urlscan.io logo urlscan.io
SecurityTrails logo

ivona.ua Open in urlscan Pro
143.204.89.45  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ivona.ua/
Effective URL: https://ivona.ua/
Submission: On June 23 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 61 IPs in 10 countries across 62 domains to perform 467 HTTP transactions. The main IP is 143.204.89.45, located in United States and belongs to AMAZON-02, US. The main domain is ivona.ua.
TLS certificate: Issued by Amazon on May 28th 2022. Valid for: a year.
This is the only time ivona.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 143.204.89.45 16509 (AMAZON-02)
1 91.198.36.26 43405 (DIGITAL-V...)
10 2a03:90c0:41:... 199524 (GCORE)
1 2a00:1450:400... 15169 (GOOGLE)
50 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 146.59.10.80 16276 (OVH)
11 78.159.118.240 28753 (LEASEWEB-...)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 146.59.30.104 16276 (OVH)
11 104.16.221.74 13335 (CLOUDFLAR...)
6 193.29.200.142 197203 (UMHAS)
3 91.198.36.35 43405 (DIGITAL-V...)
2 2a00:1450:400... 15169 (GOOGLE)
2 185.187.81.41 43332 (IDSTRATEG...)
21 2a00:1450:400... 15169 (GOOGLE)
16 143.204.89.76 16509 (AMAZON-02)
15 185.165.240.175 49981 (WORLDSTREAM)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 193.29.200.162 197203 (UMHAS)
2 146.0.227.110 29066 (VELIANET-...)
1 2a00:1450:400... 15169 (GOOGLE)
12 172.217.18.2 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.187.81.40 43332 (IDSTRATEG...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
10 2a00:1450:400... 15169 (GOOGLE)
1 3 2620:116:800d... 16509 (AMAZON-02)
1 167.71.9.19 14061 (DIGITALOC...)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 18.193.207.48 16509 (AMAZON-02)
4 104.16.199.73 13335 (CLOUDFLAR...)
37 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
11 62 142.250.186.162 15169 (GOOGLE)
5 7 23.35.236.247 16625 (AKAMAI-AS)
2 3 37.252.173.215 29990 (ASN-APPNEX)
4 34.98.64.218 15169 (GOOGLE)
4 104.111.242.245 16625 (AKAMAI-AS)
48 2a00:1450:400... 15169 (GOOGLE)
24 23.35.237.151 16625 (AKAMAI-AS)
12 142.250.185.98 15169 (GOOGLE)
3 4 185.94.180.125 35220 (SPOTX-AMS)
2 2 3.122.71.55 16509 (AMAZON-02)
3 5 18.156.0.31 16509 (AMAZON-02)
2 185.86.137.132 201081 (SMARTADSE...)
2 18.170.21.34 16509 (AMAZON-02)
1 2 2.18.234.233 16625 (AKAMAI-AS)
3 3 151.101.66.49 54113 (FASTLY)
4 4 2a05:d018:d29... 16509 (AMAZON-02)
5 5 69.173.144.138 26667 (RUBICONPR...)
2 2 2600:9000:215... 16509 (AMAZON-02)
4 4 51.75.86.98 16276 (OVH)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 141.95.98.69 16276 (OVH)
3 3 54.155.185.156 16509 (AMAZON-02)
5 5 213.19.147.45 26120 (RHYTHMONE)
3 3 13.248.245.213 16509 (AMAZON-02)
1 185.86.137.108 201081 (SMARTADSE...)
2 2 52.42.40.153 16509 (AMAZON-02)
2 52.223.40.198 16509 (AMAZON-02)
3 35.227.252.103 15169 (GOOGLE)
2 2 52.214.225.206 16509 (AMAZON-02)
2 2 169.50.137.184 36351 (SOFTLAYER)
1 1 35.190.0.66 15169 (GOOGLE)
2 2 35.244.174.68 15169 (GOOGLE)
3 3 69.192.160.219 16625 (AKAMAI-AS)
3 198.47.127.19 62713 (AS-PUBMATIC)
1 1 185.29.132.245 30419 (MEDIAMATH...)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 34.96.105.8 15169 (GOOGLE)
467 61
17    143.204.89.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-45.fra50.r.cloudfront.net
ivona.ua
1    91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua
i.holder.com.ua
10    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
1    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
50    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
8    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
stackpath.bootstrapcdn.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    146.59.10.80 (France)

ASN16276 (OVH, FR)
PTR: ip80.ip-146-59-10.eu
gaua.hit.gemius.pl
11    78.159.118.240 (Brandenburg, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com
cdn.umh.ua
z.cdn.umh.ua
7    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu
ls.hit.gemius.pl
11    104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.idealmedia.io
c.idealmedia.io
cdn.idealmedia.io
servicer.idealmedia.io
cm.idealmedia.io
autocounter.idealmedia.io
6    193.29.200.142 (Ukraine)

ASN197203 (UMHAS, UA)
exchange.informer.ua
3    91.198.36.35 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
h.holder.com.ua
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zmctrack.net
21    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
16    143.204.89.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-76.fra50.r.cloudfront.net
i.ivona.ua
15    185.165.240.175 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-175.hosted-by-worldstream.net
ad.mox.tv
1    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    193.29.200.162 (Ukraine)

ASN197203 (UMHAS, UA)
kolobok.ua
2    146.0.227.110 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)
inv-nets.admixer.net
1    2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
12    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s28-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
1    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
2    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
loadercdn.net
2    2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
10    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
cms.quantserve.com
1    167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
bgstats.mox.tv
9    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
www.gstatic.com
2    18.193.207.48 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-207-48.eu-central-1.compute.amazonaws.com
x.bidswitch.net
4    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.idealmedia.io
37    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
62    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
7    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
3    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
4    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
48    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
24    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
px.moatads.com
12    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
2    3.122.71.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-71-55.eu-central-1.compute.amazonaws.com
pixel.advertising.com
5    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    18.170.21.34 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-21-34.eu-west-2.compute.amazonaws.com
mb.moatads.com
2    2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
3    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
4    2a05:d018:d29:3605:ceb0:a2e8:d44c:f538 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
5    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    2600:9000:2156:2c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
4    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
1    141.95.98.69 (France)

