marieclaire.ua Open in urlscan Pro
185.149.40.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://marieclaire.ua/
Effective URL:
https://marieclaire.ua/
Submission: On October 02 via api (October 2nd 2022, 7:36:12 am UTC) from GB — Scanned from GB

Summary HTTP 77 Redirects Links 26 Behaviour Indicators

Summary

This website contacted 20 IPs in 7 countries across 13 domains to perform 77 HTTP transactions. The main IP is 185.149.40.93, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is marieclaire.ua.
TLS certificate: Issued by R3 on August 14th 2022. Valid for: 3 months.

This is the only time marieclaire.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	185.149.40.93 185.149.40.93	200000 (UKRAINE-AS) (UKRAINE-AS)
1	142.93.164.141 142.93.164.141	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a00:1450:400... 2a00:1450:400d:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2008	15169 (GOOGLE) (GOOGLE)
5	95.216.24.149 95.216.24.149	24940 (HETZNER-AS) (HETZNER-AS)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:401::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80c::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
2	2404:6800:400... 2404:6800:4007:811::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.102.157 142.250.102.157	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:22::9	15169 (GOOGLE) (GOOGLE)
77	20

30 185.149.40.93 (Ukraine) 1 redirects

ASN200000 (UKRAINE-AS, UA)
PTR: web417.default-host.net

marieclaire.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.93.164.141 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.websitepolicies.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:400d:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.216.24.149 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.149.24.216.95.clients.your-server.de

tt.onthe.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80c::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4007:811::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.102.157 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::200e (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:22::9 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5edndd.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	marieclaire.ua 1 redirects marieclaire.ua	1 MB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	325 KB
6	onthe.io cdn.onthe.io — Cisco Umbrella Rank: 16392 tt.onthe.io — Cisco Umbrella Rank: 13522	19 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 bid.g.doubleclick.net — Cisco Umbrella Rank: 435	56 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41 imasdk.googleapis.com — Cisco Umbrella Rank: 406	129 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 877 r4---sn-4g5edndd.c.2mdn.net — Cisco Umbrella Rank: 461751	1 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	gstatic.com csi.gstatic.com	381 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8962	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
2	websitepolicies.io cdn.websitepolicies.io — Cisco Umbrella Rank: 86812	7 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	645 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	48 KB
77	13

	Domain	Requested by
30	marieclaire.ua	1 redirects marieclaire.ua
10	pagead2.googlesyndication.com	marieclaire.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com imasdk.googleapis.com
5	tt.onthe.io	cdn.onthe.io
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	r4---sn-4g5edndd.c.2mdn.net
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.websitepolicies.io	marieclaire.ua cdn.websitepolicies.io
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	marieclaire.ua
1	cdn.onthe.io	marieclaire.ua
77	20

This site contains links to these domains. Also see Links.

Domain
mcbrandinfluencers.marieclaire.ua
t.me
www.facebook.com
www.instagram.com
www.youtube.com
www.gofundme.com
nemovchi.marieclaire.ua
kadnayhuawei.marieclaire.ua
mastercardxbevza.marieclaire.ua
makeup.marieclaire.ua
newyear2021.marieclaire.ua
sylarivnosti.marieclaire.ua
colgatesmile.marieclaire.ua
babyliss.marieclaire.ua
woolite.marieclaire.ua
www.sexmerkezi.com
www.makatdan.com
www.altyazilitube.com
www.rokettubeturkiye.com
www.xnxxturkiye.com
www.xhamsterturkiye.com
www.brazzershane.com
www.seksflix.com
www.vipseksizle.com
www.2devil.com
www.islandim.com

Subject Issuer	Validity	Valid
marieclaire.ua R3	`2022-08-14` - `2022-11-12`	3 months	crt.sh
*.onthe.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-02` - `2023-07-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-27` - `2023-06-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-13` - `2022-11-22`	2 months	crt.sh

This page contains 8 frames:

Primary Page: https://marieclaire.ua/
Frame ID: 1F6FEECF7FA6764776C7AB70408957C3
Requests: 64 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: CDE6096043A9985AB27AE81D0F606BE0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&adk=1812271804&adf=3025194257&lmt=1664696166&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmarieclaire.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664696165693&bpp=5&bdt=594&idt=440&shv=r20220928&mjsv=m202209270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3404955373864&frm=20&pv=2&ga_vid=1570405184.1664696166&ga_sid=1664696166&ga_hid=853803177&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069962%2C42531705%2C31070009&oid=2&pvsid=3269392200471000&tmod=252739647&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=460
Frame ID: 5FCB7F36A0A8D8240756CAAC3C0A6D44
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5C6A8AB2959C05F3362BEBE79A60DCC0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js
Frame ID: 9FD117F26BEB3E82FD4AA9657798D242
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B8F30014C830397C5176037687BA4F17
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DEC958929DBEA34FB77A07D3C8836EF6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C70AC05F95292112E39E0E797E27AC89
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Marie Claire — женский журнал — все о моде, звездах и красоте

Page URL History Show full URLs

http://marieclaire.ua/ HTTP 301
https://marieclaire.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Page Statistics

77
Requests

99 %
HTTPS

80 %
IPv6

13
Domains

20
Subdomains

20
IPs

7
Countries

1900 kB
Transfer

3251 kB
Size

16
Cookies

26 Outgoing links

These are links going to different origins than the main page.

URL: https://mcbrandinfluencers.marieclaire.ua/
Title: Brand Influencers

Search URL Search Domain Scan URL

URL: https://t.me/marieclaireua
Title: Telegram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/MarieClaireUkraine/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/marieclaire_ua/?hl=uk
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCe7DclpHRjbgyqClkWUMwXg
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.gofundme.com/f/help-finance-ukrainian-journalist-salaries?utm_campaign=p_lico+share-sheet&utm_medium=copy_link&utm_source=customer
Title: <img width="1440" height="460" src="https://marieclaire.ua/wp-content/uploads/2022/05/3ms-1440x460.jpg" class="attachment-1440x460 size-1440x460 wp-post-image" alt="" srcset="https://marieclaire.ua/wp-content/uploads/2022/05/3ms-1440x460.jpg 1440w, https://marieclaire.ua/wp-content/uploads/2022/05/3ms-768x246.jpg 768w, https://marieclaire.ua/wp-content/uploads/2022/05/3ms-1536x491.jpg 1536w, https://marieclaire.ua/wp-content/uploads/2022/05/3ms.jpg 1920w" sizes="(max-width: 1440px) 100vw, 1440px" />

Search URL Search Domain Scan URL

URL: https://nemovchi.marieclaire.ua/
Title: <img width="320" height="180" src="https://marieclaire.ua/wp-content/uploads/2021/12/600-400-320x180.jpg" class="attachment-320x180 size-320x180 wp-post-image" alt="" />AVON

Search URL Search Domain Scan URL

URL: https://kadnayhuawei.marieclaire.ua/
Title: <img width="320" height="180" src="https://marieclaire.ua/wp-content/uploads/2021/11/320-180-320x180.jpg" class="attachment-320x180 size-320x180 wp-post-image" alt="" srcset="https://marieclaire.ua/wp-content/uploads/2021/11/320-180-320x180.jpg 320w, https://marieclaire.ua/wp-content/uploads/2021/11/320-180.jpg 640w" sizes="(max-width: 320px) 100vw, 320px" />На музичній хвилі

Search URL Search Domain Scan URL

URL: https://mastercardxbevza.marieclaire.ua/
Title: <img width="320" height="180" src="https://marieclaire.ua/wp-content/uploads/2021/02/knopka_MS.jpg" class="attachment-320x180 size-320x180 wp-post-image" alt="" />Mastercard

Search URL Search Domain Scan URL

URL: https://makeup.marieclaire.ua/
Title: <img width="320" height="180" src="https://marieclaire.ua/wp-content/uploads/2021/02/Knopka-Spetsproekty-MC.jpg" class="attachment-320x180 size-320x180 wp-post-image" alt="" />Make up

Search URL Search Domain Scan URL

URL: https://newyear2021.marieclaire.ua/
Title: <img width="320" height="180" src="https://marieclaire.ua/wp-content/uploads/2020/12/527h274-320x180.jpg" class="attachment-320x180 size-320x180 wp-post-image" alt="Подарки на весь год" />Подарки на весь год

Search URL Search Domain Scan URL

URL: https://sylarivnosti.marieclaire.ua/
Title: <img width="320" height="180" src="https://marieclaire.ua/wp-content/uploads/2020/12/d0bad0bdd0bed0bfd0bad0b0d09cd0a1.jpg" class="attachment-320x180 size-320x180 wp-post-image" alt="" />Сила в рівності

Search URL Search Domain Scan URL

URL: https://colgatesmile.marieclaire.ua/
Title: <img width="320" height="180" src="https://marieclaire.ua/wp-content/uploads/2020/12/photo_2020-12-24_19-10-28.jpg" class="attachment-320x180 size-320x180 wp-post-image" alt="" />colgate smile

