Atlanta, United States and belongs to VPS-UA-AS, UA. The main domain is wona.com.ua.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 2nd 2022. Valid for: a year.
This is the only time wona.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

21    31.131.28.81 (Atlanta, United States)

ASN56851 (VPS-UA-AS, UA)
PTR: 81.28.131.31.uavip10.twinservers.net
wona.com.ua
4    2a03:90c0:41:2801::62 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
14    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
13    54.38.197.123 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-01.adpartner.pro
a4p.adpartner.pro
2    88.212.201.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru
counter.yadro.ru
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    77.123.132.26 (Kyiv, Ukraine)

ASN35680 (VOLIA, UA)
PTR: 26.132.123.77.colo.static.dcvolia.com
file.adpartner.pro
11    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
Apex Domain
Subdomains		 Transfer
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
437 KB
21 wona.com.ua
wona.com.ua
557 KB
16 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 11065
file.adpartner.pro — Cisco Umbrella Rank: 277277
47 KB
5 google.com
adservice.google.com — Cisco Umbrella Rank: 121
www.google.com — Cisco Umbrella Rank: 16
2 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
35 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
82 KB
4 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 38602
84 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 5200
914 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 84
437 B
2 yadro.ru
counter.yadro.ru — Cisco Umbrella Rank: 6424
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 219
48 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 961
694 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
1 KB
87 13
Domain Requested by
21 wona.com.ua 1 redirects wona.com.ua
14 pagead2.googlesyndication.com wona.com.ua
pagead2.googlesyndication.com
file.adpartner.pro
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
13 a4p.adpartner.pro wona.com.ua
a4p.adpartner.pro
11 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 cdn.admixer.net wona.com.ua
cdn.admixer.net
3 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
3 file.adpartner.pro wona.com.ua
a4p.adpartner.pro
3 fonts.gstatic.com fonts.googleapis.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com wona.com.ua
a4p.adpartner.pro
2 counter.yadro.ru 1 redirects wona.com.ua
1 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 fonts.googleapis.com wona.com.ua
87 17

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru
Subject Issuer Validity Valid
wona.com.ua
Sectigo RSA Domain Validation Secure Server CA		 2022-03-02 -
2023-03-12		 a year crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
adpartner.pro
R3		 2022-09-04 -
2022-12-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh

This page contains 20 frames:

Primary Page: https://wona.com.ua/
Frame ID: 53599A1D0B07CAB8DD993D0B0511B07A
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 8B66B5F2BCD438FA81BBB548EA7C89F0
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Frame ID: ABDEBD96260C8FC1CC5BA399484DDA2D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2561805517948093&output=html&h=120&slotname=4274494260&adk=1869520095&adf=2323876479&pi=t.ma~as.4274494260&w=980&lmt=1669533422&format=980x120&url=https%3A%2F%2Fwona.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533422660&bpp=3&bdt=591&idt=227&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=2058865773544&frm=20&pv=2&ga_vid=835582379.1669533423&ga_sid=1669533423&ga_hid=480703524&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=374&ady=550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774648%2C42531706%2C44774652%2C44776361%2C44773745&oid=2&pvsid=2506577170404722&tmod=1809648624&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=heDhnS7dIV&p=https%3A//wona.com.ua&dtd=244
Frame ID: 92CA78D3BE337B964A8F80D16B150046
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2561805517948093&output=html&adk=1812271804&adf=3025194257&lmt=1669533422&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwona.com.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533422711&bpp=3&bdt=642&idt=208&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x120&nras=1&correlator=2058865773544&frm=20&pv=1&ga_vid=835582379.1669533423&ga_sid=1669533423&ga_hid=480703524&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774648%2C42531706%2C44774652%2C44776361%2C44773745&oid=2&pvsid=2506577170404722&tmod=1809648624&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=214
Frame ID: 8432292A17CC1115E556394AFCC997EA
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=45448fc1-c76c-40a3-95df-19874e08b4a1&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F&referer=
Frame ID: E42F3E09652562B583AA4062975A62C1
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/branding/ls?branding=5289&bannerNum=21490276483438196&apuid=708cee6d-e5b2-4bc2-ac92-0125fbf659b7&session_pageview=1&session_id=45448fc1-c76c-40a3-95df-19874e08b4a1&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
Frame ID: A818C4D0DC2399EF884F6098CEE60D47
Requests: 3 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/media/ls?mediaunit=5023&apuid=708cee6d-e5b2-4bc2-ac92-0125fbf659b7&session_pageview=1&session_id=45448fc1-c76c-40a3-95df-19874e08b4a1&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
Frame ID: 3AB846006E5D59C951C3497F4ABCB7B8
Requests: 2 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522708cee6d-e5b2-4bc2-ac92-0125fbf659b7%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297844%252C%2522rule_id%2522%253A209962%252C%2522show_id%2522%253A%2522b9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%2522%257D%255D%252C%2522unit_id%2522%253A5289%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522b9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwona.com.ua%25252F%2522%257D
Frame ID: 2C1CDD851CCE9EC4B6E3DE4A4C2ECF06
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522708cee6d-e5b2-4bc2-ac92-0125fbf659b7%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5023%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fwona.com.ua%252F%2522%257D
Frame ID: 98815D848241429F8F81D5431DB1E94C
Requests: 1 HTTP requests in this frame

Frame: https://file.adpartner.pro/2297/2297844/wona.com.ua_160x600_br11.html?content_width=1190px&background_size=2077.090909090909&top_padding=0&side_width=205&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fbackground_empty.jpg&unit_num=5289_21490276483438196&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F5289%2F2297844%2Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D490239fba68467de2ce51c155e8cb48f
Frame ID: 7CF95BBFE766EC878AE41B8E4CBDD5AA
Requests: 9 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522708cee6d-e5b2-4bc2-ac92-0125fbf659b7%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297844%252C%2522rule_id%2522%253A209962%252C%2522show_id%2522%253A%2522b9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%2522%257D%255D%252C%2522unit_id%2522%253A5289%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522b9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwona.com.ua%25252F%2522%257D
Frame ID: 6B750C70940F1C48ACADEDF3A7F04C92
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522708cee6d-e5b2-4bc2-ac92-0125fbf659b7%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297844%252C%2522rule_id%2522%253A209962%252C%2522show_id%2522%253A%2522b9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%2522%257D%255D%252C%2522unit_id%2522%253A5289%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522b9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwona.com.ua%25252F%2522%257D
Frame ID: 23D7D8260791FDC8A091FE9FF3F040EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_1&adk=2212855638&adf=2310543995&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1653898643&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_21490276483438196%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D490239fba68467de2ce51c155e8cb48f&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533424122&bpp=27&bdt=157&idt=228&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3710660711254&frm=22&ife=1&pv=2&ga_vid=1248162908.1669533424&ga_sid=1669533424&ga_hid=490093268&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2176165540&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770881%2C44777949%2C31060566%2C44778768&oid=2&pvsid=3948726022798594&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.j834nj8k1de9&fsb=1&xpc=C5jDxrX9r6&p=https%3A//file.adpartner.pro&dtd=246
Frame ID: 8486B8F2FB640E2C8F1316197E824156
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_2&adk=3600042394&adf=162286152&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1653898643&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_21490276483438196%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D490239fba68467de2ce51c155e8cb48f&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533424155&bpp=3&bdt=190&idt=218&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=wona.com.ua_160x600_br_1&correlator=3710660711254&frm=22&ife=1&pv=1&ga_vid=1248162908.1669533424&ga_sid=1669533424&ga_hid=490093268&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2176165540&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770881%2C44777949%2C31060566%2C44778768&oid=2&pvsid=3948726022798594&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.pditxi829aq6&fsb=1&xpc=FYhdM3utzt&p=https%3A//file.adpartner.pro&dtd=223
Frame ID: C325A889B9E32242D336A3B8414A9872
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Frame ID: 0918A7A6B525428A493422C8DEE4ED47
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E43AAADFE93586595AE61B5575EAC839
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FDC08FD59864E2597F4167583776B584
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0C3D53D92768548E873D86FB8AB09511
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5C82DEC71AF2233FBDEE13AB45D22FB0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