ASN16276 (OVH, FR)
PTR: ns3216534.ip-141-95-98.eu
id5-sync.com
3    54.155.185.156 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-185-156.eu-west-1.compute.amazonaws.com
match.360yield.com
5    213.19.147.45 (Beverwijk, Netherlands)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    185.86.137.108 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
2    52.42.40.153 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-40-153.us-west-2.compute.amazonaws.com
pm.w55c.net
2    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
2    52.214.225.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-225-206.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
2    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
Apex Domain
Subdomains		 Transfer
106 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287
459 KB
96 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
684 KB
48 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 276
2 MB
33 ivona.ua
ivona.ua
i.ivona.ua
414 KB
26 moatads.com
z.moatads.com — Cisco Umbrella Rank: 406
mb.moatads.com — Cisco Umbrella Rank: 640
px.moatads.com — Cisco Umbrella Rank: 416
267 KB
16 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 40009
bgstats.mox.tv — Cisco Umbrella Rank: 48307
116 KB
15 idealmedia.io
jsc.idealmedia.io — Cisco Umbrella Rank: 95613
c.idealmedia.io — Cisco Umbrella Rank: 87637
cdn.idealmedia.io — Cisco Umbrella Rank: 158073
servicer.idealmedia.io — Cisco Umbrella Rank: 102536
s-img.idealmedia.io — Cisco Umbrella Rank: 88971
cm.idealmedia.io — Cisco Umbrella Rank: 16983
autocounter.idealmedia.io — Cisco Umbrella Rank: 112870
245 KB
12 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 40667
inv-nets.admixer.net — Cisco Umbrella Rank: 2560
198 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
1 KB
11 umh.ua
cdn.umh.ua — Cisco Umbrella Rank: 252492
z.cdn.umh.ua — Cisco Umbrella Rank: 275701
10 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 179
408 KB
9 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 299
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 479
5 KB
8 gstatic.com
fonts.gstatic.com
www.gstatic.com
220 KB
8 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
147 KB
7 openx.net
us-u.openx.net — Cisco Umbrella Rank: 387
rtb.openx.net — Cisco Umbrella Rank: 1589
1 KB
7 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 576
6 KB
6 informer.ua
exchange.informer.ua — Cisco Umbrella Rank: 583595
31 KB
5 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 336
2 KB
5 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 612
pixel.everesttech.net — Cisco Umbrella Rank: 3023
2 KB
5 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 51572
ls.hit.gemius.pl — Cisco Umbrella Rank: 12029
googlecm.hit.gemius.pl Failed
18 KB
4 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 820
1 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 501
2 KB
4 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 938
688 B
4 holder.com.ua
i.holder.com.ua — Cisco Umbrella Rank: 329679
h.holder.com.ua — Cisco Umbrella Rank: 290652
4 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 629
248 B
3 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1872
2 KB
3 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 410
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 540
2 KB
3 360yield.com
match.360yield.com — Cisco Umbrella Rank: 4129
1 KB
3 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 653
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1255
401 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
3 KB
3 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 443
cms.quantserve.com — Cisco Umbrella Rank: 1107
1 KB
3 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4608
www.google.co.uk — Cisco Umbrella Rank: 2765
1 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
3 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2209
1 KB
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 635
575 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 851
1 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 367
529 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 790
2 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1121
1 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 659
884 B
2 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 681
1 KB
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 545
392 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 290
837 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 944
43 KB
2 zmctrack.net
s.zmctrack.net — Cisco Umbrella Rank: 150926
24 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
88 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2211
40 KB
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2899
174 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
737 B
1 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 12943
552 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 550
1 KB
1 inmobi.com
sync.inmobi.com — Cisco Umbrella Rank: 2074
711 B
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 432579
169 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867
643 B
1 kolobok.ua
kolobok.ua
8 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
410 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 429
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
39 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
0 invamia.com Failed
ad.invamia.com Failed
467 62
Domain Requested by
62 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
ivona.ua
50 pagead2.googlesyndication.com ivona.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
48 s0.2mdn.net ivona.ua
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
s0.2mdn.net
googleads.g.doubleclick.net
37 tpc.googlesyndication.com googleads.g.doubleclick.net
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
ivona.ua
tpc.googlesyndication.com
20 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
ivona.ua
www.googletagservices.com
17 ivona.ua 1 redirects ivona.ua
cdnjs.cloudflare.com
16 px.moatads.com c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
ivona.ua
16 i.ivona.ua ivona.ua
15 ad.mox.tv z.cdn.umh.ua
ad.mox.tv
ivona.ua
12 googleads4.g.doubleclick.net ivona.ua
googleads.g.doubleclick.net
11 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
10 www.googletagservices.com ad.mox.tv
googleads.g.doubleclick.net
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
10 z.cdn.umh.ua cdn.umh.ua
10 cdn.admixer.net ivona.ua
cdn.admixer.net
9 c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
9 www.google.com ivona.ua
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
8 z.moatads.com c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
z.moatads.com
8 cdnjs.cloudflare.com ivona.ua
cdnjs.cloudflare.com
7 fonts.gstatic.com fonts.googleapis.com
6 exchange.informer.ua z.cdn.umh.ua
exchange.informer.ua
5 pixel.rubiconproject.com 5 redirects
5 ups.analytics.yahoo.com 3 redirects googleads.g.doubleclick.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
4 onetag-sys.com 4 redirects
4 pr-bh.ybp.yahoo.com 4 redirects
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 sync.teads.tv googleads.g.doubleclick.net
4 us-u.openx.net googleads.g.doubleclick.net
4 s-img.idealmedia.io ivona.ua
4 jsc.idealmedia.io z.cdn.umh.ua
jsc.idealmedia.io
4 gaua.hit.gemius.pl 1 redirects ivona.ua
gaua.hit.gemius.pl
3 image6.pubmatic.com c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
3 e.dlx.addthis.com 3 redirects
3 rtb.openx.net c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
3 eb2.3lift.com 3 redirects
3 sync.1rx.io 3 redirects
3 match.360yield.com 3 redirects
3 sync-tm.everesttech.net 3 redirects
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 h.holder.com.ua i.holder.com.ua
3 fonts.googleapis.com ivona.ua
googleads.g.doubleclick.net
s0.2mdn.net
2 id.rlcdn.com 2 redirects
2 cms.quantserve.com 1 redirects c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
2 um.simpli.fi 2 redirects
2 pixel.everesttech.net 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 match.adsrvr.org c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
2 pm.w55c.net 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 s.ad.smaato.net 2 redirects
2 ads.stickyadstv.com 1 redirects googleads.g.doubleclick.net
2 mb.moatads.com z.moatads.com
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 pixel.advertising.com 2 redirects
2 cm.idealmedia.io jsc.idealmedia.io
2 servicer.idealmedia.io jsc.idealmedia.io
2 x.bidswitch.net 1 redirects ivona.ua
2 unpkg.com ad.mox.tv
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.co.uk pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 inv-nets.admixer.net cdn.admixer.net
ivona.ua
2 s.zmctrack.net ivona.ua
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net ivona.ua
connect.facebook.net
2 stackpath.bootstrapcdn.com ivona.ua
1 tr.blismedia.com c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
1 s.tribalfusion.com ivona.ua
1 a.tribalfusion.com 1 redirects
1 sync.mathtag.com 1 redirects
1 ads.travelaudience.com 1 redirects
1 ssbsync.smartadserver.com c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
1 id5-sync.com c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
1 sync.inmobi.com 1 redirects
1 autocounter.idealmedia.io ivona.ua
1 www.gstatic.com googleads.g.doubleclick.net
1 cdn.idealmedia.io ivona.ua
1 www.google.co.uk ivona.ua
1 bgstats.mox.tv ivona.ua
1 pixel.quantserve.com ivona.ua
1 c.idealmedia.io jsc.idealmedia.io
1 loadercdn.net ivona.ua
1 partner.googleadservices.com pagead2.googlesyndication.com
1 stats.g.doubleclick.net www.google-analytics.com
1 kolobok.ua exchange.informer.ua
1 www.facebook.com ivona.ua
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 cdn.umh.ua ivona.ua
1 cdn.jsdelivr.net ivona.ua
1 www.googletagmanager.com ivona.ua
1 i.holder.com.ua ivona.ua
0 googlecm.hit.gemius.pl Failed c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
0 google2waycm.netmng.com Failed c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
0 ad.invamia.com Failed ivona.ua
467 93
Subject Issuer Validity Valid
ivona.ua
Amazon		 2022-05-28 -
2023-06-26		 a year crt.sh
holder.com.ua
R3		 2022-06-08 -
2022-09-06		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2022-06-08 -
2023-06-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
cdn.umh.ua
R3		 2022-06-09 -
2022-09-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-01 -
2022-06-30		 3 months crt.sh
exchange.informer.ua
R3		 2022-05-10 -
2022-08-08		 3 months crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-20 -
2023-04-25		 a year crt.sh
ad.mox.tv
R3		 2022-05-30 -
2022-08-28		 3 months crt.sh
kolobok.ua
R3		 2022-06-13 -
2022-09-11		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
loadercdn.net
R3		 2022-05-02 -
2022-07-31		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
bgstats.mox.tv
R3		 2022-05-29 -
2022-08-27		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-11-27 -
2022-11-29		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-05		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-06-19 -
2022-09-17		 3 months crt.sh

This page contains 51 frames:

Primary Page: https://ivona.ua/
Frame ID: 18F9CC5A749779A992A700816DC0F694
Requests: 147 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: D8F53DB90D4C6AE68D742A88F01AFF9A
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=kolobok
Frame ID: 30CD69D235164517F6955A894BEF5175
Requests: 7 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 750A314330E8A552CD00D285D914E1A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220616/r20190131/zrt_lookup.html
Frame ID: EA01E10AF9896219D4787D1F0C0A94B1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 78C3B4840C69A27E441B69BF7DE599E7
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: AA6AC41ADEFE3AB275981BB39872E898
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1655957497&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fivona.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497085&bpp=3&bdt=622&idt=319&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8034334843283&frm=20&pv=2&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=339
Frame ID: F123C9B7C7B899BF668400B5EA536C30
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
Frame ID: 50FB8260BF1C04208597DE474C343AEE
Requests: 16 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 662F49C1614E5E2B86E09FE5D776B7C6
Requests: 1 HTTP requests in this frame

Frame: https://cm.idealmedia.io/i-noref.js?cbuster=1655957497809475855973
Frame ID: 3B686AA11164553AC994A9ACDFF573CC
Requests: 1 HTTP requests in this frame

Frame: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 341E5774C9827E17BDC556EB49FCF56E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
Frame ID: FCE6E966592746BEAFC9FDB9364A7D4C
Requests: 1 HTTP requests in this frame

Frame: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A546699F3BD20FAA84D94B87E5191E22
Requests: 14 HTTP requests in this frame

Frame: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 439E177AB517C101CCC25A2E2D2C996A
Requests: 23 HTTP requests in this frame

Frame: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6C2E44884F44998C0926A2C07476D785
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYp8SmQjAB&v=APEucNXdW_Yi2FOeWV9dF8oQTUlLMgS0D4T3LCYRjqC8nLZl2d2V6mRka41bSYmJVzi35IT8Zd5J85PI5k21iCY9XBDe9L6J8Xk3vagIyToD-iifQwLm62TnBM7OxScCt2zJQ4XU8bmG1a_QC_LltmyQJ64qD-CNiOkMLyOzT3SP4ygpjaDyz4Mvd31JmgJnvRFFhhSVHgs5
Frame ID: 04BB099B5A5BFCBDBC2A1414C197377B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQlvvE0AIYs43bqQEwAQ&v=APEucNX-J6oXZmjb2FCAYnxHuqk8Mr_1_xcQg4zfwGWnHOPIbIDTbH8vl45NVkg2voVai3PRhVDK2fpFtwHQaIKVnbH8aA8QwNBXrzRAnpt22voP8HtOUArmiTEFmb94qYb1lmB7SLITtTItWuOSwTMR6Aq_-VxOqKW57Th9Y9vUPz1Drrk3F30
Frame ID: A80D3A07BFECCD570847B7C0B5C195E8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGIHZha8BMAE&v=APEucNU7HlxH6emPpY7kNrJDB7-En1uLWejCH8HFZIOHvbxML9zAEZn9DDcJ2oIgBPVU1C0gr8kvEpT19fPhA8h3rtzNws2ZsP7xCoDlviyFzPZRK0ehUxPS_2EIpwVY9l1R8WFspREOsIIuuRlEMWSnfq863vVDMIPcg_FsA3OuVoj0v55s9zs
Frame ID: 30B699A6CC4726D4B62B29C0C947CF0E
Requests: 5 HTTP requests in this frame

Frame: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E92861A431CE2858144ADD79E0743401
Requests: 14 HTTP requests in this frame