Search URL Search Domain Scan URL

URL: https://babyliss.marieclaire.ua/
Title: <img width="320" height="180" src="https://marieclaire.ua/wp-content/uploads/2020/12/Knopka-320x180.jpg" class="attachment-320x180 size-320x180 wp-post-image" alt="Новорічні зачіски у французькому стилі" srcset="https://marieclaire.ua/wp-content/uploads/2020/12/Knopka-320x180.jpg 320w, https://marieclaire.ua/wp-content/uploads/2020/12/Knopka.jpg 640w" sizes="(max-width: 320px) 100vw, 320px" />Новорічні зачіски у французькому стилі

Search URL Search Domain Scan URL

URL: https://woolite.marieclaire.ua/
Title: <img width="320" height="180" src="https://marieclaire.ua/wp-content/uploads/2020/11/spetsproekty-2.jpg" class="attachment-320x180 size-320x180 wp-post-image" alt="" />Woolite

Search URL Search Domain Scan URL

URL: http://www.sexmerkezi.com/
Title: porno

Search URL Search Domain Scan URL

URL: http://www.makatdan.com/
Title: brazzers

Search URL Search Domain Scan URL

URL: http://www.altyazilitube.com/
Title: sikiş

Search URL Search Domain Scan URL

URL: http://www.rokettubeturkiye.com/
Title: porno

Search URL Search Domain Scan URL

URL: http://www.xnxxturkiye.com/
Title: porno izle

Search URL Search Domain Scan URL

URL: http://www.xhamsterturkiye.com/
Title: sex izle

Search URL Search Domain Scan URL

URL: http://www.brazzershane.com/
Title: porno

Search URL Search Domain Scan URL

URL: http://www.seksflix.com/
Title: porno film

Search URL Search Domain Scan URL

URL: http://www.vipseksizle.com/
Title: twitter porno

Search URL Search Domain Scan URL

URL: http://www.2devil.com/
Title: seks video

Search URL Search Domain Scan URL

URL: http://www.islandim.com/
Title: türkçe porno

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://marieclaire.ua/ HTTP 301
https://marieclaire.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://gcdn.2mdn.net/videoplayback/id/b5052accf62b7ebe/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696232167/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/1835350BF7D634272A7F7349532E7A1A56B8C7.68A9F071A234B3C45B6D80BA511F49348935B161/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-4g5edndd.c.2mdn.net/videoplayback/id/b5052accf62b7ebe/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696232167/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/14A3A6CA65C2CC53A573765391887384E9C1BB2A.0548FC5830EC3EF89B300B945330C6E4DE11A557/key/cms1/cms_redirect/yes/mh/uT/mip/2a01:4a0:2c::12/mm/42/mn/sn-4g5edndd/ms/onc/mt/1664695753/mv/m/mvi/4/pl/29/file/file.mp4

77 HTTP transactions
12 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
marieclaire.ua/
Redirect Chain

http://marieclaire.ua/
https://marieclaire.ua/

99 KB
19 KB

256ms
84ms

Document
text/html

185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclaire.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 396cfb1fc0e4480c465bf139110708636c311fc84603ad25f42e8010c18fc0a7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 02 Oct 2022 07:36:05 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
last-modified: Вт, 10 Май 2022 15:39:21 +0300
link: <https://marieclaire.ua/wp-json/>; rel="https://api.w.org/" <https://marieclaire.ua/wp-json/wp/v2/pages/609852>; rel="alternate"; type="application/json" <https://marieclaire.ua/>; rel=shortlink
mc-fastcgi-cache: HIT
pragma: no-cache
server: nginx/1.14.2

Redirect headers

Connection: keep-alive
Content-Length: 185
Content-Type: text/html
Date: Sun, 02 Oct 2022 07:36:04 GMT
Location: https://marieclaire.ua/
Server: nginx/1.14.2

GET
H2 200 autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
marieclaire.ua/wp-content/cache/autoptimize/css/ 38 KB
10 KB 85ms
85ms Stylesheet
text/css 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 4bc3f630a7ffe1fb06f52a5dbc92dd571fe2e36c09c8eea81cfb49405f55fd7b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
content-encoding: gzip
last-modified: Thu, 29 Sep 2022 11:39:07 GMT
server: nginx/1.14.2
etag: W/"633583db-9647"
content-type: text/css
cache-control: max-age=604800
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
H/1.1 200
OK pOVCZgzgqLyO Show response
cdn.onthe.io/io.js/ 55 KB
18 KB 257ms
113ms Script
text/javascript 142.93.164.141
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onthe.io/io.js/pOVCZgzgqLyO
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 142.93.164.141 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: e3d38fb5ffe322c703c1440a9730812ad2941e262e251c368872b07a8fa69998

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 07:36:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jul 2021 13:22:44 GMT
Server: nginx
ETag: W/"60e6fc24-dd01"
Transfer-Encoding: chunked
Content-Type: text/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Expires: Mon, 03 Oct 2022 07:36:05 GMT

GET
H2 200 lazysizes.min.js Show response
marieclaire.ua/wp-content/plugins/autoptimize/classes/external/js/ 10 KB
10 KB 84ms
84ms Script
application/javascript 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclaire.ua/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.2
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Mon, 25 Oct 2021 10:07:37 GMT
server: nginx/1.14.2
etag: "617681e9-2655"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9813
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
H2 200 cookieconsent.min.js Show response
cdn.websitepolicies.io/lib/cookieconsent/1.0.3/ 11 KB
6 KB 235ms
133ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.js

Requested by

Host: marieclaire.ua
URL: https://marieclaire.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e9584a34f5a9def65c5c165a7c196d075cffdc2d39337ca8fbd1eed0aa74178

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
content-encoding: br
cdn-pullzone: 403741
referrer-policy: no-referrer-when-downgrade
cdn-proxyver: 1.02
etag: W/"60b50a6f-2bec"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cdn-requestcountrycode: GB
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Tue, 01 Nov 2022 07:36:05 GMT
date: Sun, 02 Oct 2022 07:36:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 886
cdn-cachedat: 06/27/2022 17:09:15
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 31 May 2021 16:10:23 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUagDZKiBcIP13hur3HmXHr8C0hDe5V73E3c6i%2F%2FtvSEFWcsizbPc5lDYBEWkgdS4sqv0LDImqKB5kD48DQl94ohGH5Sz0kVlV%2FOLds%2BaVW9QQi1OHXgZgm9%2B2WWXDODQIWcFZxIlnyD"}],"group":"cf-nel","max_age":604800}
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: 4e00b711d410d5e0eadb285112ec2a98
cf-ray: 753bc3d9be6271fb-LHR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
54 KB 293ms
115ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598

Requested by

Host: marieclaire.ua
URL: https://marieclaire.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf1b530f6473965c07ac76e84119be60c6e8d3d7a4b645cc5dfd6e0509f30e24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marieclaire.ua/
Origin: https://marieclaire.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:36:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54749
x-xss-protection: 0
server: cafe
etag: 1165823463758124269
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 07:36:05 GMT

GET
H2 200 autoptimize_cdb9fb5e7a90cf5581f166d2601f28c1.js Show response
marieclaire.ua/wp-content/cache/autoptimize/js/ 141 KB
141 KB 85ms
84ms Script
application/javascript 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclaire.ua/wp-content/cache/autoptimize/js/autoptimize_cdb9fb5e7a90cf5581f166d2601f28c1.js
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: c15f883826e6ce25311fb260f381d00c9016149a98e24c8c1e094c847ae1f7c3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Thu, 29 Sep 2022 10:47:50 GMT
server: nginx/1.14.2
etag: "633577d6-23274"
content-type: application/javascript
cache-control: max-age=604800
accept-ranges: bytes
content-length: 143988
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 131 KB
48 KB 274ms
107ms Script
application/javascript 2a00:1450:400d:807::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLRR586

Requested by

Host: marieclaire.ua
URL: https://marieclaire.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ff7ba05e7ddd60d71fe53e4dd8362f3a6d5e4b15eca55ce5df81340b9273ee0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:36:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48645
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 02 Oct 2022 07:36:05 GMT

GET
H2 200 logotype-white.svg
marieclaire.ua/wp-content/themes/mc/images/ 9 KB
10 KB 167ms
166ms Image
image/svg+xml 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/themes/mc/images/logotype-white.svg
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: cce38f06c620ce5bc416dc5291b41c649a89cedca03eda2bb377d77115e32494

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Tue, 06 Oct 2020 17:18:16 GMT
server: nginx/1.14.2
etag: "5f7ca6d8-2536"
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9526
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
H2 200 logotype.svg
marieclaire.ua/wp-content/themes/mc/images/ 9 KB
10 KB 166ms
166ms Image
image/svg+xml 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/themes/mc/images/logotype.svg
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 189a88e5775309c7a607d49886d408ce1d3bd58eafcc516bb37d89206437e3bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Tue, 06 Oct 2020 17:18:16 GMT
server: nginx/1.14.2
etag: "5f7ca6d8-2536"
content-type: image/svg+xml
cache-control: max-age=604800
accept-ranges: bytes
content-length: 9526
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
DATA 200
OK truncated
/ 620 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 120cd30c358612de31aa3b601d2c939b9d7f1c2f80734395e1bba09064b4aef9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 412 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1976ce83e1c769ee8a4fa30cdd6ddc4158c301afebc93d10087906c8b93eff8d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 349 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60845609013996ce006f598ee77711b3720c9eea75901086bfd273acf0aa7852