► Жіночий журнал ВОНА ❤ WONA.com.ua - новини та публікації

Page URL History Show full URLs

  1. http://wona.com.ua/ HTTP 301
    https://wona.com.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

87
Requests

99 %
HTTPS

76 %
IPv6

13
Domains

17
Subdomains

18
IPs

5
Countries

1294 kB
Transfer

4180 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wona.com.ua/ HTTP 301
    https://wona.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://counter.yadro.ru/hit?t41.13;r;s1600*1200*24;uhttps%3A//wona.com.ua/;h%u25BA%20%u0416%u0456%u043D%u043E%u0447%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0412%u041E%u041D%u0410%20%u2764%20WONA.com.ua%20-%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0442%u0430%20%u043F%u0443%u0431%u043B%u0456%u043A%u0430%u0446%u0456%u0457;0.30532304794285814 HTTP 302
  • https://counter.yadro.ru/hit?q;t41.13;r;s1600*1200*24;uhttps%3A//wona.com.ua/;h%u25BA%20%u0416%u0456%u043D%u043E%u0447%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0412%u041E%u041D%u0410%20%u2764%20WONA.com.ua%20-%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0442%u0430%20%u043F%u0443%u0431%u043B%u0456%u043A%u0430%u0446%u0456%u0457;0.30532304794285814

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wona.com.ua/
Redirect Chain
  • http://wona.com.ua/
  • https://wona.com.ua/
113 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed / PHP/7.3.33
Resource Hash
e38da32a84830b379f2d80771d2eeae3c9947bfba3362a129b9ab85b1a046439

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 27 Nov 2022 07:17:01 GMT
etag
"2355661-1669533421;br"
link
<https://wona.com.ua/wp-json/>; rel="https://api.w.org/" <https://wona.com.ua/wp-json/wp/v2/pages/5798>; rel="alternate"; type="application/json" <https://wona.com.ua/>; rel=shortlink
server
LiteSpeed
vary
Accept-Encoding,User-Agent
x-dns-prefetch-control
on
x-litespeed-cache
miss
x-litespeed-cache-control
public,max-age=604800
x-litespeed-tag
d67_HTTP.200,d67_front,d67_URL.6666cd76f96956469e7be39d750cc7d9,d67_F,d67_Po.5798,d67_PGS,d67_,d67_MIN.bfef4edc09a856e0f6f53550791beefe.css,d67_MIN.e9b0c9d4c26015030e017fdcaa0d3d5c.js
x-powered-by
PHP/7.3.33

Redirect headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-length
707
content-type
text/html
date
Sun, 27 Nov 2022 07:16:59 GMT
location
https://wona.com.ua/
server
LiteSpeed
vary
User-Agent
webfontloader.min.js
wona.com.ua/wp-content/plugins/litespeed-cache/assets/js/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wona.com.ua/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:02 GMT
content-encoding
br
last-modified
Wed, 14 Sep 2022 15:14:29 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
content-length
4649
expires
Sat, 25 Feb 2023 07:17:02 GMT
bfef4edc09a856e0f6f53550791beefe.css
wona.com.ua/wp-content/litespeed/css/ 		1 MB
184 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wona.com.ua/wp-content/litespeed/css/bfef4edc09a856e0f6f53550791beefe.css?ver=65015
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
a5655fe77c6fcf660b7b84b20f2dc78f8d68dccf3def39c02df75cf601c6f87d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:02 GMT
content-encoding
br
last-modified
Sat, 26 Nov 2022 08:01:05 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 25 Feb 2023 07:17:02 GMT
jquery.min.js
wona.com.ua/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wona.com.ua/wp-includes/js/jquery/jquery.min.js
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:02 GMT
content-encoding
br
last-modified
Sun, 05 Sep 2021 09:06:59 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
content-length
30273
expires
Sat, 25 Feb 2023 07:17:02 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Sun, 27 Nov 2022 07:17:02 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:42 GMT
server
nginx
etag
W/"6375fd62-2c101"
x-cached-since
2022-11-27T07:09:36+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Thu, 17 Nov 2022 09:34:10 GMT
wonalogo.png
wona.com.ua/wp-content/uploads/2019/05/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wona.com.ua/wp-content/uploads/2019/05/wonalogo.png
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
f8dddc457a0f71f45f3ac6fffa8c69b81559a76bbf2b8162cdf68448d97f49f9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:02 GMT
last-modified
Sat, 27 Mar 2021 10:41:17 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3990
expires
Mon, 27 Nov 2023 07:17:02 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e477ae7f6bb09ed224ba4efc490068a6329cd8854ec468c61c5ce2d5e4062754
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49172
x-xss-protection
0
server
cafe
etag
1309083014835328164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 07:17:02 GMT
e9b0c9d4c26015030e017fdcaa0d3d5c.js
wona.com.ua/wp-content/litespeed/js/ 		282 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wona.com.ua/wp-content/litespeed/js/e9b0c9d4c26015030e017fdcaa0d3d5c.js?ver=65015
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
766b7afcec56cda913bd7b027b5888b296add4088f367a54d89073190f4a2d80

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:02 GMT
content-encoding
br
last-modified
Sat, 26 Nov 2022 08:01:05 GMT
server
LiteSpeed
vary
Accept-Encoding,User-Agent
content-type
application/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
content-length
80868
expires
Sat, 25 Feb 2023 07:17:02 GMT
css
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500%7CMontserrat:400,600,500,700&subset=cyrillic-ext,cyrillic&display=swap
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/wp-content/plugins/litespeed-cache/assets/js/webfontloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c6a7dda53ed1e87ab2356cfb8db2b524abd31d444761239bd1f53a1c190a5696
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 27 Nov 2022 07:17:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 27 Nov 2022 07:17:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 27 Nov 2022 07:17:02 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500%7CMontserrat:400,600,500,700&subset=cyrillic-ext,cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wona.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Nov 2022 20:10:25 GMT
x-content-type-options
nosniff
age
299197
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 20:10:25 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ 		30 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500%7CMontserrat:400,600,500,700&subset=cyrillic-ext,cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wona.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 01:41:22 GMT
x-content-type-options
nosniff
age
192940
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30928
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 01:41:22 GMT
fontawesome-webfont.woff2
wona.com.ua/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wona.com.ua/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/wp-content/litespeed/css/bfef4edc09a856e0f6f53550791beefe.css?ver=65015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://wona.com.ua/wp-content/litespeed/css/bfef4edc09a856e0f6f53550791beefe.css?ver=65015
Origin
https://wona.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:02 GMT
last-modified
Sat, 04 Sep 2021 21:52:36 GMT
server
LiteSpeed
vary
User-Agent
content-type
font/woff2
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
77160
expires
Mon, 27 Nov 2023 13:17:02 GMT
JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v25/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500%7CMontserrat:400,600,500,700&subset=cyrillic-ext,cyrillic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://wona.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 20 Nov 2022 19:04:03 GMT
x-content-type-options
nosniff
age
562379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21276
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:01:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 20 Nov 2023 19:04:03 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 8B66 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wona.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
74095
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 10:42:07 GMT
etag
10353107486223812946
expires
Sat, 10 Dec 2022 10:42:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2561805517948093&plah=wona.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6587ac0c2edd169ec3e851e369358ef6e37792b1d3cd6ae56f948c26b4241f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119607
x-xss-protection
0
server
cafe
etag
11808999958306423375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 07:17:02 GMT
media
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?site_id=1236&unit_id=5023
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
3f71c02492d45649f5009cd77647eb94cfb5c4d0c22f8db3b5f529cdb232d30a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
hit
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit?t41.13;r;s1600*1200*24;uhttps%3A//wona.com.ua/;h%u25BA%20%u0416%u0456%u043D%u043E%u0447%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0412%u041E%u041D%u0410%20...
  • https://counter.yadro.ru/hit?q;t41.13;r;s1600*1200*24;uhttps%3A//wona.com.ua/;h%u25BA%20%u0416%u0456%u043D%u043E%u0447%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0412%u041E%u041D%u0410%...
104 B
590 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit?q;t41.13;r;s1600*1200*24;uhttps%3A//wona.com.ua/;h%u25BA%20%u0416%u0456%u043D%u043E%u0447%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0412%u041E%u041D%u0410%20%u2764%20WONA.com.ua%20-%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0442%u0430%20%u043F%u0443%u0431%u043B%u0456%u043A%u0430%u0446%u0456%u0457;0.30532304794285814
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
HTTP/1.1
Server
88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
host204.rax.ru
Software
nginx/1.17.9 /
Resource Hash
c8e43d6643c8025468209470469d68f77f11ad7720c324d43e38051603f31b9e
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 07:17:02 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
image/gif
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Length
104
Expires
Fri, 26 Nov 2021 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 27 Nov 2022 07:17:02 GMT
Strict-Transport-Security
max-age=86400
Server
nginx/1.17.9
Content-Type
text/html
Location
https://counter.yadro.ru/hit?q;t41.13;r;s1600*1200*24;uhttps%3A//wona.com.ua/;h%u25BA%20%u0416%u0456%u043D%u043E%u0447%u0438%u0439%20%u0436%u0443%u0440%u043D%u0430%u043B%20%u0412%u041E%u041D%u0410%20%u2764%20WONA.com.ua%20-%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0442%u0430%20%u043F%u0443%u0431%u043B%u0456%u043A%u0430%u0446%u0456%u0457;0.30532304794285814
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Cache-control
no-cache
Connection
keep-alive
Content-Length
32
Expires
Fri, 26 Nov 2021 21:00:00 GMT
branding
a4p.adpartner.pro/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=5289&0.713662739358738
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
8a2f59c8972ea5a16f4e41eca949158a6d3f8b04ccee5e26affd855afa5c229e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
bs-icons.woff
wona.com.ua/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wona.com.ua/wp-content/plugins/better-adsmanager/includes/libs/better-framework/assets/fonts/bs-icons.woff
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/wp-content/litespeed/css/bfef4edc09a856e0f6f53550791beefe.css?ver=65015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c