Frame: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ABAD574E504C69E17AE3B15B9FA1D97C
Requests: 14 HTTP requests in this frame

Frame: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F936BE33F713A98B75C6F574B26CA2D1
Requests: 18 HTTP requests in this frame

Frame: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CC441F7CF10AB019406400AE1D290F4D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqMdRCtoPD1AhjC2Ke3ATAB&v=APEucNXsgHkeC6Wyo0FOMT9ogIQXd7GXZW6Jip5zIqdGDtQGz2N2oqkZlm9VNwY_3fLBD_dXm1ge3w6obHYsXR71791r6BRqmcok4XibUIuN9yDc-loFRTOKbiNtzrHgJ_FnCxmALeQVLk6VeLdew1PHo8i5WYra_TYvaSitIqg0Sml6eoPOggE
Frame ID: 183FC882730D2C9A3E06C07B61B72093
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmWlQEQ-OyukgMYs7aCzQEwAQ&v=APEucNUCPRBtIInIVeWtTYdsWHQp6n0cI5ZiFYokJQ5pogEo_O9DlZVqEGFliWMjKJI7a6mKwCY3jdwXkkuZv0iNMos9mWZWiiR9fY4fiP-JtuDRtRWDIMFVEFy1kNYVMaRwK58SixUBIaNav3DnQ5HCoHx_3bbV4fiCulfYipiC0qDm-Hl9a3o
Frame ID: B983BCEC2DFA0E7193C003994F9DC1AA
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C7ED0D69E6CEF11F9C4A77F07F80DD1B
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIY8NGJqgEwAQ&v=APEucNWaPlkpWoPsrPFjCCkQp4yXNSxU2WKjkqhgFlZYw0i3bSO6rxIA7Y8ItTZ_6wr_z5jKcx5-ZIdj2w1AHrUpzG3Lmctuo5ZiLzok3wchGfWO5WHhVegWhzPAaAJe1jo3xUL1cA17eyQEgRUAGzSKpZpeQQNAOPR7kET0KaP9n4ZqFwvz9wo
Frame ID: E89A8E7023470ED5EBBB3EF71AE5DAE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGJe-ha8BMAE&v=APEucNVnGGakuVFr7slTTVzYzyZZPF3UjXYNFp2hFO0oGO9kcQ4b7HhuT-EFadNFRAe5UktrLhJq6pviuuqfMrrzKJFb_prZkjwyJvGb3cZZVYw73G7u3qhaXFvpO6xERtMPgDViOjbUl3obwKikg14k_OvoRZrHP-tlufdsRjTXfaJ3iz8ywdI3CPeC7N4oF7-6z2DcaOGu
Frame ID: 2AC3D4898B2484069F5D7C3D475E0549
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0BDF49DC043D1C3DB3E31C8B7F61C789
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 20F4BFDDCFD3CE547E382F1245CCB4EB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 489A4C81FED6BAE1F0AE195F18BAC858
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
Frame ID: 2E044B21E46424105660210C7C2870A0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 36998FAD9A344A02D64F7175CE13B4F6
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Frame ID: 1D90D75FB9AD12C82EAE66A01EACE0F9
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B4DCCD97A667135E00F28109BA797BF5
Requests: 3 HTTP requests in this frame

Frame: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EAC759EE23D665D3C4BAF881A921F336
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F1D1121B3575A517E7C7770D694176EE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E6C454091F8E6709C185AB568A22194B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0213AE6A4265C5A40A12D9371F41CCAB
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0CCE9F03E1095964C0AEE4ED4E8B7B4D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj46dzEATAB&v=APEucNW0EduStkKUmOF6Fc3QJPNgIJmQqOmq0jcVGt7omQIsA64p-_4RTTMj1pWF6JXQHWFFSuk8K_rkQhAAf_8cpIbUofFIGkcu5N0wxVVIBC4U65BZ1sfG7YqHU2KW-q6IfRUhIyYC7ElmS8Y_8pibVD8bmfUbtZWTvD7ynm_vv2Pn1g8Zeio
Frame ID: 52804A41F027BD4172FAB0A743644329
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E93F98A7F058BF9FDD5F23F0BE8BCBA5
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5EE6ACF5E5BC9014E2B23EB19782B53C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 100D2EFCC6D7FF54F95F825169757B8B
Requests: 9 HTTP requests in this frame

Frame: https://z.moatads.com/fallback/ad.js
Frame ID: 97A192229F48B532E130E6A7C6F546FB
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Frame ID: 5F793144449888E8D2B8A5FCEA1711A1
Requests: 15 HTTP requests in this frame

Frame: https://z.moatads.com/fallback/ad.js
Frame ID: BB2A604C911A340EC297DEFEC3802EE6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: DE390F1A57AD9860DC0FFA5BB2CC2B2B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2472196587167945595/index.html
Frame ID: C622A359694CFD81FD4C1B25BF109EB1
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8BA7A03867298477EE05FDA816D07FC9
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7B5C3B96DA62E928E8E6598E6667782C
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Женский журнал IVONA

Page URL History Show full URLs

  1. http://ivona.ua/ HTTP 301
    https://ivona.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