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 930 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad1a2999b8422909ae7dd90eacb92af2de19593144aac098a6d28cf683d283db

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 984 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7c53abb10d42c0e0a3df4240ddf160e2ebf1f17153b4e2dc6cb18e8c583cfc6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Montserrat-Regular.woff2
marieclaire.ua/wp-content/themes/mc/css/fonts/ 87 KB
87 KB 159ms
158ms Font
application/octet-stream 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclaire.ua/wp-content/themes/mc/css/fonts/Montserrat-Regular.woff2
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: e617708035d1a5f61ca23a9efcaa30f7b65649b560a3dd7477282230a8840879

Request headers

Referer: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Origin: https://marieclaire.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Tue, 27 Apr 2021 05:09:52 GMT
server: nginx/1.14.2
etag: "60879ca0-15ae4"
content-type: application/octet-stream
cache-control: max-age=604800
accept-ranges: bytes
content-length: 88804
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
H2 200 Merriweather-Bold.woff2
marieclaire.ua/wp-content/themes/mc/css/fonts/ 59 KB
60 KB 158ms
158ms Font
application/octet-stream 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclaire.ua/wp-content/themes/mc/css/fonts/Merriweather-Bold.woff2
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 1366c8b7bbea9904236b5d269112c04d88f099e50a9ebe143af27ba2643fb7ff

Request headers

Referer: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Origin: https://marieclaire.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Tue, 27 Apr 2021 05:09:48 GMT
server: nginx/1.14.2
etag: "60879c9c-ed20"
content-type: application/octet-stream
cache-control: max-age=604800
accept-ranges: bytes
content-length: 60704
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
H2 200 Montserrat-SemiBold.woff2
marieclaire.ua/wp-content/themes/mc/css/fonts/ 86 KB
87 KB 158ms
158ms Font
application/octet-stream 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclaire.ua/wp-content/themes/mc/css/fonts/Montserrat-SemiBold.woff2
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 61d8968ed8c08aa50e640cf07b221f92fbc26007d20c68a2cc5412b24c663f68

Request headers

Referer: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Origin: https://marieclaire.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Tue, 27 Apr 2021 05:09:52 GMT
server: nginx/1.14.2
etag: "60879ca0-159c0"
content-type: application/octet-stream
cache-control: max-age=604800
accept-ranges: bytes
content-length: 88512
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08638c4012d8a9e649467cf50f336fa2c014f4d34c02c12e7d462aa915649b09

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92fd9a20ea2538ddc6f4eaf6f8d170602643a04ae2eedcb507984083ee463a8d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57452f5671046a2b2ab27b1f0f37de03760fb2d5d1569ae2e462f90fcf00551d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 178792a2189f59ca9cfc991b788ce695d4fd4e8a6c393026b7529aaae58fd486

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Merriweather-Regular.woff2
marieclaire.ua/wp-content/themes/mc/css/fonts/ 61 KB
61 KB 135ms
135ms Font
application/octet-stream 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclaire.ua/wp-content/themes/mc/css/fonts/Merriweather-Regular.woff2
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 12c212b92bd5e170769ec137562ca7d94a51e4040b65658190f6112d21974867

Request headers

Referer: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Origin: https://marieclaire.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Tue, 27 Apr 2021 05:09:49 GMT
server: nginx/1.14.2
etag: "60879c9d-f46c"
content-type: application/octet-stream
cache-control: max-age=604800
accept-ranges: bytes
content-length: 62572
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
H2 200 Montserrat-Bold.woff2
marieclaire.ua/wp-content/themes/mc/css/fonts/ 87 KB
87 KB 135ms
134ms Font
application/octet-stream 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclaire.ua/wp-content/themes/mc/css/fonts/Montserrat-Bold.woff2
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 5e2ac34e292b6f15c645dc4e756f01a452cf63dc0817301ad34b1c9bc6a0afa3

Request headers

Referer: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Origin: https://marieclaire.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Tue, 27 Apr 2021 05:09:49 GMT
server: nginx/1.14.2
etag: "60879c9d-15a84"
content-type: application/octet-stream
cache-control: max-age=604800
accept-ranges: bytes
content-length: 88708
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a2b83b9d0f7e952969c55cf7debf49d8fbc76e3d0f3151ad98cb488a570e8162

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe87759cfd93a3b4038f67a8b391ac30da0d137c3f8be0f63f51ede0b1aa2ad8

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 Montserrat-Medium.woff2
marieclaire.ua/wp-content/themes/mc/css/fonts/ 87 KB
87 KB 116ms
116ms Font
application/octet-stream 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://marieclaire.ua/wp-content/themes/mc/css/fonts/Montserrat-Medium.woff2
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 58b7c61e1b6d4cba2e3ccd1bd081481f7d48a1da5b35e47ef029cb6d28ec52b4

Request headers

Referer: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_f11ced4934003aefa8c742bafb57d7b0.css
Origin: https://marieclaire.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Tue, 27 Apr 2021 05:09:51 GMT
server: nginx/1.14.2
etag: "60879c9f-15a14"
content-type: application/octet-stream
cache-control: max-age=604800
accept-ranges: bytes
content-length: 88596
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
H2 200 imgonline-com-ua-Resize-abuLPPglAMIpV0Wo-320x180.jpg
marieclaire.ua/wp-content/uploads/2022/10/ 10 KB
10 KB 166ms
165ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2022/10/imgonline-com-ua-Resize-abuLPPglAMIpV0Wo-320x180.jpg
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 9181989aa451958d5fb860fd65c2fdd3ed1866b1f8978121a4d657657e813da1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Sat, 01 Oct 2022 11:34:52 GMT
server: nginx/1.14.2
etag: "633825dc-27b8"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10168
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
H2 200 mae-mu-_h-2jrL9cMU-unsplash-1-320x180.jpg
marieclaire.ua/wp-content/uploads/2022/09/ 18 KB
19 KB 166ms
165ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2022/09/mae-mu-_h-2jrL9cMU-unsplash-1-320x180.jpg
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 58f22915c27805aa187a8fb3f3a6bdfb36af4b3d44217ae7275f9446beef1622

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Fri, 30 Sep 2022 15:32:07 GMT
server: nginx/1.14.2
etag: "63370bf7-498e"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 18830
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
H2 200 chanel_ho2022_hs1_0005_rgb-1-hd-320x180.jpeg
marieclaire.ua/wp-content/uploads/2022/09/ 10 KB
10 KB 166ms
166ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2022/09/chanel_ho2022_hs1_0005_rgb-1-hd-320x180.jpeg
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: a78134e3dda586bea3385bb28220e7096dd26365e7f224618b7695b66f61f1be

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Fri, 30 Sep 2022 14:51:08 GMT
server: nginx/1.14.2
etag: "6337025c-292a"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10538
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
H2 200 imgonline-com-ua-Resize-OELNHdbD1VEgLW-320x180.jpg
marieclaire.ua/wp-content/uploads/2022/09/ 16 KB
16 KB 166ms
166ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2022/09/imgonline-com-ua-Resize-OELNHdbD1VEgLW-320x180.jpg
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 65924c095465fb3e45b2bc87338a396f1ce4673a8c0e50cc60ff2d5ace914699

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Fri, 30 Sep 2022 14:42:30 GMT
server: nginx/1.14.2
etag: "63370056-3e91"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16017
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 251ms
77ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=12616:uniques_instantly[url:%2F,domain:marieclaire.ua,page:%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20Marie%20Claire%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%BE%D0%B4%D0%B5%2C%20%D0%B7%D0%B2%D0%B5%D0%B7%D0%B4%D0%B0%D1%85%2C%20%D0%BA%D1%80%D0%B0%D1%81%D0%BE%D1%82%D0%B5%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%D1%85,page_type:main,language:uk,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:72e016b73.f3e84022c_1664696165447,session_id:b722626c5.1601bea59_1664696165448,cdn_version:11]&s=c9883fcb9256bcaea6f231c16430ac28&1664696165452
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pOVCZgzgqLyO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 07:36:05 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/uniques/ 33 B
558 B 252ms
78ms Script
text/html 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/uniques/?current=2&holding=a6a85e8b8a3a49782382de2f9949a9f0&hash_user=72e016b73.f3e84022c_1664696165447&1664696165453
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pOVCZgzgqLyO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: 166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 07:36:05 GMT
Server: nginx
Content-Type: text/html
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 33
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 250ms
79ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=12616:visits_instantly[url:%2F,domain:marieclaire.ua,page:%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20Marie%20Claire%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%BE%D0%B4%D0%B5%2C%20%D0%B7%D0%B2%D0%B5%D0%B7%D0%B4%D0%B0%D1%85%2C%20%D0%BA%D1%80%D0%B0%D1%81%D0%BE%D1%82%D0%B5%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%D1%85,page_type:main,language:uk,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:72e016b73.f3e84022c_1664696165447,session_id:b722626c5.1601bea59_1664696165448,cdn_version:11]&s=c9883fcb9256bcaea6f231c16430ac28&__io=72e016b73.f3e84022c_1664696165447&1664696165455
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pOVCZgzgqLyO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 07:36:05 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 247ms
78ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=12616:pageviews[url:%2F,domain:marieclaire.ua,page:%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20Marie%20Claire%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%BE%D0%B4%D0%B5%2C%20%D0%B7%D0%B2%D0%B5%D0%B7%D0%B4%D0%B0%D1%85%2C%20%D0%BA%D1%80%D0%B0%D1%81%D0%BE%D1%82%D0%B5%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%D1%85,page_type:main,language:uk,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:72e016b73.f3e84022c_1664696165447,session_id:b722626c5.1601bea59_1664696165448,cdn_version:11]&s=c9883fcb9256bcaea6f231c16430ac28&1664696165457
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pOVCZgzgqLyO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 07:36:05 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 cookieconsent.min.css
cdn.websitepolicies.io/lib/cookieconsent/1.0.3/ 4 KB
1 KB 52ms
51ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.css