Request headers

Referer
https://wona.com.ua/wp-content/litespeed/css/bfef4edc09a856e0f6f53550791beefe.css?ver=65015
Origin
https://wona.com.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:02 GMT
last-modified
Sat, 04 Sep 2021 21:52:36 GMT
server
LiteSpeed
vary
User-Agent
content-type
application/x-font-woff
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
13852
expires
Mon, 27 Nov 2023 07:17:02 GMT
collect
www.google-analytics.com/ 		35 B
437 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/wp-content/litespeed/js/e9b0c9d4c26015030e017fdcaa0d3d5c.js?ver=65015
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://wona.com.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 07:17:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://wona.com.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.html
cdn.admixer.net/scripts3/51428/ Frame ABDE 		738 B
518 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/51428/c.html?b=51428
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://wona.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 27 Nov 2022 07:17:02 GMT
etag
W/"6375fd72-2e2"
expires
Sat, 18 Nov 2023 09:24:11 GMT
last-modified
Thu, 17 Nov 2022 09:22:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-11-17T09:24:11+00:00
x-id
fr5-up-gc29
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/51428/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/51428/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Sun, 27 Nov 2022 07:17:02 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:56 GMT
server
nginx
etag
W/"6375fd70-5d41"
vary
Accept-Encoding
x-cached-since
2022-11-17T09:24:11+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 18 Nov 2023 09:24:11 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/51428/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/51428/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::62 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Sun, 27 Nov 2022 07:17:02 GMT
content-encoding
gzip
last-modified
Thu, 17 Nov 2022 09:22:47 GMT
server
nginx
etag
W/"6375fd67-12c39"
vary
Accept-Encoding
x-cached-since
2022-11-17T09:24:11+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Sat, 18 Nov 2023 09:24:11 GMT
baklazhani_v_tomatno_chasnikovomu_sousi_1_2020_09_07_04_59_01-368x440.jpg
wona.com.ua/wp-content/uploads/2022/10/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wona.com.ua/wp-content/uploads/2022/10/baklazhani_v_tomatno_chasnikovomu_sousi_1_2020_09_07_04_59_01-368x440.jpg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
43e186e49ef503c3162f3acda1e00c7905ac267d26342943bc76ec4d37530756

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
last-modified
Thu, 27 Oct 2022 11:45:02 GMT
server
LiteSpeed
vary
User-Agent,Accept
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
32559
expires
Mon, 27 Nov 2023 07:17:03 GMT
svetlana-tarabarova-368x445.jpg
wona.com.ua/wp-content/uploads/2022/11/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wona.com.ua/wp-content/uploads/2022/11/svetlana-tarabarova-368x445.jpg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
6f0c74441b94de1c2d8ced91ad1e5b610829dff84e7dbda0943a435b43f79d99

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
last-modified
Wed, 02 Nov 2022 12:44:13 GMT
server
LiteSpeed
vary
User-Agent,Accept
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
27693
expires
Mon, 27 Nov 2023 07:17:03 GMT
tina-karol-3-368x422.jpg
wona.com.ua/wp-content/uploads/2022/11/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wona.com.ua/wp-content/uploads/2022/11/tina-karol-3-368x422.jpg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
e0a060f984ebabf7bba5d64ba0fb3edbc80a4d4b35e09b159558dc2d3aa49689

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
last-modified
Sat, 19 Nov 2022 14:41:34 GMT
server
LiteSpeed
vary
User-Agent,Accept
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
28268
expires
Mon, 27 Nov 2023 07:17:03 GMT
kateryna-tyshkevich-368x422.jpg
wona.com.ua/wp-content/uploads/2022/11/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wona.com.ua/wp-content/uploads/2022/11/kateryna-tyshkevich-368x422.jpg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
79ae279c4e2bcdf887652ff85836ad4d95b960df822bd38a6e32ea8b3ca1af7d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
last-modified
Sun, 06 Nov 2022 09:58:44 GMT
server
LiteSpeed
vary
User-Agent,Accept
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
24670
expires
Mon, 27 Nov 2023 07:17:03 GMT
kateryna-repyakhova.jpeg
wona.com.ua/wp-content/uploads/2022/11/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wona.com.ua/wp-content/uploads/2022/11/kateryna-repyakhova.jpeg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
acdf994e76884b5e7a8fdbdffe56d9441e22845aa84af85d03a0e8c713ac83b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
last-modified
Sat, 26 Nov 2022 13:44:53 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
18676
expires
Mon, 27 Nov 2023 07:17:03 GMT
taras-tsymbalyuk-1-86x64.jpeg
wona.com.ua/wp-content/uploads/2022/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wona.com.ua/wp-content/uploads/2022/11/taras-tsymbalyuk-1-86x64.jpeg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
3e3f5f27fddd2d2222b9347e2b97934e7a83ab28297a318905a13f1477f29e40

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
last-modified
Sat, 26 Nov 2022 12:46:51 GMT
server
LiteSpeed
vary
User-Agent,Accept
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2122
expires
Mon, 27 Nov 2023 07:17:03 GMT
arsen-mirzoyan-86x64.jpg
wona.com.ua/wp-content/uploads/2022/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wona.com.ua/wp-content/uploads/2022/11/arsen-mirzoyan-86x64.jpg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
344d9c1343afa7bb76aaa8b4746b72b3db3fedf7da5167af34db5cec917df31b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
last-modified
Sat, 26 Nov 2022 14:01:23 GMT
server
LiteSpeed
vary
User-Agent,Accept
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
1977
expires
Mon, 27 Nov 2023 07:17:03 GMT
natalia-mogilevskaya-86x64.jpg
wona.com.ua/wp-content/uploads/2022/11/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wona.com.ua/wp-content/uploads/2022/11/natalia-mogilevskaya-86x64.jpg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
5f54c4384f441c4ec5740570b2fce88871cbaa132eaba462e61e12190e513cb9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
last-modified
Sat, 26 Nov 2022 09:36:45 GMT
server
LiteSpeed
vary
User-Agent,Accept
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2360
expires
Mon, 27 Nov 2023 07:17:03 GMT
dmytro-komarov-86x64.jpg
wona.com.ua/wp-content/uploads/2022/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wona.com.ua/wp-content/uploads/2022/11/dmytro-komarov-86x64.jpg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
d99ed8bdfc8e1cf268deb0e063569ceac8fb1986a853d8548d0f1bd83899a085