467
Requests

85 %
HTTPS

34 %
IPv6

62
Domains

93
Subdomains

61
IPs

10
Countries

6055 kB
Transfer

11738 kB
Size

114
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ivona.ua/ HTTP 301
    https://ivona.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://gaua.hit.gemius.pl/_1655957497217/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=N6PL9God23ZCUkbs6XvcPyidk9r4oS9pEkQ8MRk6OZH.P7gjPvw07XkBgYs_7ZUbOT_9mj_F.PY3JFgaVbnHSmoXyEv2/NU5AWpPtQfDsf/&ltime=293&fpdata=AW3RlZ64LZe9hxsI48rl4wY0yuJ8kH.PebXuvFrRpMf.F7&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1655957497217/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=N6PL9God23ZCUkbs6XvcPyidk9r4oS9pEkQ8MRk6OZH.P7gjPvw07XkBgYs_7ZUbOT_9mj_F.PY3JFgaVbnHSmoXyEv2/NU5AWpPtQfDsf/&ltime=293&fpdata=AW3RlZ64LZe9hxsI48rl4wY0yuJ8kH.PebXuvFrRpMf.F7&fpcap=
Request Chain 120
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=6637d8f4-efa2-47ab-81da-adb181bc8e3e&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=6637d8f4-efa2-47ab-81da-adb181bc8e3e&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3D89fa8901-2ac4-4179-b9b3-2ed85b4884a8&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=fceb62b3-e7f9-4000-b25e-f5138b5f9e0c&expires=30&ssp=prodoohmox&bsw_param=89fa8901-2ac4-4179-b9b3-2ed85b4884a8&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.mox.tv/delivery/sync?userid=89fa8901-2ac4-4179-b9b3-2ed85b4884a8 HTTP 302
  • https://ad.mediawayss.com/delivery/sync?userid=89fa8901-2ac4-4179-b9b3-2ed85b4884a8&inner_redirect=1&inner_uuid=725ea815-8aba-4ec3-b060-597264f5a7e2&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8= HTTP 302
  • https://ad.outstream.today/delivery/sync?userid=89fa8901-2ac4-4179-b9b3-2ed85b4884a8&inner_redirect=1&inner_uuid=725ea815-8aba-4ec3-b060-597264f5a7e2&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw== HTTP 302
  • https://ad.adopx.net/delivery/sync?userid=89fa8901-2ac4-4179-b9b3-2ed85b4884a8&inner_redirect=1&inner_uuid=725ea815-8aba-4ec3-b060-597264f5a7e2&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv HTTP 302
  • https://ad.invamia.com/delivery/sync?userid=89fa8901-2ac4-4179-b9b3-2ed85b4884a8&inner_redirect=1&inner_uuid=725ea815-8aba-4ec3-b060-597264f5a7e2&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv
Request Chain 195
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKaxxyErQin-S6iwA2mWhc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKaxxyErQin-S6iwA2mWhc&google_cver=1&C=1
Request Chain 196
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YrPn.jYD76snqHG8qQUiXAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKaxxyErQin-S6iwA2mWhc&google_cver=1&google_hm=2
Request Chain 197
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAd365cBfHbRtaArX54Ov9o&google_cver=1
Request Chain 198
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk2MzYwMTY0ODgxOTMyNjI1Mg%3D%3D
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPF_lusPiipKdtvJOXf9WeI&google_cver=1
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBcuguXGEWOe6Zb9OM2JZAU&google_cver=1
Request Chain 208
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPF_lusPiipKdtvJOXf9WeI&google_cver=1
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBcuguXGEWOe6Zb9OM2JZAU&google_cver=1
Request Chain 262
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOApRhzW2mRyv8Wi3OJwCew&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOApRhzW2mRyv8Wi3OJwCew&google_cver=1&__user_check__=1&sync_id=949d61d7-f2aa-11ec-b624-194044dd0406
Request Chain 263
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=9490f57d-f2aa-11ec-bd3b-14684a3a0306 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTQ5MGY1NGQtZjJhYS0xMWVjLWJkM2ItMTQ2ODRhM2EwMzA2
Request Chain 264
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEK4NqMtMWle-qH61eyHycGM&_origin=1&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEK4NqMtMWle-qH61eyHycGM&_origin=1&google_cver=1
Request Chain 265
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true
Request Chain 271
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1oU2V5cURoRTJ1RS5ObVZQUG9iSFFCeUh4NjR6OTBPR35B
Request Chain 272
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEINus46PeXjGoC2eF0xyl3I&google_cver=1
Request Chain 285
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIpK9otIaZiq94Pxr5IImk4&google_cver=1
Request Chain 286
  • https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmRlOWYyODM4NGFmMzc4ZDIzNzQyZmZiNGZiMzA1ZA==&gdpr=0&gdpr_consent=
Request Chain 291
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_cver=1&google_push=ARnp8GCa4dMTdVmNaohxrEbzEQtjqgwu_BLLhqvfeMZ5y-xEa3SpDGnng9f8wAcSFUYIIk01mauSA-5dyxWFgkLkAAFCB7cbtchp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_push=ARnp8GCa4dMTdVmNaohxrEbzEQtjqgwu_BLLhqvfeMZ5y-xEa3SpDGnng9f8wAcSFUYIIk01mauSA-5dyxWFgkLkAAFCB7cbtchp
Request Chain 292
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEvzZQdE5OKX1fFzlI5ZAGY&google_cver=1&google_push=ARnp8GCwaQ_Y2tWLnv4Ilc_n5X_AD4KKcxFJdJreppuHAbXmtJ0__hWZVxOryl_TDl8D7MVWJOYPhbSfI4PIjUZJ-hWg0s4O29TynA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCwaQ_Y2tWLnv4Ilc_n5X_AD4KKcxFJdJreppuHAbXmtJ0__hWZVxOryl_TDl8D7MVWJOYPhbSfI4PIjUZJ-hWg0s4O29TynA&google_hm=Njg0NjQwMzk1NTg0OTgyNzEzOQ%3D%3D
Request Chain 293
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtZmNutKb-W4gS6_QlrpJE&google_cver=1&google_push=ARnp8GD56OWUBuNmX4hXF8_Ye_K2SnytoWO7vaB9Tq1G-15C8tBWsXf05ZyXt3CjiWKrLsyCPXWyFMGGOuekidRbudhri4dD6t7yrA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4M1QtMTktTFYwQg==&google_push=ARnp8GD56OWUBuNmX4hXF8_Ye_K2SnytoWO7vaB9Tq1G-15C8tBWsXf05ZyXt3CjiWKrLsyCPXWyFMGGOuekidRbudhri4dD6t7yrA
Request Chain 294
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELktczQSmbqWLwa4Qn5FNE4&google_cver=1&google_push=ARnp8GDd0BVShA5r_FLaKe7A17QCeBlZ3XZLBwjfNjkoXxZsAb2HGMWF4zcmflNbHVs2Mpr6scjKGKw7zf586tWp94dwq5en3mbFFw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GDd0BVShA5r_FLaKe7A17QCeBlZ3XZLBwjfNjkoXxZsAb2HGMWF4zcmflNbHVs2Mpr6scjKGKw7zf586tWp94dwq5en3mbFFw
Request Chain 295
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJt5ZV7Wo7-YtL3NCcv2LL4&google_cver=1&google_push=ARnp8GCtRxxGw0BX_41KepNWVcpSJa4yPK9KKIdknxJHR2TjA2D5ZE6V-IdDOEa1GX_Pu_xeuRUH8YZOVE-fejPIbj892bsI_lidfw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCtRxxGw0BX_41KepNWVcpSJa4yPK9KKIdknxJHR2TjA2D5ZE6V-IdDOEa1GX_Pu_xeuRUH8YZOVE-fejPIbj892bsI_lidfw
Request Chain 296
  • https://sync.inmobi.com/gob?google_gid=CAESEAqlR8PdNG83JbrOjaLmads&google_cver=1&google_push=ARnp8GDl_BuKf8ZH_evzhxsNIQGEVQ7mQn_8N-5kfjAvP_V8JIuINNbJsUJu2JNz3cLjuUHavoF2VODAMxnsVa9U50AYyaNYqSo3PA HTTP 302
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DARnp8GDl_BuKf8ZH_evzhxsNIQGEVQ7mQn_8N-5kfjAvP_V8JIuINNbJsUJu2JNz3cLjuUHavoF2VODAMxnsVa9U50AYyaNYqSo3PA&gdpr_consent=&gdpr=
Request Chain 308
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtZmNutKb-W4gS6_QlrpJE&google_cver=1&google_push=ARnp8GCnmlXoX8WTREPjz2Szi9tfnVHIDDPbVwKLKE5KCtHuxCPA_MgwP_4OyLxI1Dcg66I_f1BLxFo165ukUSRxQTeEfuwHvjEZVg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4NVktTC0yTjVK&google_push=ARnp8GCnmlXoX8WTREPjz2Szi9tfnVHIDDPbVwKLKE5KCtHuxCPA_MgwP_4OyLxI1Dcg66I_f1BLxFo165ukUSRxQTeEfuwHvjEZVg
Request Chain 309
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJt5ZV7Wo7-YtL3NCcv2LL4&google_cver=1&google_push=ARnp8GBKgvAIhUu7vGxtiWCT0XKPEJ_6mLR48Lqpbniq4mpRexXHPZQ0NAKqFCS00K_m17fa1VNbhoG-FyBay5NMQtLM-zK_wPeLrg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GBKgvAIhUu7vGxtiWCT0XKPEJ_6mLR48Lqpbniq4mpRexXHPZQ0NAKqFCS00K_m17fa1VNbhoG-FyBay5NMQtLM-zK_wPeLrg
Request Chain 310