Requested by

Host: cdn.websitepolicies.io
URL: https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

444ff8a57d95f220f3fb20f69164345fb4e571ce6f75b3cd9c750df1ea4364d0

Security Headers

Name	Value
Content-Security-Policy	default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: 'unsafe-eval' 'unsafe-inline'
content-encoding: br
age: 448522
cdn-pullzone: 403741
referrer-policy: no-referrer-when-downgrade
cdn-proxyver: 1.02
etag: W/"60a7e46d-ffa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cdn-requestcountrycode: GB
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
expires: Thu, 27 Oct 2022 03:00:43 GMT
date: Sun, 02 Oct 2022 07:36:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid: 886
cdn-cachedat: 06/27/2022 17:09:16
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 21 May 2021 16:48:45 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7GbEV33trbRWZZXj59Jh9G%2FrzL3VfQ5%2BIW1YX6MJO6SLrRMCq9YCIF3LnsOaaAL3YEZsGkLM8S%2FpJNCji5UrPG4nN3E%2BdUjCB6%2FKvZ4lExUTIwa8M90rW20ECcTNHCaoFWdRXaPNbM0"}],"group":"cf-nel","max_age":604800}
cdn-uid: 16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid: f14b36612b8a4b73ea101fa32e5ca9f2
cf-ray: 753bc3da9f8471fb-LHR
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 170ms
54ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLRR586

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 02 Oct 2022 07:15:57 GMT
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 1208
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Sun, 02 Oct 2022 09:15:57 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/ 349 KB
114 KB 270ms
124ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua&bust=31070009

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0abbd2fb3b91451dfa33de442aa092986995a94f03ad2cd51864a814d1c5775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:36:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117169
x-xss-protection: 0
server: cafe
etag: 6323830335856851094
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 07:36:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame CDE6 10 KB
5 KB 170ms
53ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marieclaire.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 76202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 10:26:03 GMT
etag: 9671129459699598864
expires: Sat, 15 Oct 2022 10:26:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 3ms-1440x460.jpg
marieclaire.ua/wp-content/uploads/2022/05/ 50 KB
50 KB 85ms
84ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2022/05/3ms-1440x460.jpg
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: acf8e5989fab2d171a341895c483c179f9bed8b2ef3c907804440e87c15e0efd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Mon, 23 May 2022 12:06:18 GMT
server: nginx/1.14.2
etag: "628b78ba-c66d"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 50797
expires: Sun, 09 Oct 2022 07:36:05 GMT

GET
H2 200 BANNER-1440x460.jpg
marieclaire.ua/wp-content/uploads/2022/05/ 61 KB
61 KB 85ms
85ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2022/05/BANNER-1440x460.jpg
Requested by: Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: ef93662bf61ccb660a9297d8912fa78e6512859fc25c2b7d779684d05031702b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:05 GMT
last-modified: Mon, 23 May 2022 12:05:43 GMT
server: nginx/1.14.2
etag: "628b7897-f31c"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 62236
expires: Sun, 09 Oct 2022 07:36:05 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 170ms
61ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=853803177&t=pageview&_s=1&dl=https%3A%2F%2Fmarieclaire.ua%2F&ul=en-us&de=UTF-8&dt=Marie%20Claire%20%E2%80%94%20%D0%B6%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%BE%D0%B4%D0%B5%2C%20%D0%B7%D0%B2%D0%B5%D0%B7%D0%B4%D0%B0%D1%85%20%D0%B8%20%D0%BA%D1%80%D0%B0%D1%81%D0%BE%D1%82%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=792429396&gjid=245345830&cid=1570405184.1664696166&tid=UA-59638469-4&_gid=1005034079.1664696166&_r=1&gtm=2wg9s0TLRR586&z=1235465574

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://marieclaire.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 07:36:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marieclaire.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
tt.onthe.io/ 0
287 B 78ms
78ms XHR
text/javascript 95.216.24.149
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tt.onthe.io/?k[]=12552:uniques_holding&s=c9883fcb9256bcaea6f231c16430ac28&__io=72e016b73.f3e84022c_1664696165447&1664696165954
Requested by: Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pOVCZgzgqLyO
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.216.24.149 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.149.24.216.95.clients.your-server.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 02 Oct 2022 07:36:05 GMT
Server: nginx
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
438 B 206ms
69ms XHR
text/plain 2a00:1450:4025:401::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-59638469-4&cid=1570405184.1664696166&jid=792429396&gjid=245345830&_gid=1005034079.1664696166&_u=YEBAAAAAAAAAAC~&z=629736456

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://marieclaire.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 02 Oct 2022 07:36:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://marieclaire.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
645 B 179ms
63ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=marieclaire.ua&callback=_gfp_s_&client=ca-pub-7141688687918598

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua&bust=31070009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6863dccd914115f0abaaa38aff3138887978ec70aaae252ba8b629bfe34e491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 260ms
94ms Script
application/javascript 2a00:1450:400d:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=marieclaire.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 180ms
64ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=marieclaire.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5FCB 112 KB
30 KB 360ms
251ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&adk=1812271804&adf=3025194257&lmt=1664696166&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmarieclaire.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664696165693&bpp=5&bdt=594&idt=440&shv=r20220928&mjsv=m202209270101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3404955373864&frm=20&pv=2&ga_vid=1570405184.1664696166&ga_sid=1664696166&ga_hid=853803177&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31069962%2C42531705%2C31070009&oid=2&pvsid=3269392200471000&tmod=252739647&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=460

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

efa208249b36290893b1d8134bbb81b205d0e880a258f6a98ee26527015dcc49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marieclaire.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30939
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 07:36:06 GMT
expires: Sun, 02 Oct 2022 07:36:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 255ms
106ms XHR
application/json 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

602e8d7b011fb9078fbcbddbbd5adc33b154e2ff9460ac06e86c803a4cd83eb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11048
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/ 151 KB
54 KB 106ms
106ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209270101/reactive_library_fy2021.js?bust=31070009

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f052e05510df623bc35067181908c03ff485e34fa5be60759607838f90584824

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55035
x-xss-protection: 0
server: cafe
etag: 7919364030571074476
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 02 Oct 2022 07:36:06 GMT

GET
H2 200 Miniatyura-320x180.jpg
marieclaire.ua/wp-content/uploads/2022/02/ 12 KB
13 KB 86ms
84ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2022/02/Miniatyura-320x180.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: aebd85b227472959f618c1e9f850eb73be612265ea9bd3445964fc3a3694419a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:06 GMT
last-modified: Wed, 02 Feb 2022 06:20:47 GMT
server: nginx/1.14.2
etag: "61fa22bf-3179"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12665
expires: Sun, 09 Oct 2022 07:36:06 GMT

GET
H2 200 600-400-320x180.jpg
marieclaire.ua/wp-content/uploads/2021/12/ 16 KB
16 KB 86ms
84ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2021/12/600-400-320x180.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 20ef45c47f11570b75069c25764a252fa67eab07a746f8c031b68353ea1ec387

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:06 GMT
last-modified: Mon, 06 Dec 2021 15:12:31 GMT
server: nginx/1.14.2
etag: "61ae285f-3fe9"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 16361
expires: Sun, 09 Oct 2022 07:36:06 GMT

GET
H2 200 320-180-320x180.jpg
marieclaire.ua/wp-content/uploads/2021/11/ 12 KB
12 KB 87ms
85ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2021/11/320-180-320x180.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 06708e14c753511c24443f3dff3fc3e98252763f281dabd58033db52af7f139e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:06 GMT
last-modified: Tue, 23 Nov 2021 08:48:54 GMT
server: nginx/1.14.2
etag: "619caaf6-30ae"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 12462
expires: Sun, 09 Oct 2022 07:36:06 GMT

GET
H2 200 knopka_MS.jpg
marieclaire.ua/wp-content/uploads/2021/02/ 40 KB
40 KB 88ms
86ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2021/02/knopka_MS.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: e3a453954fdb268bfd0958a6ca66c4117cc56788ebca950b793870f2bfd549b9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:06 GMT
last-modified: Fri, 26 Feb 2021 09:19:34 GMT
server: nginx/1.14.2
etag: "6038bd26-9f97"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 40855
expires: Sun, 09 Oct 2022 07:36:06 GMT