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
last-modified
Fri, 25 Nov 2022 12:01:49 GMT
server
LiteSpeed
vary
User-Agent,Accept
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2631
expires
Mon, 27 Nov 2023 07:17:03 GMT
natalia-denysenko-86x64.jpg
wona.com.ua/wp-content/uploads/2022/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wona.com.ua/wp-content/uploads/2022/11/natalia-denysenko-86x64.jpg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
0483eda6411486c0425b4e3247b87c88ce1dc0818914ebf75e29019bd6ea8338

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
last-modified
Thu, 24 Nov 2022 19:32:32 GMT
server
LiteSpeed
vary
User-Agent,Accept
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2818
expires
Mon, 27 Nov 2023 07:17:03 GMT
kateryna-repyakhova-86x64.jpeg
wona.com.ua/wp-content/uploads/2022/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wona.com.ua/wp-content/uploads/2022/11/kateryna-repyakhova-86x64.jpeg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
96d71e553c89146a12bec2693bd0ab62388dcb669b268c052ab5ce22477b5210

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
last-modified
Sat, 26 Nov 2022 13:44:50 GMT
server
LiteSpeed
vary
User-Agent,Accept
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2633
expires
Mon, 27 Nov 2023 07:17:03 GMT
m27521fc-86x64.jpg
wona.com.ua/wp-content/uploads/2022/11/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wona.com.ua/wp-content/uploads/2022/11/m27521fc-86x64.jpg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.131.28.81 Atlanta, United States, ASN56851 (VPS-UA-AS, UA),
Reverse DNS
81.28.131.31.uavip10.twinservers.net
Software
LiteSpeed /
Resource Hash
6920a280ccf1357e2beb8b77eb3db41a6c80d22ac8993fee603441be81991da8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
last-modified
Fri, 25 Nov 2022 09:23:23 GMT
server
LiteSpeed
vary
User-Agent,Accept
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3122
expires
Mon, 27 Nov 2023 07:17:03 GMT
cookie.js
partner.googleadservices.com/gampad/ 		389 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=wona.com.ua&callback=_gfp_s_&client=ca-pub-2561805517948093&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2561805517948093&plah=wona.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d96c6c2809c2fc4646938b2cb16e72995f5a557bbe141f6c8f196da12f988d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
250
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=wona.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2561805517948093&plah=wona.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=wona.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2561805517948093&plah=wona.com.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 92CA 		430 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2561805517948093&output=html&h=120&slotname=4274494260&adk=1869520095&adf=2323876479&pi=t.ma~as.4274494260&w=980&lmt=1669533422&format=980x120&url=https%3A%2F%2Fwona.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533422660&bpp=3&bdt=591&idt=227&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&correlator=2058865773544&frm=20&pv=2&ga_vid=835582379.1669533423&ga_sid=1669533423&ga_hid=480703524&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=374&ady=550&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774648%2C42531706%2C44774652%2C44776361%2C44773745&oid=2&pvsid=2506577170404722&tmod=1809648624&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=heDhnS7dIV&p=https%3A//wona.com.ua&dtd=244
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2561805517948093&plah=wona.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bedf1ad2adaedc3cd1cde2f2bd01fa666dd9bd96c82d9455c2421bd1cb9aaf70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wona.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
207
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 07:17:03 GMT
expires
Sun, 27 Nov 2022 07:17:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8432 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2561805517948093&output=html&adk=1812271804&adf=3025194257&lmt=1669533422&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwona.com.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533422711&bpp=3&bdt=642&idt=208&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=980x120&nras=1&correlator=2058865773544&frm=20&pv=1&ga_vid=835582379.1669533423&ga_sid=1669533423&ga_hid=480703524&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44774648%2C42531706%2C44774652%2C44776361%2C44773745&oid=2&pvsid=2506577170404722&tmod=1809648624&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=214
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2561805517948093&plah=wona.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wona.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 07:17:03 GMT
expires
Sun, 27 Nov 2022 07:17:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
branding.min.js
a4p.adpartner.pro/apstc/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.428
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=5289&0.713662739358738
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
cache-control
no-store no-transform
content-encoding
br
last-modified
Thu, 17 Nov 2022 09:59:21 GMT
server
nginx
etag
W/"637605f9-35bf"
content-type
application/javascript
tt
a4p.adpartner.pro/ Frame E42F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=undefined&session_pageview=1&session_id=45448fc1-c76c-40a3-95df-19874e08b4a1&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=5289&0.713662739358738
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Referer
https://wona.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
date
Sun, 27 Nov 2022 07:17:03 GMT
server
nginx
ls
a4p.adpartner.pro/branding/ Frame A818 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding/ls?branding=5289&bannerNum=21490276483438196&apuid=708cee6d-e5b2-4bc2-ac92-0125fbf659b7&session_pageview=1&session_id=45448fc1-c76c-40a3-95df-19874e08b4a1&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding?id=5289&0.713662739358738
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
6dfd4fb6fd5695927fea9b5663a2a9d2dd386fe1809fcd5b15094e218fb7d690

Request headers

Referer
https://wona.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 27 Nov 2022 07:17:03 GMT
server
nginx
media.min.js
a4p.adpartner.pro/apstc/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/apstc/media.min.js?v=1.1.428
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=1236&unit_id=5023
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
cache-control
no-store no-transform
content-encoding
br
last-modified
Thu, 17 Nov 2022 09:59:21 GMT
server
nginx
etag
W/"637605f9-3ac0"
content-type
application/javascript
ls
a4p.adpartner.pro/media/ Frame 3AB8 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media/ls?mediaunit=5023&apuid=708cee6d-e5b2-4bc2-ac92-0125fbf659b7&session_pageview=1&session_id=45448fc1-c76c-40a3-95df-19874e08b4a1&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media?site_id=1236&unit_id=5023
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
63979633b904a160f4436fad09090379798df4685f6a06b05dd13756a3484de5

Request headers

Referer
https://wona.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store no-transform
content-encoding
br
content-type
text/html; charset=utf-8
date
Sun, 27 Nov 2022 07:17:03 GMT
server
nginx
analytics.js
www.google-analytics.com/ Frame A818 		49 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=5289&bannerNum=21490276483438196&apuid=708cee6d-e5b2-4bc2-ac92-0125fbf659b7&session_pageview=1&session_id=45448fc1-c76c-40a3-95df-19874e08b4a1&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 27 Nov 2022 07:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
69
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Sun, 27 Nov 2022 09:15:54 GMT
branding
a4p.adpartner.pro/ Frame A818 		1 KB
886 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/branding?id=5289&session_id=45448fc1-c76c-40a3-95df-19874e08b4a1&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/branding/ls?branding=5289&bannerNum=21490276483438196&apuid=708cee6d-e5b2-4bc2-ac92-0125fbf659b7&session_pageview=1&session_id=45448fc1-c76c-40a3-95df-19874e08b4a1&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
5a37357fe0dc5c0d757e944ba2ef0144d96d17dfc19a3d45dc0dc284d6127ffb

Request headers

Referer
https://a4p.adpartner.pro/branding/ls?branding=5289&bannerNum=21490276483438196&apuid=708cee6d-e5b2-4bc2-ac92-0125fbf659b7&session_pageview=1&session_id=45448fc1-c76c-40a3-95df-19874e08b4a1&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
media
a4p.adpartner.pro/ Frame 3AB8 		1 KB
482 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/media?id=5023&session_id=45448fc1-c76c-40a3-95df-19874e08b4a1&session_pageview=1&site_visited=1
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/media/ls?mediaunit=5023&apuid=708cee6d-e5b2-4bc2-ac92-0125fbf659b7&session_pageview=1&session_id=45448fc1-c76c-40a3-95df-19874e08b4a1&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
a81d6839d638285635bf0e2b6b3f92d60234ec6620ff42ebe6a1ac3fb766b424