  • https://match.360yield.com/match/ebda?google_gid=CAESEPGAmOgh0nNAN_OFBKA5JJM&google_cver=1&google_push=ARnp8GBXZYn0f7Ohh2FDBcF7U_UzrwL6XlJOfAbCkkTAU6mBoh4355TL9wB9_v4eo0MTd4VEqycZpqn66SWGs2dE65F_LEWbJZVrWQ HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPGAmOgh0nNAN_OFBKA5JJM&google_cver=1&google_push=ARnp8GBXZYn0f7Ohh2FDBcF7U_UzrwL6XlJOfAbCkkTAU6mBoh4355TL9wB9_v4eo0MTd4VEqycZpqn66SWGs2dE65F_LEWbJZVrWQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=r-Y38KLmRBCKKhVnD8f2pw&google_push=ARnp8GBXZYn0f7Ohh2FDBcF7U_UzrwL6XlJOfAbCkkTAU6mBoh4355TL9wB9_v4eo0MTd4VEqycZpqn66SWGs2dE65F_LEWbJZVrWQ
Request Chain 311
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJszd7dSnU7bG6459o65xCU&google_cver=1&google_push=ARnp8GD0sKZoYjOo4G8arfvfNDVoVCJzGxgDKq3vKu3V0S2NnboG3Q1y4GRFBwb7yhCHa9dPcFU0pCVjXOg62z2YcYiQEBiKWj9Z4A HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ARnp8GD0sKZoYjOo4G8arfvfNDVoVCJzGxgDKq3vKu3V0S2NnboG3Q1y4GRFBwb7yhCHa9dPcFU0pCVjXOg62z2YcYiQEBiKWj9Z4A&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1655957499422 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-97439b22-b303-4569-a96c-e607af58da39-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DARnp8GD0sKZoYjOo4G8arfvfNDVoVCJzGxgDKq3vKu3V0S2NnboG3Q1y4GRFBwb7yhCHa9dPcFU0pCVjXOg62z2YcYiQEBiKWj9Z4A%26google_hm%3DA5dDmyKzA0VpqWzmB69Y2jk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GD0sKZoYjOo4G8arfvfNDVoVCJzGxgDKq3vKu3V0S2NnboG3Q1y4GRFBwb7yhCHa9dPcFU0pCVjXOg62z2YcYiQEBiKWj9Z4A&google_hm=A5dDmyKzA0VpqWzmB69Y2jk
Request Chain 312
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAVlLq7OpMpxV_FRu2zamgs&google_cver=1&google_push=ARnp8GDoVWnX_x6RAvVZNa_K2giRqWSb_sN54U3u1wUmH_JFnbZDUbZOY9G_x2IhGyfF8uS3KDnauN32CgADIiUeo94uz1zrtEZHYA HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GDoVWnX_x6RAvVZNa_K2giRqWSb_sN54U3u1wUmH_JFnbZDUbZOY9G_x2IhGyfF8uS3KDnauN32CgADIiUeo94uz1zrtEZHYA&google_gid=CAESEAVlLq7OpMpxV_FRu2zamgs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQyMDk0MDEwNTk4NDU4MDA2MDE1NA%3D%3D&google_push=ARnp8GDoVWnX_x6RAvVZNa_K2giRqWSb_sN54U3u1wUmH_JFnbZDUbZOY9G_x2IhGyfF8uS3KDnauN32CgADIiUeo94uz1zrtEZHYA
Request Chain 316
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBMBxmizM_pyrHw-XhF_c8I&google_cver=1&google_push=ARnp8GBY9LFPNtuL7T3qKdIVmanQBewyZk4jvT2pLyHWcI6U47cepAwx5nWE1eGHXFEprwIva3IZkSr6k14iPtEIdgtII-wgELnn HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBMBxmizM_pyrHw-XhF_c8I&google_cver=1&google_push=ARnp8GBY9LFPNtuL7T3qKdIVmanQBewyZk4jvT2pLyHWcI6U47cepAwx5nWE1eGHXFEprwIva3IZkSr6k14iPtEIdgtII-wgELnn HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RWRONXZGTUwxTzRlYlY1&google_gid=CAESEBMBxmizM_pyrHw-XhF_c8I&google_cver=1&google_push=ARnp8GBY9LFPNtuL7T3qKdIVmanQBewyZk4jvT2pLyHWcI6U47cepAwx5nWE1eGHXFEprwIva3IZkSr6k14iPtEIdgtII-wgELnn
Request Chain 318
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEvzZQdE5OKX1fFzlI5ZAGY&google_cver=1&google_push=ARnp8GCeYGqPcK3W-2InSlh6icb29_o8KzhYSOzN671RFt59-BAFhYJUjR_ZensajV8JV0IS2ZpikIPNz0Pym3EuFxjOXJwoxuDu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCeYGqPcK3W-2InSlh6icb29_o8KzhYSOzN671RFt59-BAFhYJUjR_ZensajV8JV0IS2ZpikIPNz0Pym3EuFxjOXJwoxuDu&google_hm=ODA4NDA0Njc2MDU4MDIwMzIwNg%3D%3D
Request Chain 320
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEF6L2uk-7hr09fl_2mnpME&google_cver=1&google_push=ARnp8GB0xN2Jy5mssD-SLYTnzkHITIsBTNAYUDodT73GRsmglV09CRXw04movRqp40nIamvke5-Y-JO7xOhpQWn7jif4FLpkLMI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrPn-zYD76snqHG8qQUiXQAAAscAAAIB&google_push=ARnp8GB0xN2Jy5mssD-SLYTnzkHITIsBTNAYUDodT73GRsmglV09CRXw04movRqp40nIamvke5-Y-JO7xOhpQWn7jif4FLpkLMI&google_gid=CAESEEF6L2uk-7hr09fl_2mnpME&google_cver=1
Request Chain 321
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELktczQSmbqWLwa4Qn5FNE4&google_cver=1&google_push=ARnp8GCGi3evUUm8v0bP8meoPZPBOmyaAHMxj--urkub194SL3iYxCLFiaCqNiBuGX13wvuqg-10zE6QOHIC0ESPSutylHUwfiD0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GCGi3evUUm8v0bP8meoPZPBOmyaAHMxj--urkub194SL3iYxCLFiaCqNiBuGX13wvuqg-10zE6QOHIC0ESPSutylHUwfiD0
Request Chain 322
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJt5ZV7Wo7-YtL3NCcv2LL4&google_cver=1&google_push=ARnp8GA0mi2CFHCMJqib0sjwwTwZyN4XRBlhwLyzYb1_RjHJ9yUZxu4WRAS4DoQLtarf6_dEanAyvBSP0fgi6bxtpZdnmoOaPUAE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GA0mi2CFHCMJqib0sjwwTwZyN4XRBlhwLyzYb1_RjHJ9yUZxu4WRAS4DoQLtarf6_dEanAyvBSP0fgi6bxtpZdnmoOaPUAE
Request Chain 358
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GBkcDxPq0ZyXbxjVHhFRiZYWsLgIY-XERoLX61LZFFlmsX9ZGHk4SU_Wzn1sgM-QdvgxCw3XD2V5-JaUBburGr4IRSRxQl6&google_gid=CAESEKMYj0SIHJcGLIUQD2zO64s&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJQbl93QUszdEV3cXdBag&google_push=ARnp8GBkcDxPq0ZyXbxjVHhFRiZYWsLgIY-XERoLX61LZFFlmsX9ZGHk4SU_Wzn1sgM-QdvgxCw3XD2V5-JaUBburGr4IRSRxQl6
Request Chain 359
  • https://um.simpli.fi/gp_match?google_gid=CAESEAuVjDrC0l9KSUHdHeassOo&google_cver=1&google_push=ARnp8GAK_oB5QzFNT273XIWcT9wOWJTQSlG5Ee8uFqN8jyhzVzwPKzymLHv4HZySXaazQjFeo4TUSSBL_sPd-b6x1GPrygq84pw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C5AEE89E4AE84CBE9FA110A9CE5FC1D0&google_push=ARnp8GAK_oB5QzFNT273XIWcT9wOWJTQSlG5Ee8uFqN8jyhzVzwPKzymLHv4HZySXaazQjFeo4TUSSBL_sPd-b6x1GPrygq84pw
Request Chain 361
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDIHgJWA84DSUXMqfg-M_eg&google_cver=1&google_push=ARnp8GA9EMKT0AtfoqTIWdVc61M6frgu0vnYmW7G7yzQxeTGinLa1hGu5cbtoMN-QhAL7S_FlA2CJgGDUjye1LxkUaamLfMwFTyT HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0m3vn-pfR0-293OwCwfBSg2&google_push=ARnp8GA9EMKT0AtfoqTIWdVc61M6frgu0vnYmW7G7yzQxeTGinLa1hGu5cbtoMN-QhAL7S_FlA2CJgGDUjye1LxkUaamLfMwFTyT
Request Chain 362
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEvzZQdE5OKX1fFzlI5ZAGY&google_cver=1&google_push=ARnp8GAIOarddbz5zySV7zgeJNBRpy2JKEuFMzmGCiAMQ8o_rLBPV21hD64pv2QXrCsUZ2jZWMa63hvQ4g_6s_HxcaDkBjdmIG6Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GAIOarddbz5zySV7zgeJNBRpy2JKEuFMzmGCiAMQ8o_rLBPV21hD64pv2QXrCsUZ2jZWMa63hvQ4g_6s_HxcaDkBjdmIG6Y&google_hm=Njg0NjQwMzk1NTg0OTgyNzEzOQ%3D%3D
Request Chain 363
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJt5ZV7Wo7-YtL3NCcv2LL4&google_cver=1&google_push=ARnp8GCLZQwRxhQQ_SU80foIcfiI3E6ScdOUz6JcTTSjkID_P_n0PcduAG7X2-Kczton0NWoUaJ32Q9NecrYOc--IAW7f6uMoOU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCLZQwRxhQQ_SU80foIcfiI3E6ScdOUz6JcTTSjkID_P_n0PcduAG7X2-Kczton0NWoUaJ32Q9NecrYOc--IAW7f6uMoOU
Request Chain 364
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJszd7dSnU7bG6459o65xCU&google_cver=1&google_push=ARnp8GCG7Fs6D0ewA2HReWAUllzBi6DGHubaChDGVXUQ_y-ZknISXwgFtdct-LCvxS46lQnALguhNFVWAH8EIMSvJsHvYYxq1EVJ HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-97439b22-b303-4569-a96c-e607af58da39-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DARnp8GCG7Fs6D0ewA2HReWAUllzBi6DGHubaChDGVXUQ_y-ZknISXwgFtdct-LCvxS46lQnALguhNFVWAH8EIMSvJsHvYYxq1EVJ%26google_hm%3DA5dDmyKzA0VpqWzmB69Y2jk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GCG7Fs6D0ewA2HReWAUllzBi6DGHubaChDGVXUQ_y-ZknISXwgFtdct-LCvxS46lQnALguhNFVWAH8EIMSvJsHvYYxq1EVJ&google_hm=A5dDmyKzA0VpqWzmB69Y2jk
Request Chain 383
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GB76rlMhgyVKCOP7kwZiTWKCvy6Nppx5yGY1pxwtTkNyZPmTJ7e6ut0I017cO1xaZX1gHDMetrcMh81Wac9ce844qN6HW4&google_gid=CAESEBQj0EwKeP1UjoIYnrhJFLY&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPvPz5UGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BUm5wOEdCNzZybE1oZ3lWS0NPUDdrd1ppVFdLQ3Z5Nk5wcHg1eUdZMXB4d3RUa055WlBtVEo3ZTZ1dDBJMDE3Y08xeGFaWDFnSERNZXRyY01oODFXYWM5Y2U4NDRxTjZIVzQ HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSUttdkFGcnVoc0tmdUJxUHlQYkJDYnVaU01ESVRWMngtcWdqVFpNUXlUNA==&google_push
Request Chain 384