GET
H2 200 Knopka-Spetsproekty-MC.jpg
marieclaire.ua/wp-content/uploads/2021/02/ 74 KB
74 KB 89ms
87ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2021/02/Knopka-Spetsproekty-MC.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 7e5cc7ba90a4fc724cc0337e5d5a6be3b8ff5ae0ad4f964ca0d3f86c68c4e875

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:06 GMT
last-modified: Mon, 01 Feb 2021 14:11:10 GMT
server: nginx/1.14.2
etag: "60180bfe-12854"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 75860
expires: Sun, 09 Oct 2022 07:36:06 GMT

GET
H2 200 527h274-320x180.jpg
marieclaire.ua/wp-content/uploads/2020/12/ 14 KB
14 KB 90ms
88ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2020/12/527h274-320x180.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 683bfcc37024ceb018abb89b645e0bf4bf087abc877223007aa1fe5a5637d067

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:06 GMT
last-modified: Thu, 31 Dec 2020 19:17:01 GMT
server: nginx/1.14.2
etag: "5fee23ad-3722"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 14114
expires: Sun, 09 Oct 2022 07:36:06 GMT

GET
H2 200 d0bad0bdd0bed0bfd0bad0b0d09cd0a1.jpg
marieclaire.ua/wp-content/uploads/2020/12/ 76 KB
76 KB 168ms
166ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2020/12/d0bad0bdd0bed0bfd0bad0b0d09cd0a1.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: b5adf1f6c2b6f34e4dbbe4738d5347e72951fc4988b9d9007c74b4630cd49bcd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:06 GMT
last-modified: Mon, 28 Dec 2020 12:59:19 GMT
server: nginx/1.14.2
etag: "5fe9d6a7-12eef"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 77551
expires: Sun, 09 Oct 2022 07:36:06 GMT

GET
H2 200 photo_2020-12-24_19-10-28.jpg
marieclaire.ua/wp-content/uploads/2020/12/ 10 KB
10 KB 169ms
168ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2020/12/photo_2020-12-24_19-10-28.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 4d87b22392bf566a6716d7343bb609ca35b68f451a237f8bb61cc4004768e116

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:06 GMT
last-modified: Thu, 24 Dec 2020 17:12:11 GMT
server: nginx/1.14.2
etag: "5fe4cbeb-28f2"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 10482
expires: Sun, 09 Oct 2022 07:36:06 GMT

GET
H2 200 Knopka-320x180.jpg
marieclaire.ua/wp-content/uploads/2020/12/ 14 KB
14 KB 170ms
168ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2020/12/Knopka-320x180.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: ec970ff736b922f3d4a24bb8bd2000e7cc75aea07697364b8b9f1a4b36dfd6fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:06 GMT
last-modified: Tue, 22 Dec 2020 14:36:42 GMT
server: nginx/1.14.2
etag: "5fe2047a-3806"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 14342
expires: Sun, 09 Oct 2022 07:36:06 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 175ms
65ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=marieclaire.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 173ms
64ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=marieclaire.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/ Frame 5C6A 10 KB
4 KB 56ms
53ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marieclaire.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 33352
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 22:20:14 GMT
etag: 9671129459699598864
expires: Sat, 15 Oct 2022 22:20:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 burda-horiz-1000x460.png
marieclaire.ua/wp-content/uploads/2022/04/ 66 KB
67 KB 84ms
84ms Image
image/png 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2022/04/burda-horiz-1000x460.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: d6a447879266f3b61c8127c1e37a7a321295a08c4cd581f0368fe47ef678ea13

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:06 GMT
last-modified: Fri, 29 Apr 2022 06:04:12 GMT
server: nginx/1.14.2
etag: "626b7fdc-10940"
content-type: image/png
cache-control: max-age=604800
accept-ranges: bytes
content-length: 67904
expires: Sun, 09 Oct 2022 07:36:06 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 5C6A 4 KB
1 KB 179ms
64ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Oct 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 06:29:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Oct 2022 07:36:06 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/ Frame 5C6A 19 KB
9 KB 238ms
72ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8224
x-xss-protection: 0
server: cafe
etag: 17584738254627026664
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 07:33:12 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 267ms
152ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:36:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 02 Oct 2022 07:36:06 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/ Frame 9FD1 23 KB
9 KB 72ms
72ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:11:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1462
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9561
x-xss-protection: 0
server: cafe
etag: 483224313611802536
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 07:11:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9FD1 8 KB
716 B 173ms
63ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 02 Oct 2022 07:36:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 02 Oct 2022 05:38:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 02 Oct 2022 07:36:07 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/ Frame 9FD1 14 KB
3 KB 185ms
54ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 10:44:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 13:30:52 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/ Frame 9FD1 358 KB
124 KB 187ms
56ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad2722b3b38a720fd300ee4ea4d72936749f7b6f1ae29317e083f5aa738f30b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:30:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324315
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126740
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 10:44:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 13:30:52 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 9FD1 17 KB
7 KB 114ms
113ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 06:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 16 Oct 2022 06:28:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B8F3 13 KB
5 KB 221ms
73ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://marieclaire.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 236641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 29 Sep 2022 13:52:06 GMT
expires: Fri, 29 Sep 2023 13:52:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DEC9 783 B
1 KB 262ms
96ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8dcc951148ab34cade3b226a05ace64ded74c80d9d8337a79a5f18103b4ffa76