Request headers

Referer
https://a4p.adpartner.pro/media/ls?mediaunit=5023&apuid=708cee6d-e5b2-4bc2-ac92-0125fbf659b7&session_pageview=1&session_id=45448fc1-c76c-40a3-95df-19874e08b4a1&site_visited=1&location=https%3A%2F%2Fwona.com.ua%2F
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
cache-control
no-store no-transform
content-encoding
br
server
nginx
content-type
text/html; charset=utf-8
background_empty.jpg
file.adpartner.pro/2297/2297844/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297844/background_empty.jpg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:03 GMT
last-modified
Fri, 03 Dec 2021 11:34:25 GMT
server
nginx
etag
"61aa00c1-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
if
a4p.adpartner.pro/tracker/ Frame 2C1C 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522708cee6d-e5b2-4bc2-ac92-0125fbf659b7%2522%252C%2522event%2522%253A%2522visible_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297844%252C%2522rule_id%2522%253A209962%252C%2522show_id%2522%253A%2522b9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%2522%257D%255D%252C%2522unit_id%2522%253A5289%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522b9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwona.com.ua%25252F%2522%257D
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 27 Nov 2022 07:17:03 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 9881 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522708cee6d-e5b2-4bc2-ac92-0125fbf659b7%2522%252C%2522event%2522%253A%2522dry_real_show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A0%252C%2522rule_id%2522%253A0%252C%2522show_id%2522%253A%2522%2522%257D%255D%252C%2522unit_id%2522%253A5023%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fwona.com.ua%252F%2522%257D
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 27 Nov 2022 07:17:03 GMT
expires
0
pragma
no-cache
server
nginx
wona.com.ua_160x600_br11.html
file.adpartner.pro/2297/2297844/ Frame 7CF9 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://file.adpartner.pro/2297/2297844/wona.com.ua_160x600_br11.html?content_width=1190px&background_size=2077.090909090909&top_padding=0&side_width=205&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fbackground_empty.jpg&unit_num=5289_21490276483438196&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F5289%2F2297844%2Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D490239fba68467de2ce51c155e8cb48f
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/apstc/branding.min.js?v=1.1.428
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
7235a3708c37b45ba47fe0aef331fe7bbdb6ea337f7b614fb55f5009d416efd8

Request headers

Referer
https://wona.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-store
content-encoding
gzip
content-type
text/html
date
Sun, 27 Nov 2022 07:17:03 GMT
etag
W/"62947d93-ce9"
last-modified
Mon, 30 May 2022 08:17:23 GMT
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 6B75 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522708cee6d-e5b2-4bc2-ac92-0125fbf659b7%2522%252C%2522event%2522%253A%2522load%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297844%252C%2522rule_id%2522%253A209962%252C%2522show_id%2522%253A%2522b9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%2522%257D%255D%252C%2522unit_id%2522%253A5289%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522b9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwona.com.ua%25252F%2522%257D
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 27 Nov 2022 07:17:03 GMT
expires
0
pragma
no-cache
server
nginx
if
a4p.adpartner.pro/tracker/ Frame 23D7 		0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a4p.adpartner.pro/tracker/if?data=%257B%2522apuid%2522%253A%2522708cee6d-e5b2-4bc2-ac92-0125fbf659b7%2522%252C%2522event%2522%253A%2522show%2522%252C%2522ad_id%2522%253A%255B%257B%2522ad_id%2522%253A2297844%252C%2522rule_id%2522%253A209962%252C%2522show_id%2522%253A%2522b9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%2522%257D%255D%252C%2522unit_id%2522%253A5289%252C%2522region_id%2522%253A112%252C%2522sub_region_id%2522%253A0%252C%2522city_id%2522%253A0%252C%2522apsid%2522%253A%2522b9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%2522%252C%2522url%2522%253A%2522https%25253A%25252F%25252Fwona.com.ua%25252F%2522%257D
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.38.197.123 , France, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-01.adpartner.pro
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate no-store no-transform
content-length
0
content-type
image/gif
date
Sun, 27 Nov 2022 07:17:03 GMT
expires
0
pragma
no-cache
server
nginx
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 7CF9 		99 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: file.adpartner.pro
URL: https://file.adpartner.pro/2297/2297844/wona.com.ua_160x600_br11.html?content_width=1190px&background_size=2077.090909090909&top_padding=0&side_width=205&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fbackground_empty.jpg&unit_num=5289_21490276483438196&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F5289%2F2297844%2Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D490239fba68467de2ce51c155e8cb48f
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d682087f268bb050baa0df6565ec12ef58f096479646c5f2a0185f5b77eba6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34252
x-xss-protection
0
server
cafe
etag
5092638476876714157
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 07:17:04 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame 7CF9 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c6269d98660443db9f9578af480b83a1c511c5a3a24602492fec3fd3dde2b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119607
x-xss-protection
0
server
cafe
etag
15994130142540813998
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 27 Nov 2022 07:17:04 GMT
integrator.js
adservice.google.de/adsid/ Frame 7CF9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 7CF9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=file.adpartner.pro
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8486 		603 B
69 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_1&adk=2212855638&adf=2310543995&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1653898643&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_21490276483438196%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D490239fba68467de2ce51c155e8cb48f&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533424122&bpp=27&bdt=157&idt=228&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&correlator=3710660711254&frm=22&ife=1&pv=2&ga_vid=1248162908.1669533424&ga_sid=1669533424&ga_hid=490093268&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2176165540&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770881%2C44777949%2C31060566%2C44778768&oid=2&pvsid=3948726022798594&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=1.j834nj8k1de9&fsb=1&xpc=C5jDxrX9r6&p=https%3A//file.adpartner.pro&dtd=246
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 07:17:04 GMT
expires
Sun, 27 Nov 2022 07:17:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C325 		80 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_2&adk=3600042394&adf=162286152&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1653898643&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_21490276483438196%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D490239fba68467de2ce51c155e8cb48f&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533424155&bpp=3&bdt=190&idt=218&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=wona.com.ua_160x600_br_1&correlator=3710660711254&frm=22&ife=1&pv=1&ga_vid=1248162908.1669533424&ga_sid=1669533424&ga_hid=490093268&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2176165540&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770881%2C44777949%2C31060566%2C44778768&oid=2&pvsid=3948726022798594&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.pditxi829aq6&fsb=1&xpc=FYhdM3utzt&p=https%3A//file.adpartner.pro&dtd=223
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c125599284cef8ac657df8c5cdebd8c7b6b1ea622c93fb59a77429109f6b3133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
30625
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 07:17:04 GMT
expires
Sun, 27 Nov 2022 07:17:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C325 		2 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_2&adk=3600042394&adf=162286152&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1653898643&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_21490276483438196%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D490239fba68467de2ce51c155e8cb48f&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533424155&bpp=3&bdt=190&idt=218&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=wona.com.ua_160x600_br_1&correlator=3710660711254&frm=22&ife=1&pv=1&ga_vid=1248162908.1669533424&ga_sid=1669533424&ga_hid=490093268&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2176165540&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770881%2C44777949%2C31060566%2C44778768&oid=2&pvsid=3948726022798594&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.pditxi829aq6&fsb=1&xpc=FYhdM3utzt&p=https%3A//file.adpartner.pro&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 11:55:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