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDLAcXZJF8WFbxc5IJ7XOEHcgy8kgW1FVQNlDW8sNfiqxjpqfUfqT_TbtIToNQROL6gl0FnppZROQuyQ02tdvPtZTsPkA&google_gid=CAESELisnGAggOKJ-JdvY__STMw&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDLAcXZJF8WFbxc5IJ7XOEHcgy8kgW1FVQNlDW8sNfiqxjpqfUfqT_TbtIToNQROL6gl0FnppZROQuyQ02tdvPtZTsPkA&google_gid=CAESELisnGAggOKJ-JdvY__STMw&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjMwNDExNDAwMDA3NzI0NzY4Mjk0Mg%3D%3D&google_push=ARnp8GDLAcXZJF8WFbxc5IJ7XOEHcgy8kgW1FVQNlDW8sNfiqxjpqfUfqT_TbtIToNQROL6gl0FnppZROQuyQ02tdvPtZTsPkA
Request Chain 387
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtZmNutKb-W4gS6_QlrpJE&google_cver=1&google_push=ARnp8GBvq5xUq1gfxz5GIW62WQEFMJib5lw605MO6Drh0NM2hSXAn7hpC_9LKSqQDYM-i7NsC4e11tFd_SRxpZcLsRc6sjV3dQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4QlEtWi1LTTBS&google_push=ARnp8GBvq5xUq1gfxz5GIW62WQEFMJib5lw605MO6Drh0NM2hSXAn7hpC_9LKSqQDYM-i7NsC4e11tFd_SRxpZcLsRc6sjV3dQ
Request Chain 388
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEF6L2uk-7hr09fl_2mnpME&google_cver=1&google_push=ARnp8GAuvHCCvjOZxuuLCyM-_zrh-Ag_4rOeh4L8LWTF6vVVr8iILpNymNOjziQ-1bpQbq5e3t78mETvzAFQbYlYnZrH3L_8qHA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrPn-zYD76snqHG8qQUiXQAAAscAAAIB&google_push=ARnp8GAuvHCCvjOZxuuLCyM-_zrh-Ag_4rOeh4L8LWTF6vVVr8iILpNymNOjziQ-1bpQbq5e3t78mETvzAFQbYlYnZrH3L_8qHA&google_gid=CAESEEF6L2uk-7hr09fl_2mnpME&google_cver=1
Request Chain 410
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJrDeSHQmxpPkPbYv7yf-z8&google_cver=1&google_push=ARnp8GBxTbnMvKnu-jnWY-5eyR7CjtK_aGcosLCfyLOon66Nn-m5wGEXArZfM5BF-5unjMQDtEa9gu-vn8TOH-lM4tkDQuvu0Kc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=_Otis-f5QACyXvUTi1-eDA&google_push=ARnp8GBxTbnMvKnu-jnWY-5eyR7CjtK_aGcosLCfyLOon66Nn-m5wGEXArZfM5BF-5unjMQDtEa9gu-vn8TOH-lM4tkDQuvu0Kc
Request Chain 411
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_cver=1&google_push=ARnp8GAdC8DfZayrMizel-ayxqOJD2D6SEG9Ubn93-l6yo6aWBYV4TefhNNDpJz2a7-y6uuDiG9KBJRdEC-AlgYXgVjuRfBCKd9r HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXJQbl93QUszdEV3cXdBag==&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_cver=1&google_push=ARnp8GAdC8DfZayrMizel-ayxqOJD2D6SEG9Ubn93-l6yo6aWBYV4TefhNNDpJz2a7-y6uuDiG9KBJRdEC-AlgYXgVjuRfBCKd9r
Request Chain 412
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFEYaDmwyjHO4X63t76-Ycg&google_cver=1&google_push=ARnp8GATJ10WDqEu1ehv2B6ogTosc3w4Maccq9Nf8irIVR4D301KjkI7R6Gvd77qBT_5PD92b4TfccyaextW4t2N9KLjEZveL_Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GATJ10WDqEu1ehv2B6ogTosc3w4Maccq9Nf8irIVR4D301KjkI7R6Gvd77qBT_5PD92b4TfccyaextW4t2N9KLjEZveL_Y&google_hm=ifqJASrEQXm5sy7YW0iEqA==
Request Chain 413
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEvzZQdE5OKX1fFzlI5ZAGY&google_cver=1&google_push=ARnp8GDiPoMg6n9RWsujHLhklF9RsNr19G1hb1fI1m6HbnsUq45Bijux8Y6uHGxpFJki_jfVrtEAdy98wIyYaJKkirDFzDDm1nXe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDiPoMg6n9RWsujHLhklF9RsNr19G1hb1fI1m6HbnsUq45Bijux8Y6uHGxpFJki_jfVrtEAdy98wIyYaJKkirDFzDDm1nXe&google_hm=Njg0NjQwMzk1NTg0OTgyNzEzOQ%3D%3D
Request Chain 415
  • https://match.360yield.com/match/ebda?google_gid=CAESEPGAmOgh0nNAN_OFBKA5JJM&google_cver=1&google_push=ARnp8GDHvigA6ttMXfX9uu9Ts5wgtN2G-cI1i3_0O7jdnPSqy71H4Xos8zJ8ePbdosPGXwwE92wsxYhhPv28Y2zsoHxS7AAD05g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=r-Y38KLmRBCKKhVnD8f2pw&google_push=ARnp8GDHvigA6ttMXfX9uu9Ts5wgtN2G-cI1i3_0O7jdnPSqy71H4Xos8zJ8ePbdosPGXwwE92wsxYhhPv28Y2zsoHxS7AAD05g
Request Chain 416
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIorDYP1uR-tQlbbJadCW4M&google_cver=1&google_push=ARnp8GBfFrUq5NiqfO0gzILxpZ5iI0j4S6f0mW077aQx1Ek4NvpNYqvFz9QXjbiqb-ddKk61JB8u8W1Tl1EAMI1cHmfoYt9q6vQrow HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kTE1IcGVGRTJ1SEVlQW1QYzNuX2czcGtETm9ZMmtja35B&google_push=ARnp8GBfFrUq5NiqfO0gzILxpZ5iI0j4S6f0mW077aQx1Ek4NvpNYqvFz9QXjbiqb-ddKk61JB8u8W1Tl1EAMI1cHmfoYt9q6vQrow
Request Chain 422
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEN_fxP7BsmuFX9hLCNVTqxo&google_cver=1&google_push=ARnp8GDdmvw4jev0R5sNfERzG6skduPfp58yy6Nr2nqYpmZfMKctbSPfyEZIniXJLHwVkaEOuvEhXtBIS0buWHSxhc-XwsjcZocscQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GDdmvw4jev0R5sNfERzG6skduPfp58yy6Nr2nqYpmZfMKctbSPfyEZIniXJLHwVkaEOuvEhXtBIS0buWHSxhc-XwsjcZocscQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEN_fxP7BsmuFX9hLCNVTqxo&google_cver=1&google_push=ARnp8GDdmvw4jev0R5sNfERzG6skduPfp58yy6Nr2nqYpmZfMKctbSPfyEZIniXJLHwVkaEOuvEhXtBIS0buWHSxhc-XwsjcZocscQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GDdmvw4jev0R5sNfERzG6skduPfp58yy6Nr2nqYpmZfMKctbSPfyEZIniXJLHwVkaEOuvEhXtBIS0buWHSxhc-XwsjcZocscQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 423
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_cver=1&google_push=ARnp8GA78MKmuVB0k8cBC4jT8YJ8Yp4VMEiMcoD3si1f70S4MwOklTmSnXQzGiSVif70L7C7lGhXumfoCzqVl72WhDwLJtBJtdl8Rg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXJQbl93QUszdEV3cXdBag==&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_cver=1&google_push=ARnp8GA78MKmuVB0k8cBC4jT8YJ8Yp4VMEiMcoD3si1f70S4MwOklTmSnXQzGiSVif70L7C7lGhXumfoCzqVl72WhDwLJtBJtdl8Rg
Request Chain 424
  • https://um.simpli.fi/gp_match?google_gid=CAESEAuVjDrC0l9KSUHdHeassOo&google_cver=1&google_push=ARnp8GBKz1ig3rz5wwHcI0_NPToXTnt4dVstu6kXBP_KBOAR4-KGHbEq9-SG5UXHcTvrUcMQyam9iSzt3b1a8Zli70s0CNv6dc45 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C5AEE89E4AE84CBE9FA110A9CE5FC1D0&google_push=ARnp8GBKz1ig3rz5wwHcI0_NPToXTnt4dVstu6kXBP_KBOAR4-KGHbEq9-SG5UXHcTvrUcMQyam9iSzt3b1a8Zli70s0CNv6dc45
Request Chain 426
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtZmNutKb-W4gS6_QlrpJE&google_cver=1&google_push=ARnp8GALBxPlTfqX1SPbAVa0VpvAxchsjqEs14ZiMSKB_5k8Q-IbmeSHByTNpIN-K0XkNc6IQGzEvwX2LTGaltD_BnEiHuLvj7p98w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4RlotVy1DUUVC&google_push=ARnp8GALBxPlTfqX1SPbAVa0VpvAxchsjqEs14ZiMSKB_5k8Q-IbmeSHByTNpIN-K0XkNc6IQGzEvwX2LTGaltD_BnEiHuLvj7p98w
Request Chain 427
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAVlLq7OpMpxV_FRu2zamgs&google_cver=1&google_push=ARnp8GDg3Ws-ee97ptiVIasPfnYj8RclL8u5_Pn8gNqDnBUgeIdC5Aeg_6BDuBz67mjMayiAvMW2VJNLGklIETC48JV3w5udZJtWYw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQyMDk0MDEwNTk4NDU4MDA2MDE1NA%3D%3D&google_push=ARnp8GDg3Ws-ee97ptiVIasPfnYj8RclL8u5_Pn8gNqDnBUgeIdC5Aeg_6BDuBz67mjMayiAvMW2VJNLGklIETC48JV3w5udZJtWYw
Request Chain 451
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECcqpsUI4tgwZbnRIwqpdGw&google_cver=1&google_push=ARnp8GAthiMp9A0BUhIafZnkVlq5aqfBMrLU81ba-KWVqronUrkCYssvjs7ht744OQESgxUUVeg9z76-bbuvesPxyRoA-mzrqt0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAthiMp9A0BUhIafZnkVlq5aqfBMrLU81ba-KWVqronUrkCYssvjs7ht744OQESgxUUVeg9z76-bbuvesPxyRoA-mzrqt0&google_hm=CRW_utaOTzEs_RadLm2YsA
Request Chain 452
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GBTiVC-zC455peHj7GFGBxliHIACPt8gRH0hBHewAXgnYGarM3URo-kT04qGW-XW8uWezR6B2ukomRDL6hy6tXuCayD0kQ&google_gid=CAESEKMYj0SIHJcGLIUQD2zO64s&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJQbl93QUszdEV3cXdBag&google_push=ARnp8GBTiVC-zC455peHj7GFGBxliHIACPt8gRH0hBHewAXgnYGarM3URo-kT04qGW-XW8uWezR6B2ukomRDL6hy6tXuCayD0kQ
Request Chain 453
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDtxegs2s7VwX3_sGDbyFhZiIG9wE17Onb_mgxpAEpWq4g_BvV524xCBdOJRd7KPrWG7ut_6zKuo3vnqwOkg1XhwHpR8TM&google_gid=CAESELisnGAggOKJ-JdvY__STMw&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjMwNDExNDAwMDA3NzI0NzY4Mjk0Mg%3D%3D&google_push=ARnp8GDtxegs2s7VwX3_sGDbyFhZiIG9wE17Onb_mgxpAEpWq4g_BvV524xCBdOJRd7KPrWG7ut_6zKuo3vnqwOkg1XhwHpR8TM
Request Chain 456
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtZmNutKb-W4gS6_QlrpJE&google_cver=1&google_push=ARnp8GCq0f0ZXjA1SqnQf4JgjPdL2EFQ8Lh_o0wH8w43AqAj1PNWfli0Jtf8sCrTte7OpNdQIwwvoKBFAV2RDR4i9YBzyfuY5K4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4VUYtMVQtQ1cwMg==&google_push=ARnp8GCq0f0ZXjA1SqnQf4JgjPdL2EFQ8Lh_o0wH8w43AqAj1PNWfli0Jtf8sCrTte7OpNdQIwwvoKBFAV2RDR4i9YBzyfuY5K4