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4yqG-BGiC9l7Rkqe0h4yJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://marieclaire.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-4yqG-BGiC9l7Rkqe0h4yJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 02 Oct 2022 07:36:07 GMT
expires: Sun, 02 Oct 2022 07:36:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 csi
csi.gstatic.com/ Frame 9FD1 0
327 B 1093ms
402ms Ping
image/gif 2404:6800:4007:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l8r147f0&c=4029227985888&slotId=2014613992944&qqid=CIS4m72EwfoCFW8kBgAdjCACaw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4007:811::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 07:36:08 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9FD1 0
20 B 106ms
106ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CNc1tZj85Y4TtEu_ImLAPjMGI2AaS_eLRbJmCi43FEPAuEAEgi6W7jgFglQLIAQWpAhaE2m-4cbA-qAMByAObBKoE-gFP0PHiJfB5u1q51gxtYcJhKZ-aBZl4Sa7kE6o5ErrXvmdEiXtZIUoc6TWr2bHd69WG1-YJK67mroqvHmEmmjPasFbUJQr0JTPhwVLM1U22vRsEpR54QZE3P_OX5kLNoNAoW4Jk25jgN6m2tcOyfFP-u-M5uwTpm9hgAmP4NmGG2u-V3SKKhokFK0t4230hawyVgchcUUwgIOUqGPmaIw166jFdsRx4pslwlaZcnobAAMvKJw4HCs0Vnhb1yY6SrNsi_wj6vNNhNhEU8d_cJ3c-Un0qzHqnRLpshKtVO8NxrW9x1K0HKoO9DuIT86YDRzRj7QDT4bwq6ViGwASrkZGopQTgBAOQBgGgBnaAB4jckn6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE8qX1BDIE8O-l-ED0BMA2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1664696167314&ai=CNc1tZj85Y4TtEu_ImLAPjMGI2AaS_eLRbJmCi43FEPAuEAEgi6W7jgFglQLIAQWpAhaE2m-4cbA-qAMByAObBKoE-gFP0PHiJfB5u1q51gxtYcJhKZ-aBZl4Sa7kE6o5ErrXvmdEiXtZIUoc6TWr2bHd69WG1-YJK67mroqvHmEmmjPasFbUJQr0JTPhwVLM1U22vRsEpR54QZE3P_OX5kLNoNAoW4Jk25jgN6m2tcOyfFP-u-M5uwTpm9hgAmP4NmGG2u-V3SKKhokFK0t4230hawyVgchcUUwgIOUqGPmaIw166jFdsRx4pslwlaZcnobAAMvKJw4HCs0Vnhb1yY6SrNsi_wj6vNNhNhEU8d_cJ3c-Un0qzHqnRLpshKtVO8NxrW9x1K0HKoO9DuIT86YDRzRj7QDT4bwq6ViGwASrkZGopQTgBAOQBgGgBnaAB4jckn6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE8qX1BDIE8O-l-ED0BMA2BMKiBQC2BQB0BUB-BYBgBcB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 07:36:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 9FD1 28 KB
16 KB 218ms
92ms XHR
text/xml 142.250.102.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C4FU8y3qp4krSuXhj1Glerm-N_Jn9iblNHYZQpFKCR5mndMgKPf9G_hs5Kiyq77VDHcrXPXHu1LLP0StfU6AQg6a4qiw&cry=1&dbm_d=AKAmf-AF51pcBXxass1F4yxDGu1rrEvHL7j-AwIgmHIjD8B1Z2kDnBkzlP6-VC6KCt6A3XDxNtx26H4VSdobZfiP7m2HkAJ6en9jDYZjZCs6mFUWlR4lrEq4byfrFoUA3zIAaRCHOATsQtQ4YpvfLrC-StMyeTUcQ6Kuj4wIRmujL3lbOgbbCtEBVOsT1RvO8RqwzLM3uv-ws37RWnAHrvFAPNiCDhOzFLxmFN5jkEWSIay-8aXQyOK4pTBOWxtt3ua0bmaAEH_b49sc2eEdAkQrIKgMrJgakrzckEVF9w8TnL-b5hbW3MCT-6YRSLQZPa0tyRYgKCNzi0DHmG5doKMzB0qCYAcvQbAtGy2V0TRyiq9BJPYy9IPU-ral5hHP-9FHkniNXdk8zjKbC4ZNJGE9XGpqzcVm3JuHkWblF6Qj4A-8uYFVSDaxkyWxyykOxQ6nouCBi3L8EJFB33lDPFLRfjrUlokrtR_t7wfdH1ZSm8p1Slus0IE5qlEFVk8j5-sobmjsoPMux8rKrlSGwLR_R9LfSMypkRt8ZDqDcJ30TzqyEmSmo8lFRJd6L3j4lvpjKSzKx83fpxnfiaCXP7mOu0UFlQLOrMNlpTuPK85-JjZFqCi-z5fP2_HctHbQnGUVI5vnVSyo1Lp0bTOEvN-BBcZ3ZUWyBox8PR0NkyVnus69lWpM8hxpdvwue0o2bho_sG595FUPujXv7FwBhTgiNzCP_ZABgRzv6MmtR3ImqqaHSS_JDi22MgiBUh8bstsqZP4wRK9kLFa8l6oNeX7GLoaeqlO5C64249m2HyTNsWA4cck5_WFswGgJR-ybjUxypt2VskvfpLY3MqAFbWMx8DFavkke-1wm5yGGqKFuUGNiZZZyE67OaIIdmx3-QiwrCC0bK5F226p--zGXAKmJEONc2vTVR2mwDd8U3GVCaYLdiG0qYH9zpfOhuSSsj2gZVb8Yw4LrPw8vyAnDoV0HsVqM3t1x8lFM2lA4dYP1Vllv7NiA0Kw5ORy9D2J02bcGhtOfTiSM36NcrY4snRO3nJVhLo4hvW4n6p699hT8GmNuAWGJHSMLO1pkhKfBvqYXmCpO5YSZJfcbPMRpOgFO90_05Lr7HhdZdYjnz_iB6ddjeC1LBuI9My5j8RqGsWXCTQxXskJrgw3n0nCf6g2KP8CkqCdLLUGKYXGUY62c4mAhDoFOXB_MCjusxSEnrdSDui9qUWy2ZqF5xh26oCQ9t7N_ANOk2JafBeXtyNP6-QcCraOci2oup6jsCFJ8iER18F3M1SOBgGoNKsrYRpFmCPbUxCSwRdkHe8aiRjWkUUeIsfyQg6VUjhy3Ci-5YqnFOx9d85OZCwMvNyCVf5RuGyckFQxo6Hp-ouHm47KFsgLW8Q91lEArhu_ol35Q3UfJlRD00BzHsrWTA3WAGp2Vv0co4B5EOuxMOP78MMhckHgktHyggVdfJWMw5RC7ZmhYnqIVXS9VnJ9MHGUEctgX9_E4L3VWxuQ5n767X8OuzkMSqFR5LWY6pX1yVf7Ff3pmQNKrTd_NWvOuMvX_1Dv3tkWK-DETIYRoRZxZKwW_z7GBC-rWa8wl-9GcpQacYaSSkyUbe3Ng1B3JXWCYnOTGJV0XWN6arht-MRLO1EX5DLMj4ziDhLr5_toEPabip8N44cNFn0udFof7qpDev2lk7RdAnkw4UEmOwBSO46wMcOlsnc_WZyTjWpeatom0szs-AJDxSRutIDQEbQ2PvUNc-bwIeuSuwPJFCLinTjHFDoC3tjuESnLh2fFo44VlUX_MsJxq96DOqJu_y_Olcuq7lyPCxoS55j5nQmKLfcl58UrU7n39HuuF84-5BJDZyNsfgNM2Vwk4U_IMHMAIfKwS6TVFl-oTBwSFm3NmZghF-C8GAnF7QfrW_AWEwJ4xN2TCl0Fi-TifzF2fGU1AqrS4IIzqgk34NbIQM8s7TDkd85lBqDhHRE0BwcGHeDPXHCn31sz2Oc8FhyMYZ5hmSLWpM0j5GQulU_7s8gVayCQENccpzYPxTe494EiuIXM6BNxdP29Ezt7xhUvtCZXG8VULAuTOhe-gyu59zJRYvGsgFQbfSKnk_J8i9ypCfEMWqOlugeL1YpE-3rEw65niiHPyWxQJK0IztfN3XWcqUO_MPm3BxpoLlf_dDWHGkApYzw-8xewURk2CRuHrcGN6Tbj76YU3qIxGwJ33_56z6sMg_cYSMoJOEXIw86Moub9U5h9WucnAz2zm5iBdfomArF8YqRE1RMLGcBhz9ZwIzJwWUYrjHhVQnvSoN4kfFbtGCz7aXEzzYU_EtB_Aw5uNo4TzmmLQdsKvobpZoorptRT1sJF3DWMlQ9A7BVbYQOxJhuSprjLbNQC1UwpBi9NTIa4JhxfwPGp6Sa7bALf1qAUQTOe_llNAKsnERLOjDZr5uoIzHNsoj4Yzq64KtpaxBM-IRaDNQwqZ_n_7PlyVuASFWXW5IsLnmfESjthPw3JH5707onnD0hk38qCQtam7h43Z4AbVAXgMHXodIob1Duwi92BNhyTAlnPySWJjj_snRydtv9WUpD9d22OJRtZ61TJrRwgGZbI4cqO6FyS2Oj_MW09Icwanyyu4URSPakM3Fnq_G6QlaUpQyrWspWe18N0lAd90RvRa14Umk7c7_oWu1WVEJQ_Rh0ZjRCZMD_dxnwH5jXiWbt7P-KxZFsl66vmfkgi1bb33JTYOG-LbPpbGmpNsAMMNhA5MZ9XIyN2NIazerA2hOleQIFXcKT1SlPajHVAT54Zx6uSUAK5m_ijYeiCmj44Z5DOrt6GeNUgT6BHQ_MEYJnK4qiPrB-qCKa9bqEwC8Dw6UYKmCFieJ3zVjuZ9dwCR3fw7GzmtIkl8kOsVbixHPLAItRgcZ7xrlsseplJAlW3boTbEBnb6UzFWvQ-ef_P2Ptfr1JHa3g-53OASkmw1Lr-8cY_7qutxJMpqYAod1hSmMkyeY4arofPSvK6q3Dugh58ViyokMuUEWAwc3Pbr5hZdkmfBe3gr_4lRVtBY_hQVqp-Os-tDjPxCH83qYfvAJM60l2xFYUgilmAWxm4OOKYhXvPz8y-Ze0WRLZLYc1sou_dtPtWMm0h2IaxhMJxfmhGS1su_Kip0XE4W9cJUfE4NNSSHdnUjaqz0Bc1oHlrw2NOxAo6V1BuwTn9OE9-BziamSEpYl8IPuxKy5qNojaEyUEqSXi3QWD5IupFFfY8BZX37AWKbwb3r0JI9UKIXGNuRsc4a4wGqttrFcr5-z1ilvOJZ_nWsYq1nUy8xzIW7zL-KOJJ-KjcI_V_aZJ72sYB8P7XnmPOiWeBCt5sPWd8KKdWGBRpiW48LWbVLRL6Bd--u5zrnU2PGAEkTileI0TI7snECVdfWi4paSZ0qusKVx9KoeSeChgyMeYoO4W0huDGrjFHTdjnWUuAEuy_s5CZDNhM-EzQH6iYTN_i9jFFb16Terxpb-XrZeYDKoRJEAGCH54tZZdjONcQnDxqOc9sJa3w2BVG0FQ05Cn04uO66ZNWaN_KNJgFyLZW92bhkjHLspNruq48TsdHyHQZPW4jIChMDKsio_-rS6bXg6j9X&cid=CAASBORo8XI&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f157.1e100.net

Software

cafe /

Resource Hash

bf34e82cffd6b237d9e2e719c6efa07f466994975ad22c1daba602f32e3c8504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:36:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15717
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js Show response
pagead2.googlesyndication.com/bg/ Frame B8F3 36 KB
16 KB 73ms
73ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YrdBSjzfIHcYhYLmavhSyO_EhBrLUWpx5ykdL7H9Kqg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16054
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:21:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DEC9 0
0 105ms
105ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=3269392200471000&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B8F3 0
10 B 72ms
72ms Image
text/plain 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?lYeUlw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 02 Oct 2022 07:36:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 9FD1 41 KB
15 KB 73ms
72ms Script
text/javascript 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 04:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 96008
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sun, 01 Oct 2023 04:55:59 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-4g5edndd.c.2mdn.net/videoplayback/id/b5052accf62b7ebe/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696232167/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9FD1
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/b5052accf62b7ebe/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696232167/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r4---sn-4g5edndd.c.2mdn.net/videoplayback/id/b5052accf62b7ebe/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696232167/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