69709
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 11:55:15 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame C325 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_2&adk=3600042394&adf=162286152&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1653898643&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_21490276483438196%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D490239fba68467de2ce51c155e8cb48f&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533424155&bpp=3&bdt=190&idt=218&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=wona.com.ua_160x600_br_1&correlator=3710660711254&frm=22&ife=1&pv=1&ga_vid=1248162908.1669533424&ga_sid=1669533424&ga_hid=490093268&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2176165540&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770881%2C44777949%2C31060566%2C44778768&oid=2&pvsid=3948726022798594&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.pditxi829aq6&fsb=1&xpc=FYhdM3utzt&p=https%3A//file.adpartner.pro&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 07:15:22 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C325 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_2&adk=3600042394&adf=162286152&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1653898643&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_21490276483438196%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D490239fba68467de2ce51c155e8cb48f&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533424155&bpp=3&bdt=190&idt=218&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=wona.com.ua_160x600_br_1&correlator=3710660711254&frm=22&ife=1&pv=1&ga_vid=1248162908.1669533424&ga_sid=1669533424&ga_hid=490093268&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2176165540&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770881%2C44777949%2C31060566%2C44778768&oid=2&pvsid=3948726022798594&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.pditxi829aq6&fsb=1&xpc=FYhdM3utzt&p=https%3A//file.adpartner.pro&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 17:59:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
47829
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 17:59:55 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame C325 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_2&adk=3600042394&adf=162286152&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1653898643&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_21490276483438196%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D490239fba68467de2ce51c155e8cb48f&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533424155&bpp=3&bdt=190&idt=218&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=wona.com.ua_160x600_br_1&correlator=3710660711254&frm=22&ife=1&pv=1&ga_vid=1248162908.1669533424&ga_sid=1669533424&ga_hid=490093268&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2176165540&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770881%2C44777949%2C31060566%2C44778768&oid=2&pvsid=3948726022798594&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.pditxi829aq6&fsb=1&xpc=FYhdM3utzt&p=https%3A//file.adpartner.pro&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 12:23:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
67996
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 10 Dec 2022 12:23:48 GMT
l
www.google.com/ads/measurement/ Frame C325 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ0dOc9CFMpyZhnTvWCTFm7oqv_SkNk9mirA9WzQCwpb-YwGZntinDqSLKdy-lANhOfHaStfXfqikHzRjgfKaIE73spQg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_2&adk=3600042394&adf=162286152&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1653898643&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_21490276483438196%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D490239fba68467de2ce51c155e8cb48f&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533424155&bpp=3&bdt=190&idt=218&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=wona.com.ua_160x600_br_1&correlator=3710660711254&frm=22&ife=1&pv=1&ga_vid=1248162908.1669533424&ga_sid=1669533424&ga_hid=490093268&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2176165540&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770881%2C44777949%2C31060566%2C44778768&oid=2&pvsid=3948726022798594&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.pditxi829aq6&fsb=1&xpc=FYhdM3utzt&p=https%3A//file.adpartner.pro&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C325 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_2&adk=3600042394&adf=162286152&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1653898643&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_21490276483438196%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D490239fba68467de2ce51c155e8cb48f&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533424155&bpp=3&bdt=190&idt=218&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=wona.com.ua_160x600_br_1&correlator=3710660711254&frm=22&ife=1&pv=1&ga_vid=1248162908.1669533424&ga_sid=1669533424&ga_hid=490093268&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2176165540&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770881%2C44777949%2C31060566%2C44778768&oid=2&pvsid=3948726022798594&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.pditxi829aq6&fsb=1&xpc=FYhdM3utzt&p=https%3A//file.adpartner.pro&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 07:17:04 GMT
f7733d2b54a65c984752ab0a98c7def9.js
www.gstatic.com/mysidia/ Frame C325 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f7733d2b54a65c984752ab0a98c7def9.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_2&adk=3600042394&adf=162286152&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1653898643&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_21490276483438196%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D490239fba68467de2ce51c155e8cb48f&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533424155&bpp=3&bdt=190&idt=218&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=wona.com.ua_160x600_br_1&correlator=3710660711254&frm=22&ife=1&pv=1&ga_vid=1248162908.1669533424&ga_sid=1669533424&ga_hid=490093268&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2176165540&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770881%2C44777949%2C31060566%2C44778768&oid=2&pvsid=3948726022798594&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.pditxi829aq6&fsb=1&xpc=FYhdM3utzt&p=https%3A//file.adpartner.pro&dtd=223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 15:56:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
228053
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14118
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 13:59:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 Feb 2023 15:56:11 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 7CF9 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
196911f2e8b5f61d98123edddc6e8c9314761c8b69b5d572c2f07f30a2db0a47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11166
x-xss-protection
0
background_empty.jpg
file.adpartner.pro/2297/2297844/ Frame 7CF9 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://file.adpartner.pro/2297/2297844/background_empty.jpg
Requested by
Host: wona.com.ua
URL: https://wona.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.123.132.26 Kyiv, Ukraine, ASN35680 (VOLIA, UA),
Reverse DNS
26.132.123.77.colo.static.dcvolia.com
Software
nginx /
Resource Hash
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/2297/2297844/wona.com.ua_160x600_br11.html?content_width=1190px&background_size=2077.090909090909&top_padding=0&side_width=205&bg_url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fbackground_empty.jpg&unit_num=5289_21490276483438196&url=https%3A%2F%2Fa4p.adpartner.pro%2Fclick%2F5289%2F2297844%2Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%3Fdata%3DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%3D%3D%26hash%3D490239fba68467de2ce51c155e8cb48f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:05 GMT
last-modified
Fri, 03 Dec 2021 11:34:25 GMT
server
nginx
etag
"61aa00c1-3439"
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
no-store
accept-ranges
bytes
content-length
13369
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2561805517948093&plah=wona.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c8ee42e2a04abc171507d433d9f8bf82ba53ba8c65416eb9f3bb847607bbcc9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10944
x-xss-protection
0
14604051398400061223
tpc.googlesyndication.com/daca_images/simgad/ Frame C325 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/14604051398400061223?w=180&h=360
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
732a467728d96ed90aacdef680c96e98fa6ac404be9a356dbaeeb6861a5a06ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:05 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11346
x-xss-protection
0
last-modified
Sat, 26 Nov 2022 21:55:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 04 Dec 2022 07:17:05 GMT
truncated
/ Frame C325 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7bd890467901618e27ce5aa01218dbeaf2f16b9ccc56f778391f3c0e5efbe722