467 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ivona.ua/
Redirect Chain
  • http://ivona.ua/
  • https://ivona.ua/
102 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
74c2f0da6ff3bf4615c59a7cd9943d32cc0f36ed620636f060d3b246a9dd6fc2

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Jun 2022 04:11:53 GMT
server
nginx
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
x-amz-cf-id
r1PqWFg2B1hpvFCk9ffJqHr0-YzGdQi049LHO1_b876V2ypPquL_Bg==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
183
Content-Type
text/html
Date
Thu, 23 Jun 2022 04:11:35 GMT
Location
https://ivona.ua/
Server
CloudFront
Via
1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront)
X-Amz-Cf-Id
odkbgUSfGgj-6DjrbgW5ZoLBsdTrgOm2DaWWlPEt_iNPXMLEeH9lUw==
X-Amz-Cf-Pop
FRA50-C1
X-Cache
Redirect from cloudfront
holder.js
i.holder.com.ua/t/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.holder.com.ua/t/holder.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
i1.i.ua
Software
nginx /
Resource Hash
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 23 Jun 2022 04:11:36 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2017 14:14:15 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Fri, 23 Jun 2023 04:11:36 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-06-23T04:10:26+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Mon, 16 May 2022 12:35:26 GMT
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-206274582-1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4a2674006dda39c7b558246b22ccb78f9e082fd290c58ed6ed13a946ea919fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39809
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Jun 2022 04:11:36 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ee219d9e027c52970e19a95503efb43b5e1067c8607e938b31e0fa210487375
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56251
x-xss-protection
0
server
cafe
etag
11228536081989856495
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 04:11:36 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7f1d0ad08e99fd94041679d0a55a90426162b0305ab5daaf9fcb1d58867381ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 04:11:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Jun 2022 04:11:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Jun 2022 04:11:36 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ 		56 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1233711
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10022
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-de0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ea4ViUZkrlXy7kvRWbEiSRvmyP%2FNVLP0hyc8OdUBkenAoMTrsMoOqvoc09eiVV75B4zIXvTBS%2BRI0Nnb7yeorwzPi0tsgxYroFWY4x3ZRxmt7MoDt9m12x34D5rfQeVqoCWfu5lQuqk%2FpJqm7Gv4mIN"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71fa6171d9f601eb-ZRH
expires
Tue, 13 Jun 2023 04:11:36 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
8601936
cdn-cachedat
12/27/2021 07:28:05
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c93bb13724f1916e0ec0f105adc4675a
cf-ray
71fa6171ebe4cc3e-ZRH
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
v10
ivona.ua/css/style.css/ 		77 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/css/style.css/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
2c87d3e2f818ba84a6d76a422499b997d743c05d936adfd84539290a8f0fec42

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 15 Apr 2022 01:52:00 GMT
content-encoding
gzip
age
5970060
x-cache
Hit from cloudfront
last-modified
Wed, 09 Feb 2022 11:22:20 GMT
server
nginx
etag
W/"6203a3ec-13503"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
*
x-amz-cf-id
X90zCOTWBPO04_rwtQa9ScmEnlQDP2b_FOHU-RTMgXHx2q8bh6KAlQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v10
ivona.ua/a-custom/custom.css/ 		970 B
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/a-custom/custom.css/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
8c49566661e25a56098710ae7c23c306a8cd94bf3ac3614686aa7f9a3afb1c32

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 06:56:57 GMT
content-encoding
gzip
age
1113483
x-cache
Hit from cloudfront
last-modified
Mon, 11 Oct 2021 09:24:29 GMT
server
nginx
etag
W/"616402cd-3ca"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
*
x-amz-cf-id
34DAB1t2iLIDmFA6sNbNzi55iwN5mNcE1SdF7Wf1_KqRQYFfsyrx5A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4855007
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SmWxxDkEwCjV3v%2B%2BrDvac3dTke6lhZoBoVnCO294xBi%2BMIDqc0u4xDWFN19eUe8%2BZC0aIE0WL8INwI78mzD4kGSRjvO%2BfV4g5i5xNeRCWu9QXKNP5GFEGEvlnPE5c99IO5QgklK%2FkYPeFdqfyU04lxRG"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71fa6171d9f801eb-ZRH
expires
Tue, 13 Jun 2023 04:11:36 GMT
630x283.png
ivona.ua/img/ 		130 B
587 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/630x283.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
7b4b07d23354c543dc43e161b5abe841f026ebaf1d53ac0cce0e3884b970f871

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 20:57:57 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
age
10394035
x-cache
Hit from cloudfront
content-length
130
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-82"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
l9AvFKwdPz6ZckD1kroOZmH37P4btJztdKkJdgTE9J21cXIa3Pq7-g==
expires
Thu, 31 Dec 2037 23:55:55 GMT
4x3.png
ivona.ua/img/ 		96 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/4x3.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
a10e7064bf6a788c67304be2dacba454fca986a3bac0d0de71c79fb6a54bd1bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 10:09:54 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
age
929111
x-cache
Hit from cloudfront
content-length
96
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-60"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
1qFQ-TLZVoQv_SVl2J81D95KR_LFAmhqJ80SbrKEbibONCmHrKeoLg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
554608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6646
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zfg%2BeE9Du2oXmdWOeT6ar25xtiU0SJWC9u0xjsUztL3%2F7sV%2FLbC%2F2zG1OM%2BlGDyC9M2jwICqlNraf9sqjyUwWu5RBwG9%2BOnliBZkw%2BzauMnPAqTEyigmJkeVgjDNIo3EN%2F%2BIVa5hDkftwRhaX8Gx3ExD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71fa6172fcf5020d-ZRH
expires
Tue, 13 Jun 2023 04:11:36 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 		57 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
601, 617, 617
age
9215611
cdn-cachedat
2021-08-02 21:50:12
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
b15417b2c98f73e0910f14703189176f
cf-ray
71fa6172ccb0cc3e-ZRH
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/ 		67 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7889450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19249
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-10a9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zAQz8n8MWv39Xh6bknX%2BHLl9i59D0V9IRrjptEg6iLSMzaSmnCDn7DDs0105Gt0YgkRbPoBBWeGBbd5aNvvWIhPPPYeKr3WHmksRrsyT546uGh4vYTtLY7VxrNQEAiQchagci%2F02SmqvkxDjMDKYw00t"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71fa6172ca8201eb-ZRH
expires
Tue, 13 Jun 2023 04:11:36 GMT
lazyload.js
cdn.jsdelivr.net/npm/lazyload/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/lazyload/lazyload.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3205
x-jsd-version
2.0.0-rc.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19133-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QyHzINa4vlqVHlyCOTLyoEFFo4ESjxSYXpbDt%2ByfMq%2FHLcKQxK%2FCe5Sizxb4iZIpKCGrUAuKcKg5nmgeq7kRbPYcEJbELRwNf8DGyaEvlW%2BAE6k3jgyDMJuJjlKR25AoDMQssRZYJgkIuJglyP8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
71fa61737a870208-ZRH
v10
ivona.ua/js/theme-script.min.js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/js/theme-script.min.js/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
6056ffc424715134bc8cb5583ce0af5e2bb6c2eb772550a0519e1afd163eb4d6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:25 GMT
content-encoding
gzip
age
11551643
x-cache
Hit from cloudfront
last-modified
Wed, 09 Feb 2022 11:22:20 GMT
server
nginx
etag
W/"6203a3ec-693"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
*
x-amz-cf-id
yBeJb1uSP8LcjHzm6Rky1j71hM9GA7Fz1abfNnRdb6TkHsW2kBlh-A==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v10
ivona.ua/js/banner-index.js/ 		2 KB
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/js/banner-index.js/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
24b8dee038e42eb0a35f5f2250385a6e7821a0410a4c55f4afaab79dad56b470