204ms
54ms

Fetch
video/mp4

2a00:1450:4001:22::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5edndd.c.2mdn.net/videoplayback/id/b5052accf62b7ebe/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696232167/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/14A3A6CA65C2CC53A573765391887384E9C1BB2A.0548FC5830EC3EF89B300B945330C6E4DE11A557/key/cms1/cms_redirect/yes/mh/uT/mip/2a01:4a0:2c::12/mm/42/mn/sn-4g5edndd/ms/onc/mt/1664695753/mv/m/mvi/4/pl/29/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4001:22::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 02 Oct 2022 07:36:08 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2989009
Last-Modified: Mon, 26 Sep 2022 11:43:04 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sun, 02 Oct 2022 07:36:08 GMT

Redirect headers

date: Sun, 02 Oct 2022 07:36:07 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 645
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r4---sn-4g5edndd.c.2mdn.net/videoplayback/id/b5052accf62b7ebe/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696232167/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/14A3A6CA65C2CC53A573765391887384E9C1BB2A.0548FC5830EC3EF89B300B945330C6E4DE11A557/key/cms1/cms_redirect/yes/mh/uT/mip/2a01:4a0:2c::12/mm/42/mn/sn-4g5edndd/ms/onc/mt/1664695753/mv/m/mvi/4/pl/29/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame C70A 23 KB
9 KB 73ms
72ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 408722
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 14:04:05 GMT
expires: Wed, 27 Sep 2023 14:04:05 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 -Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js Show response
pagead2.googlesyndication.com/bg/ Frame C70A 36 KB
16 KB 73ms
73ms Script
text/javascript 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-Y38d37a1DmvdXzRnIUkD6jTpQ2urOaWudC6FG_jR1g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303013
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15918
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 19:25:54 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C70A 0
20 B 109ms
108ms Image
image/gif 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BR32yZz85Y8KZHrmu7_UP8u64yAgAAAAAOAHgBAI&bg=!qKulq-_NAAYQgTJdMIE7ACkAdvg8WjI0qsTzO4Ptk_-S15a6bEkNLjRi5DNgHjSB6Wal7n3IrYr34AIAAABYUgAAAANoAQeZAvWJ9Jh_03AvaQnuXp9loLk9qUWeav0sd_7LABbHOZYsd9kIs4BS8OrMBIVa2bZkIOdwe4V85n2GhaF0ZcYDtSjYDhoujWSiu-EyemHuk2KHdHoK-opVm3UePzK472Zt79BmGItw-XV8xYpj1ZM4iUemvZN1G0zuh6qno5b5S-AO2Yqmc8QiJm8QVR60I5BoIuf0FdbZ9nWmbVxqooE4Ni33VqBqMjh7CmMr8BgQ_tDFMCJXdVTGTPmI1C7GQGrujT8J8DmuZr_rW4yjbW22vsE3EAerMjJMipgnZ4-NLqBqMY3Eywfem3UfQvOX1Tmvstc-g55rVM8K9gJZ9W6OIoTsTilNelsyzHzGbgIHM3OANegSctKLKAsi31YE8_-4ecP6Qxj4RYFFbbJ8Cn9LReokQ0oZa4H0EudWsLPZazCuiAkyy5wxqAmb4SOykqZffnGtFOV68piujhxB8jQUVdIjR8as_72sHvDycKkl_t_b51thnMHrUvGyUPxJwm6XjPlJYsYOGD6l3mbKOb1zELSP0ZS950krjuo8KncyjeIwyf22U8INe883YGFBPkDrWztNVqiX_Qbw1lFru8v3EVpbs-WyuEi-NK21YTv7mH04QkpcH1nX8BEfEpxyFcJLxaFVyqCUyZodMVWy-V63KYhkz61EivtsEhIWY_GM--jZOaduqwUzA7Qh4mkY4INR9Qqtt_PNN5cL7gO1y0fYoRcgYAN9mS_nsSEoH0QalJ5ER-NFWqzgJM7kVmrEtU4_uldkUMpi_VkJNs9IN0ixupQevNLe7QK0Qdp55Max7PmGnVJYH7JU7ljCf7zrEopBdRsp9_7xy6YKtFb_tff0Ka20-dFGTf85SSLyGQ64R_NMjHPK4Uc-WmdbyMVOrati2libzBrh51h7fgpUvE3uALLJzfQNCLiJl3JjHhuVF5Z27tVXVzwsF7rR6Dv-o2Y-oKCTxUs92DSzGtNfhqTji0pjHlSFQY3uXeJSKA-zUW2puLmsT0nx

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 07:36:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 108ms
107ms Image
text/html 2a00:1450:400d:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=3269392200471000&bg=!VlWlVRHNAAYQgTJdMIE7ACkAdvg8WrwEKaaBnTbLxTH7Yru0AvOIXKac_qpVCl02P3ZNKNNiiqFkZAIAAABuUgAAAAJoAQeZApOSJGYTB3t5x-omW16OO-6jXkoTcqHAg-imvjO8TeU17xfRNCNcwCPBISlcqsdu_qfotbpq5b6_VnkwX3v4vbycp55PF79WrweXqF7U4whiuo4_LBhOGvBPi87K4wB4Tsvh39JHvJhbi-ghMys3cLmSSr34D-VgqWlkyYcDEyuOUfLky7-LWrgUbkC6k2leEKHl_xUPNl2whsChUnERvUUcilrC6R7A_DrNYxYOYDgnLwxZ9QzVeZc1V8CIzo40YY4QWQlVE8vyMX1Uh6mbWK1Y9k8VAISdHttReVYvvb8Zi939wEMFqxL-kIqkb2FXpX9cvhEpg4BqIVaL1jFxSMve7uRYWHj4wvWN9VQLdJQ6yvR--H9Q2h4PkQrIaDI_JnNi0Q-nH0vBpA3hYAov8cSx2IGMFbn4D6nQxyfPAN13ZFqJEPW6Zu3kRw36GnD3ChwjLD-xgGsDaiKN36g1QyVVVmvTUB81_M2gdlUSV--iEtOSJdBsIbx_EbUFHzGgslVEe9CnmAshJpTFCT4bPdAoeXpwf-evHBu2FTkegdMTIMfuS_TKGPAYJZp7cFK7ZO0fjB9WIJ0OivbGxZ2YYj0TLjn8K_Gmx-AFy0Lm-jlWTtm_MDs9qzEx23rwNCB0hyraswEKJ5wp3FAJG5mR19iB-iDxXaIuePlg9MgvFpo67w9SBSr60aDga2DTdcwilDW8sIhYlwqtMnlwvR-KDnO-njWkv-zTTOKt8kiMwO0olodDu8hnYbFuVF2ipJhItUEEHjV4F9kXgpGdfYZ6Sn0xyf7T8nGs07M0D6hAi1tgqhDvbPFdG2yRdMoVG8j2g9EoONUCqDEG0F_SeYM0SB1UGHSOgj6G4k6jSX3K1j7VrnwUDA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 206 file.mp4
r4---sn-4g5edndd.c.2mdn.net/videoplayback/id/b5052accf62b7ebe/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1696232167/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9FD1 160 KB
0 111ms
54ms Media
video/mp4 2a00:1450:4001:22::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:22::9 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

expires: Sun, 02 Oct 2022 07:36:08 GMT
date: Sun, 02 Oct 2022 07:36:08 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2989008/2989009
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2989009
last-modified: Mon, 26 Sep 2022 11:43:04 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

POST
H2 204 csi
csi.gstatic.com/ Frame 9FD1 0
54 B 706ms
404ms Ping
image/gif 2404:6800:4007:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l8r147f8&c=4029227985888&slotId=2014613992944&qqid=CIS4m72EwfoCFW8kBgAdjCACaw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=998&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220928_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4007:811::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 02 Oct 2022 07:36:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 SPADSHHINA-1-1440x460.jpg
marieclaire.ua/wp-content/uploads/2022/05/ 121 KB
121 KB 168ms
168ms Image
image/jpeg 185.149.40.93
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://marieclaire.ua/wp-content/uploads/2022/05/SPADSHHINA-1-1440x460.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web417.default-host.net
Software: nginx/1.14.2 /
Resource Hash: 5b6125706c6614254bb2dd0aba7870827d5c447f7c0660aec94809e6bf4137b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://marieclaire.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: public
date: Sun, 02 Oct 2022 07:36:09 GMT
last-modified: Fri, 13 May 2022 09:05:00 GMT
server: nginx/1.14.2
etag: "627e1f3c-1e3a9"
content-type: image/jpeg
cache-control: max-age=604800
accept-ranges: bytes
content-length: 123817
expires: Sun, 09 Oct 2022 07:36:09 GMT