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 0918 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9597688850300628&output=html&h=600&slotname=wona.com.ua_160x600_br_2&adk=3600042394&adf=162286152&pi=t.ma~as.wona.com.ua_160x600_&w=160&lmt=1653898643&url=https%3A%2F%2Ffile.adpartner.pro%2F2297%2F2297844%2Fwona.com.ua_160x600_br11.html%3Fcontent_width%3D1190px%26background_size%3D2077.090909090909%26top_padding%3D0%26side_width%3D205%26bg_url%3Dhttps%253A%252F%252Ffile.adpartner.pro%252F2297%252F2297844%252Fbackground_empty.jpg%26unit_num%3D5289_21490276483438196%26url%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fclick%252F5289%252F2297844%252Fb9e7fb9a-8d3c-4659-b1aa-e9e3c3e0295d%253Fdata%253DeyJjcmVhdGVkX2F0IjoxNjY5NTMzNDIzLCJzaG93X2lkIjoiYjllN2ZiOWEtOGQzYy00NjU5LWIxYWEtZTllM2MzZTAyOTVkIiwiYWRfdW5pdF9pZCI6NTI4OSwicnVsZV9pZCI6MjA5OTYyLCJhZF9pZCI6MjI5Nzg0NCwiZGF0YV9zb3VyY2UiOiIiLCJwbGF0Zm9ybV9pZCI6MSwib3NfaWQiOjUsImJyb3dzZXJfaWQiOjEsImN1c3RvbWVyX2lkIjoiNzA4Y2VlNmQtZTViMi00YmMyLWFjOTItMDEyNWZiZjY1OWI3IiwicmVnaW9uX2lkIjoxMTIsInN1Yl9yZWdpb25faWQiOjAsImNpdHlfaWQiOjAsImlzX3JlZnJlc2giOmZhbHNlfQ%253D%253D%2526hash%253D490239fba68467de2ce51c155e8cb48f&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669533424155&bpp=3&bdt=190&idt=218&shv=r20221110&mjsv=m202211100101&ptt=5&saldr=sa&prev_slotnames=wona.com.ua_160x600_br_1&correlator=3710660711254&frm=22&ife=1&pv=1&ga_vid=1248162908.1669533424&ga_sid=1669533424&ga_hid=490093268&ga_fc=0&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=1600&ish=1200&ifk=2176165540&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C42531705%2C44770881%2C44777949%2C31060566%2C44778768&oid=2&pvsid=3948726022798594&uas=0&nvt=1&top=https%3A%2F%2Fwona.com.ua%2F&eae=0&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeE%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=2&uci=2.pditxi829aq6&fsb=1&xpc=FYhdM3utzt&p=https%3A//file.adpartner.pro&dtd=223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 18:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Nov 2023 18:37:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 7CF9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9597688850300628&plah=file.adpartner.pro
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 07:17:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2561805517948093&plah=wona.com.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 27 Nov 2022 07:17:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E43A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
35478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 21:25:47 GMT
expires
Sun, 26 Nov 2023 21:25:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame FDC0 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
df0d8e43a49075d107a8ba07ad44774dde1d24f9541d1821fa0e9dfb83a90781
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5f-aESrblQv0DqSUusEWeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://file.adpartner.pro/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-5f-aESrblQv0DqSUusEWeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 07:17:05 GMT
expires
Sun, 27 Nov 2022 07:17:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0C3D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wona.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
35478
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 26 Nov 2022 21:25:47 GMT
expires
Sun, 26 Nov 2023 21:25:47 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5C82 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6b8044556d65d07d86610922afdbf977271bcf5323d656dafade7e5bd3172546
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-revSu_Kdqlm8Lmis5e8i8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wona.com.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-revSu_Kdqlm8Lmis5e8i8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 27 Nov 2022 07:17:05 GMT
expires
Sun, 27 Nov 2022 07:17:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame E43A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 18:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Nov 2023 18:37:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame FDC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3948726022798594&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 5C82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=2506577170404722&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 0C3D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 26 Nov 2022 18:37:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 26 Nov 2023 18:37:24 GMT
generate_204
tpc.googlesyndication.com/ Frame E43A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?HwtEhw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0C3D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Yn9Fcg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:17:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame C325 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvCMe5ZcMXWDU_FIlcW_8uXZAhGWBf7l6SPqG3l4N1pn2asnXye3gM9ggoE-Xxx0X1gr4bkKnhR864XnZRazmiLb2zQeGSmgIes-ANmCw9QshkIb7KUb-jnoPdFNbeqHzzxryhFfw&sai=AMfl-YQ0NLioVRjlJ3pB6bd0gkxQXG0SkT7n2HL1GiJuu2B4x6Mpjxvzp4u9MmqugQXpL8uI9Wv_LYXRjJ-F0_1ARq0LbT-9ySlZ-0lHtA&sig=Cg0ArKJSzBJRKqAb0idtEAE&cid=CAQSKQDq26N9EmBsBBqcS7kF5AQ83oY7889ioFSS3KiRBOA57W_qlYv_BfshGAEgEw&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3600042394&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1669533424380&rpt=653&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 27 Nov 2022 07:17:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7CF9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3948726022798594&bg=!u7iluPzNAAbvMpMzzzI7ACkAdvg8WtvBXe99gRFBXo5qxwe385uZRaina7pZID0cfh4OLw6UEoFp4AIAAAB9UgAAAAVoAQcKADs2whFL8VLssPOWCbtZWta9jdZOc1d1ieTB-rEBQPgxBRkB-X63Pmja5ZMK2YR3B3rE643etsbw0MY0UZkC0jr2xVTNuXr3-chsB6tTPzm_L3yAz0IPdoI15anQNGa3qu5ViPkYO8EXVIty1bUPq20LdbFXIkqrLOGlqRC58__M17MrqaWs2vn1MNOOa93FueukcYb-CM8ZfbcoTQxFQk8D-JinR393XVqXp_K3J7utdPyN1dOBXGejlfRd829EntMzNifO_zkk6Z7BRbwSVkbd0otw-yk-14IU023oNTrJW3Qn8klQIZOEjWFcLynF546-ybdqvWyCkzmMYjtLY4ekbsna4t2rRRduwK5kIACIdpPgyKpKx_VoKr8iIeippPtVQtElhzrEoZK_vqEOlNqOq5tVTJBj-ir0tScW43lHU8zF_MWVuc3GbXgsj0-gnAV_I0hfQMxryD3-FvuXWakqC78Emoyh83CpxXzT0oRwIlcOHDINNKFQAjTA8wTUmouYJxqAVXjD8L3MrYmEzo5gLCInTsV7pLQFtWpF7UCUGd6Yfq3Pngu_TWWixXr76S6F6vJIP0XdVmvE_t2KxYb1TxVsdVKRoZxVShQPmJVz5vIhDkTX7tIi2bAdGBWPpq_eFi1ruZ7iQOTAert4mVckv_OLEj9cXaVozyyd5aIohzUyDNBa6ItmTnsIGs7iFHWj9iFqxN6z3ZruVVawJRFLbsFxODrezbCe6-o9GcfS8spWq70zw0sStQZmt2xoT6ak51gxqKUM7L_9-OL5cR0nXyJdefp2b44sBO5TTYImLyg2JsqYbGV0IDiEGf-ZxHrb3pJCDcv1IPClOST5DbMg1dyArcMZcO8tFZs_q1_H1FV0D3iZEFuOIkPTJ9zW2KQRnWSoNvAJkltBjJqyXCwi5YbAZ6M1_2qh5buzX7jwhVXOkaBbmtntaF_YO8j_4Dqz3IOuZ0iHE8j_7pIN5pCNE2stroBb7-Eimtz-SLueO7IVACWASw6hgQjbCBKe4lB21Zb-oEeFU-iy0O3ywwfB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://file.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=2506577170404722&bg=!-_il-LzNAAbvMpMzzzI7ACkAdvg8Wk_Lwnfd5-hm8HVzL_36XaZgMhqy0H6-JLW0OfnmyRV-uK0IBAIAAABiUgAAAAhoAQeZAqguDYAMpzZ1eR3nLsFw1AlV5Vn5-RSo6sr8QdP_IBaLBabk40zW8I2Vk-1UTq9Zj_Y4fS-5J8eJaU0FzTAq_wjxN0Y0ZuXqE-fMQ7XgUaWJNPTSq1igMlJkGQDsmLd6PBqDmO99kt0dJcQlrs_tWOOJffyqB37j4N76rVjRuZMvqkdcp2nXUm5-iMEhtpsauJYlUt2vA1isdGWfzpcDZya0-uW01Y1PapkhsVI4d5AokMU6iWGQZLIPABq6BRfy0RNqx_ziKcVOouBCTVAavX4miDx4JjcaSLQFVGKuChtBoHM6vmKYIKUPltI_jw3HP6Od7cYyZxivrdM8AN2wkWnJC8fNphZoVeZmdk_7x6BdTJ4wEikFcUXSnkUEZQgEextLyx9xjsxZuKjiPdGFKYupz-mZQBQSBo6fPw5VVjvehQYzaWoBhL8plqLQrO2XmKGX8Jpuyj7r5ihkZGFAcRvebt-h2wC-VZ5jloQmqOpk9PLBTM1vsOGAOjZAFPvN8yKgWbHbI8wd9YRsLoyCBezpEUyMYDd_S9cUVG1D3XXvBfyVmf4TuwZ0hlsyEg_7An9SkWEEP8V_swd6J-usxOkvj8mzqZDTqsNSTcCdsBDSLJD_Al0TbOa-dHqsWUkue2RmRhnARzD9-7M0Rln0ywHudd4H7ToNjTNWDEjBclB-fQlUKvqiws9deHUSkD3KM6WcPQZedevrKIiuMq6I_pl9TREYelJ7Q2jj7cWkRUDItDk7Jk1cY03fnNpVDGHfYWfwf9GHAkjLWtYpn3eO40LNOixT0MLTgG-Q09AtpbhPOQo6zKpffVcedVoi0mNqsnKGNX8sE81vWaHHm3nd5cV-dYgLEytzYJ6ie5nryjcwZGwZehDP1QNukhtwwn8hw9rT7f9vTW_uLA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://wona.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| WebFontConfig object| WebFont undefined| $ function| jQuery object| globalAmlAds object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint function| adsenseLoaderConfig function| adsenseLoader number| betterads_screen_width object| size object| betterads_el object| betterads_el_width number| betterads_el_width_raw object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map object| bs_pagination_loc object| publisher_theme_global_loc object| publisher_theme_ajax_search_loc string| GA_ID object| anjdy object| Better_Social_Counter boolean| pp_alreadyInitialized object| $bs_sticky_sidebars object| docCookies object| Publisher_UI object| Publisher_Theme function| vc_js function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer function| vc_setHoverBoxPerspective function| vc_setHoverBoxHeight function| vc_prepareHoverBox boolean| better_ads_adblock function| getEmPixels function| elementQuery function| Blazy function| OnScreen boolean| blockFotoramaData string| fotoramaVersion function| EvEmitter function| imagesLoaded function| bsrj_retinajs object| ma number| google_rum_task_id_counter object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad boolean| doresize object| scroll_pos boolean| hashtag function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| hb_dmx_res number| bannerNum object| adexOpt object| APC string| unitNum object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID boolean| initVisitTime object| logVisitTime number| sessionPageview object| result string| key string| apuid object| sessionData object| loadedBanners object| onMainScriptLoad object| loadAdpartnerBranding string| scr object| div object| x number| len undefined| newScript number| loadingMedia object| adPartnerMediaAd object| place function| adpartnerBranding function| adpartnerMedia object| onMainScriptLoad5023 object| banner5289_21490276483438196 object| banner5023 object| ap_br_img number| k object| GoogleGcLKhOms object| google_image_requests