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
marieclaire.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: nknpicldebebdv5kfudjj5ja6h
.marieclaire.ua/	1970-01-20 06:24:57	Name: __io_d Value: 1_705468254
marieclaire.ua/	1970-01-20 15:10:32	Name: __io_lv Value: 1664696165447
marieclaire.ua/	1970-01-20 15:10:32	Name: __io Value: 72e016b73.f3e84022c_1664696165447
.marieclaire.ua/	1970-01-20 06:24:57	Name: __io_session_id Value: b722626c5.1601bea59_1664696165448
.marieclaire.ua/	1970-01-20 06:24:57	Name: __io_nav_state12616 Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22marieclaire.ua%22%2C%22previousDomain%22%3A%22%22%7D
marieclaire.ua/	1970-01-20 15:10:32	Name: __io_unique_12616 Value: 2
marieclaire.ua/	1970-01-20 06:25:55	Name: __io_uh Value: 1
marieclaire.ua/	1970-01-20 06:24:57	Name: __io_visit_12616 Value: 1
.tt.onthe.io/	1970-01-20 06:26:22	Name: io_uida6a85e8b8a3a49782382de2f9949a9f0 Value: 2
.tt.onthe.io/	1970-01-20 12:46:32	Name: io_user_hash Value: 72e016b73.f3e84022c_1664696165447
.marieclaire.ua/	1970-01-20 16:00:56	Name: _ga Value: GA1.2.1570405184.1664696166
.marieclaire.ua/	1970-01-20 06:26:22	Name: _gid Value: GA1.2.1005034079.1664696166
.marieclaire.ua/	1970-01-20 06:24:56	Name: _gat_UA-59638469-4 Value: 1
.marieclaire.ua/	1970-01-20 15:46:32	Name: __gads Value: ID=c175aa57e9bc691c-22bbf02339ce0096:T=1664696166:RT=1664696166:S=ALNI_Mb8Bi2ult7SPQgBQxAaZXe1DZxbGQ
.doubleclick.net/	1970-01-20 15:46:32	Name: IDE Value: AHWqTUlg5vlDaW9BzzosVPcnAo2CRZhHpxypz3Mnw4TQc3i75x0Kboa3fPFNZ_iHDJo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cdn.onthe.io
cdn.websitepolicies.io
csi.gstatic.com
fonts.googleapis.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
marieclaire.ua
pagead2.googlesyndication.com
partner.googleadservices.com
r4---sn-4g5edndd.c.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tt.onthe.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
142.250.102.157
142.93.164.141
185.149.40.93
2404:6800:4007:811::2003
2a00:1450:4001:22::9
2a00:1450:4001:801::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400d:806::2001
2a00:1450:400d:806::200e
2a00:1450:400d:807::2008
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::2002
2a00:1450:400d:80e::2002
2a00:1450:4025:401::9c
2a06:98c1:3120::3
95.216.24.149
06708e14c753511c24443f3dff3fc3e98252763f281dabd58033db52af7f139e
08638c4012d8a9e649467cf50f336fa2c014f4d34c02c12e7d462aa915649b09
120cd30c358612de31aa3b601d2c939b9d7f1c2f80734395e1bba09064b4aef9
12c212b92bd5e170769ec137562ca7d94a51e4040b65658190f6112d21974867
1366c8b7bbea9904236b5d269112c04d88f099e50a9ebe143af27ba2643fb7ff
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
178792a2189f59ca9cfc991b788ce695d4fd4e8a6c393026b7529aaae58fd486
189a88e5775309c7a607d49886d408ce1d3bd58eafcc516bb37d89206437e3bc
1976ce83e1c769ee8a4fa30cdd6ddc4158c301afebc93d10087906c8b93eff8d
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20ef45c47f11570b75069c25764a252fa67eab07a746f8c031b68353ea1ec387
2e9584a34f5a9def65c5c165a7c196d075cffdc2d39337ca8fbd1eed0aa74178
2ff7ba05e7ddd60d71fe53e4dd8362f3a6d5e4b15eca55ce5df81340b9273ee0
396cfb1fc0e4480c465bf139110708636c311fc84603ad25f42e8010c18fc0a7
444ff8a57d95f220f3fb20f69164345fb4e571ce6f75b3cd9c750df1ea4364d0
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4bc3f630a7ffe1fb06f52a5dbc92dd571fe2e36c09c8eea81cfb49405f55fd7b
4d87b22392bf566a6716d7343bb609ca35b68f451a237f8bb61cc4004768e116
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57452f5671046a2b2ab27b1f0f37de03760fb2d5d1569ae2e462f90fcf00551d
58b7c61e1b6d4cba2e3ccd1bd081481f7d48a1da5b35e47ef029cb6d28ec52b4
58f22915c27805aa187a8fb3f3a6bdfb36af4b3d44217ae7275f9446beef1622
5b6125706c6614254bb2dd0aba7870827d5c447f7c0660aec94809e6bf4137b8
5e2ac34e292b6f15c645dc4e756f01a452cf63dc0817301ad34b1c9bc6a0afa3
602e8d7b011fb9078fbcbddbbd5adc33b154e2ff9460ac06e86c803a4cd83eb5
60845609013996ce006f598ee77711b3720c9eea75901086bfd273acf0aa7852
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d8968ed8c08aa50e640cf07b221f92fbc26007d20c68a2cc5412b24c663f68
62b7414a3cdf2077188582e66af852c8efc4841acb516a71e7291d2fb1fd2aa8
65924c095465fb3e45b2bc87338a396f1ce4673a8c0e50cc60ff2d5ace914699
683bfcc37024ceb018abb89b645e0bf4bf087abc877223007aa1fe5a5637d067
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6efff8ce63d77eba89e9cc15af6dbccc657068130e89225fc662a0c580cea9b7
7e5cc7ba90a4fc724cc0337e5d5a6be3b8ff5ae0ad4f964ca0d3f86c68c4e875
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
8dcc951148ab34cade3b226a05ace64ded74c80d9d8337a79a5f18103b4ffa76
9181989aa451958d5fb860fd65c2fdd3ed1866b1f8978121a4d657657e813da1
92fd9a20ea2538ddc6f4eaf6f8d170602643a04ae2eedcb507984083ee463a8d
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a2b83b9d0f7e952969c55cf7debf49d8fbc76e3d0f3151ad98cb488a570e8162
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a78134e3dda586bea3385bb28220e7096dd26365e7f224618b7695b66f61f1be
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
acf8e5989fab2d171a341895c483c179f9bed8b2ef3c907804440e87c15e0efd
ad1a2999b8422909ae7dd90eacb92af2de19593144aac098a6d28cf683d283db
ad2722b3b38a720fd300ee4ea4d72936749f7b6f1ae29317e083f5aa738f30b3
aebd85b227472959f618c1e9f850eb73be612265ea9bd3445964fc3a3694419a
b5adf1f6c2b6f34e4dbbe4738d5347e72951fc4988b9d9007c74b4630cd49bcd
bf34e82cffd6b237d9e2e719c6efa07f466994975ad22c1daba602f32e3c8504
c15f883826e6ce25311fb260f381d00c9016149a98e24c8c1e094c847ae1f7c3
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
cce38f06c620ce5bc416dc5291b41c649a89cedca03eda2bb377d77115e32494
cf1b530f6473965c07ac76e84119be60c6e8d3d7a4b645cc5dfd6e0509f30e24
d6863dccd914115f0abaaa38aff3138887978ec70aaae252ba8b629bfe34e491
d6a447879266f3b61c8127c1e37a7a321295a08c4cd581f0368fe47ef678ea13
dd080c89636f8576e3364bea0867f18be3a32daa72d766da336cbb80ba5fb407
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3a453954fdb268bfd0958a6ca66c4117cc56788ebca950b793870f2bfd549b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d38fb5ffe322c703c1440a9730812ad2941e262e251c368872b07a8fa69998
e617708035d1a5f61ca23a9efcaa30f7b65649b560a3dd7477282230a8840879
ec970ff736b922f3d4a24bb8bd2000e7cc75aea07697364b8b9f1a4b36dfd6fb
ef93662bf61ccb660a9297d8912fa78e6512859fc25c2b7d779684d05031702b
efa208249b36290893b1d8134bbb81b205d0e880a258f6a98ee26527015dcc49
f052e05510df623bc35067181908c03ff485e34fa5be60759607838f90584824
f0abbd2fb3b91451dfa33de442aa092986995a94f03ad2cd51864a814d1c5775
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7c53abb10d42c0e0a3df4240ddf160e2ebf1f17153b4e2dc6cb18e8c583cfc6
f98dfc777edad439af757cd19c85240fa8d3a50daeace696b9d0ba146fe34758
fe87759cfd93a3b4038f67a8b391ac30da0d137c3f8be0f63f51ede0b1aa2ad8

marieclaire.ua Open in urlscan Pro 185.149.40.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

99 %HTTPS

80 %IPv6

13 Domains

20 Subdomains

20 IPs

7 Countries

1900 kBTransfer

3251 kBSize

16 Cookies

26 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 12 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

marieclaire.ua Open in urlscan Pro
185.149.40.93 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

99 %
HTTPS

80 %
IPv6

13
Domains

20
Subdomains

20
IPs

7
Countries

1900 kB
Transfer

3251 kB
Size

16
Cookies

77 HTTP transactions
12 data transactions