12 Cookies

Domain/Path Name / Value
wona.com.ua/ Name:
Value: store.test
.yadro.ru/ Name: FTID
Value: 1ZWmxk34gWuS1ZWmxk002F-g
.yadro.ru/ Name: VID
Value: 21NN-i17LdeS1ZWmxk002F_c
.wona.com.ua/ Name: __gads
Value: ID=4e92f1450479d32d-2286589c81d70095:T=1669533423:RT=1669533423:S=ALNI_MZJ8w0KChC5TLAbjCVaI95p_fCg-w
.wona.com.ua/ Name: __gpi
Value: UID=00000b88e71b5487:T=1669533423:RT=1669533423:S=ALNI_MZ9_cKDSzaSTDXDcWMXnN6L8on8dA
wona.com.ua/ Name: session_id
Value: 45448fc1-c76c-40a3-95df-19874e08b4a1
wona.com.ua/ Name: session_pageview
Value: 1669533423.1
wona.com.ua/ Name: site_visited
Value: 1669619823.1
wona.com.ua/ Name: lapuid
Value: 708cee6d-e5b2-4bc2-ac92-0125fbf659b7
a4p.adpartner.pro/ Name: apuid
Value: 708cee6d-e5b2-4bc2-ac92-0125fbf659b7
a4p.adpartner.pro/ Name: apudmg
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUm0sVmDegYQ2Ahp-PKCmSzNqPaV3hoIGNPYwloSjVk7lM3ipEqyrPmqVYvpq9Y

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4p.adpartner.pro
adservice.google.com
adservice.google.de
cdn.admixer.net
counter.yadro.ru
file.adpartner.pro
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
wona.com.ua
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
2a00:1450:4001:800::2001
2a00:1450:4001:803::2002
2a00:1450:4001:806::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::200e
2a03:90c0:41:2801::62
31.131.28.81
54.38.197.123
77.123.132.26
88.212.201.204
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0483eda6411486c0425b4e3247b87c88ce1dc0818914ebf75e29019bd6ea8338
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
196911f2e8b5f61d98123edddc6e8c9314761c8b69b5d572c2f07f30a2db0a47
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d682087f268bb050baa0df6565ec12ef58f096479646c5f2a0185f5b77eba6e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
344d9c1343afa7bb76aaa8b4746b72b3db3fedf7da5167af34db5cec917df31b
3e3f5f27fddd2d2222b9347e2b97934e7a83ab28297a318905a13f1477f29e40
3f71c02492d45649f5009cd77647eb94cfb5c4d0c22f8db3b5f529cdb232d30a
43e186e49ef503c3162f3acda1e00c7905ac267d26342943bc76ec4d37530756
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a37357fe0dc5c0d757e944ba2ef0144d96d17dfc19a3d45dc0dc284d6127ffb
5c6269d98660443db9f9578af480b83a1c511c5a3a24602492fec3fd3dde2b62
5f54c4384f441c4ec5740570b2fce88871cbaa132eaba462e61e12190e513cb9
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
63979633b904a160f4436fad09090379798df4685f6a06b05dd13756a3484de5
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6920a280ccf1357e2beb8b77eb3db41a6c80d22ac8993fee603441be81991da8
6b8044556d65d07d86610922afdbf977271bcf5323d656dafade7e5bd3172546
6dfd4fb6fd5695927fea9b5663a2a9d2dd386fe1809fcd5b15094e218fb7d690
6f0c74441b94de1c2d8ced91ad1e5b610829dff84e7dbda0943a435b43f79d99
6f58202a14e2dcb4c672d6e9f0881ddc2b4e88225a97aadd940400a7377ee02d
71849c671a5e607e906ff0d436236bdf6b14950397ad37e5daf0540eb9c84f58
7235a3708c37b45ba47fe0aef331fe7bbdb6ea337f7b614fb55f5009d416efd8
732a467728d96ed90aacdef680c96e98fa6ac404be9a356dbaeeb6861a5a06ab
766b7afcec56cda913bd7b027b5888b296add4088f367a54d89073190f4a2d80
7728946db189aa5afd0b17d585fd24521909793a688ec2ef72c019a8bf92dc97
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
79ae279c4e2bcdf887652ff85836ad4d95b960df822bd38a6e32ea8b3ca1af7d
7bd890467901618e27ce5aa01218dbeaf2f16b9ccc56f778391f3c0e5efbe722
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
86785aca6fc8dddf864d7181f70ccee6f8b23b862ac3f78df065ed909c5b746e
8a2f59c8972ea5a16f4e41eca949158a6d3f8b04ccee5e26affd855afa5c229e
8bd7e75c205b1650b2b9feb33de1565ec74c9213a030f287e5005e726daf9d6c
8d96c6c2809c2fc4646938b2cb16e72995f5a557bbe141f6c8f196da12f988d9
96d71e553c89146a12bec2693bd0ab62388dcb669b268c052ab5ce22477b5210
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5655fe77c6fcf660b7b84b20f2dc78f8d68dccf3def39c02df75cf601c6f87d
a81d6839d638285635bf0e2b6b3f92d60234ec6620ff42ebe6a1ac3fb766b424
a8447cdec51e85d9e93971a0d4a53bcf6085d70bf1d201662837d2fb953422c7
acdf994e76884b5e7a8fdbdffe56d9441e22845aa84af85d03a0e8c713ac83b8
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bedf1ad2adaedc3cd1cde2f2bd01fa666dd9bd96c82d9455c2421bd1cb9aaf70
c125599284cef8ac657df8c5cdebd8c7b6b1ea622c93fb59a77429109f6b3133
c6a7dda53ed1e87ab2356cfb8db2b524abd31d444761239bd1f53a1c190a5696
c8e43d6643c8025468209470469d68f77f11ad7720c324d43e38051603f31b9e
c8ee42e2a04abc171507d433d9f8bf82ba53ba8c65416eb9f3bb847607bbcc9f
c9a290d9b6213e394d2d308a9e193b06f2773b1ac247317f41df41211e6bc77a
d028ff06991dab0e77014a91995a9c0d6672a90e68edc339cd62a566fe361ace
d99ed8bdfc8e1cf268deb0e063569ceac8fb1986a853d8548d0f1bd83899a085
df0d8e43a49075d107a8ba07ad44774dde1d24f9541d1821fa0e9dfb83a90781
e0a060f984ebabf7bba5d64ba0fb3edbc80a4d4b35e09b159558dc2d3aa49689
e38da32a84830b379f2d80771d2eeae3c9947bfba3362a129b9ab85b1a046439
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e477ae7f6bb09ed224ba4efc490068a6329cd8854ec468c61c5ce2d5e4062754
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f6587ac0c2edd169ec3e851e369358ef6e37792b1d3cd6ae56f948c26b4241f0
f8dddc457a0f71f45f3ac6fffa8c69b81559a76bbf2b8162cdf68448d97f49f9