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:25 GMT
content-encoding
gzip
age
11551643
x-cache
Hit from cloudfront
last-modified
Sat, 21 Aug 2021 13:24:17 GMT
server
nginx
etag
W/"6120fe81-725"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
*
x-amz-cf-id
HEWLKDDDoR2vXbE4iq_tFPoL1KoMuduWZVS4z_vYeD91t-EH8lu-vA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
article-stat-v2.js
ivona.ua/click/js/ 		976 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/click/js/article-stat-v2.js?8
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:53 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified
Mon, 29 Apr 2019 05:26:10 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"5cc68af2-3d0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
x-cache
Miss from cloudfront
accept-ranges
bytes
access-control-allow-headers
*
content-length
976
x-amz-cf-id
Voffy0Ntc42MxxbwXjHAsQcYtUH-43Fdl6cnAllKc3oWP1WBSAsINg==
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6693303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
591
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=giKozT0WFuh%2BL1jaRbu9k3UHtJjhd3PkbQ5RtfzhhAnOhIL7uHwcW4YKOndOYUnCMwYOy0zvHjlqUS%2FUGNZ0Pxd9vAoIWvofvVOF6OnZgMD5X8oldnilRa9P%2FjlEV3VWnhsAHTFMwnfi9gwuP1RtsJRM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71fa6172ca8301eb-ZRH
expires
Tue, 13 Jun 2023 04:11:36 GMT
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
541266
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1339
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-eb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HSZN39BaC0YQnDTQFRH5v00i44q%2BKKBFxoJqZAGv%2FQXC5weKenF1uQ2NzrnwQBGeNu2IVuyw2AJ3Hn%2FySRJHmTHXbMUf9H8YhAzOgSoyT537bE%2Bjq0hEZ8cvFnektNdQkvZ8D4lcvSUWO%2BzyuMEFEkGI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71fa6172ca8401eb-ZRH
expires
Tue, 13 Jun 2023 04:11:36 GMT
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
27667630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1763
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1483"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HyAseoiH5rF7kP8nd5TyTMSiWlWIEP6hJvd9LT5o0rIQOjrcJZJuwQ3ssswhWF%2F3XtRg0AHxrbn5%2FzyJWND7uTx687dn2agoS3kv8aBaMiXtncC2sR7o%2BIxl%2Fbmaa0UZu0fCaj0QWoZmnNO8vXVvoZr3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71fa6172ca8501eb-ZRH
expires
Tue, 13 Jun 2023 04:11:36 GMT
common.js
ivona.ua/click/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/click/js/common.js?1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:53 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
last-modified
Mon, 06 Jan 2020 10:11:50 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
"5e1307e6-a00"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
x-cache
Miss from cloudfront
accept-ranges
bytes
access-control-allow-headers
*
content-length
2560
x-amz-cf-id
xwmoixdSSmHHnLGIypDVzaBYJFONVGzfsstj3E4hrn2C_6DfZuCGxA==
xgemius.js
gaua.hit.gemius.pl/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 16:52:19 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
14031
expires
Thu, 23 Jun 2022 16:11:36 GMT
e.js
cdn.umh.ua/libs/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.umh.ua/libs/e.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Brandenburg, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block;
last-modified
Tue, 01 Mar 2022 15:54:34 GMT
server
nginx
etag
W/"621e41ba-16f4"
access-control-max-age
1728000
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER
expires
Fri, 24 Jun 2022 04:11:36 GMT
logo.png
ivona.ua/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/logo.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
2a5ffc4b5364d3c9b497b0358cec59b47658cdbb7455e840977d80dffcc4c37b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:26:19 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
age
25893697
x-cache
Hit from cloudfront
content-length
1326
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-52e"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
1RjRAQiK5tOk0bzSXgZuBLD2pwOspUnyCGY-LcVDdvjf9cUV4e1sXw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
sitename.png
ivona.ua/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/sitename.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
ca18a695aa649c8be202136c7e83fe201f90b7c3391d45fbe971689d9bb3ebcd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 00:39:20 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
age
1222537
x-cache
Hit from cloudfront
content-length
1058
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-422"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
VQQvJMdjQFrK8AKFgFQg4sqREWUwK3eMY36rAWpyoCNYSBZEsvxywA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:26:32 GMT
x-content-type-options
nosniff
age
31504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 19:26:32 GMT
search_icon.png
ivona.ua/img/ 		253 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/search_icon.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
7a3e2211e9bf114d049bb17ffdab66a889f20a55770d462a3136b573e23c439c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 05 Mar 2022 01:51:50 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
age
9512385
x-cache
Hit from cloudfront
content-length
253
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-fd"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
afUEZYknzVk7Nmrymr391Qt9ruhlms2KPoWHxJRzzds-bAf8iXVz8Q==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:27:09 GMT
x-content-type-options
nosniff
age
31467
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29928
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 19:27:09 GMT
jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v17/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:26:34 GMT
x-content-type-options
nosniff
age
31502
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28444
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:45:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 19:26:34 GMT
sdk.js
connect.facebook.net/uk_UA/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7b1499ab598295fc57f50b418f5cdcf95ccb28539d1411373b0a4953e9c3aaa1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
DETgUYRk/6cqMHv4UGq3lg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
pRQxraL0pBXu6LhqHlsI4nHFIeruBJj6RUtUpr2M3zim+Yo1SvPYyjJiFww/JK9H70+pPK9m1PnOvSHgTtwsYA==
x-fb-trip-id
686109401
x-fb-content-md5
11d57a3ad8ce54ccdc11a70318a6e00a
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 23 Jun 2022 04:11:36 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"0eec81a0bef1705635fec9cf1fdf2816"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 23 Jun 2022 04:17:49 GMT
arrows.png
ivona.ua/img/ 		562 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/arrows.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
e0aa33565d329e1218a6d190b0aa8c20e73d637429df09713949330e4632d7cd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 04:18:44 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
age
1554965
x-cache
Hit from cloudfront
content-length
562
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-232"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
hGua6gm_fbnZGnp-YqeyukftgwayjkW2YWhso4-3iEvn2yKM3flfwA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ 		74 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
777251
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75728
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-127d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TDM6f2hk3tUMBRYj9WHH6bVoLHwIxrGpHj9BYts69G2TZGdckYS5zAPpJXf0LtfSBQrTb94lAJQl%2BOc4NGHzHE0216dQHXC8c6pOBjTyln%2BfBOd9CKo%2FfBmBOZq3mVc4O%2BfCuWEpwY1xS%2BQKNIvNLyeM"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
71fa61731d0f020d-ZRH
expires
Tue, 13 Jun 2023 04:11:36 GMT
bigmir_logo.svg
ivona.ua/img/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/bigmir_logo.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
33ba16e1b1d8a7bd9b5fd855dbe3db459460d39b818944c98fa56efc03d04070

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:26:19 GMT
content-encoding
gzip
age
25893696
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
W/"60fc3da0-d2d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
access-control-allow-headers
*
x-amz-cf-id
i0zcGsGEEih_hGjV-6NciskQ4mUrEtCJIZkJCXwyYcnyiTe7mvnigA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
load
z.cdn.umh.ua/ 		920 B
971 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1817662902&div=zone_1817662902&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Brandenburg, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
72d833de2a972d8a3aa2a99df6beaf7f159fb1719dadb67616de047648caf580

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
620
expires
-1
load
z.cdn.umh.ua/ 		816 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=2096059570&div=zone_2096059570&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Brandenburg, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
5036ff8425338eede2b1ef93f642629fcd03d5d91509ab11fd256337360e97db

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
572
expires
-1
load
z.cdn.umh.ua/ 		919 B
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1604070069&div=zone_1604070069&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Brandenburg, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
82e3aeb3b2406f46ffabe5b4079312b0543a9a0a30ebb2872958ea97d2bb8ee1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
617
expires
-1
load
z.cdn.umh.ua/ 		57 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=2068016217&div=zone_2068016217&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Brandenburg, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
b6ce302111de6cc0467e584ea54cd79e186e2c2d2872c1809ff7548ed750ce96

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:36 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
57
expires
-1
load
z.cdn.umh.ua/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1451965891&div=zone_1451965891&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Brandenburg, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
39159ff7a57949f0badda0cea62f13fe2f398b2fa54280d0f8eed46dd90ebbf0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
793
expires
-1
load
z.cdn.umh.ua/ 		57 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1217097366&div=zone_1217097366&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Brandenburg, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
c30b014e3192d3d0d52b07e96b08e53ae72996798717bd8a46eeecfb353e7f16

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:36 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
57
expires
-1
load
z.cdn.umh.ua/ 		42 B
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1320962835&div=zone_1320962835&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Brandenburg, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
813e00e93ee3876232674bfb1e27eebbeebc4a9494fbe02aff87c00aa6834ee9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:36 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1579786519&div=zone_1579786519&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Brandenburg, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
52afc5c95c13f814ab39bbd3de9d4f78cbddf54e389341e66aabd66eee579721

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
943
expires
-1
load
z.cdn.umh.ua/ 		75 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1966145486&div=zone_1966145486&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Brandenburg, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
0c816db78c9677581e1a5944e4822496ff397e2fdba0df34a2f809b49562f3cf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:36 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
load
z.cdn.umh.ua/ 		1 KB
945 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1424319715&div=zone_1424319715&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Brandenburg, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
3eaa57962432e59cbfe2a1d5f6842ca4b419830bcc02f4f99aee9c187c72330c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:36 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
792
expires
-1
sdk.js
connect.facebook.net/uk_UA/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/uk_UA/sdk.js?hash=19adf6418a4fe64678565402ca3f4f80
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fd21e8f68cbdc0d4ce016afaf9512d9dedbfda417c82d61272a39c7400761396
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
PZZk+3MhvpgC3nInkqtX3w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87625
x-fb-rlafr
0
x-fb-debug
Vd6fshV2Ft6cBDShO1xxRfENDVVtuAB01r9gTc9FEi6osx+dulNW+SL30q0ALNji6etK1AtW0ulZ0e1vdGsAGw==
x-fb-content-md5
369a63820c5d744c0ce39fc9621d2ec4
x-frame-options
DENY
date
Thu, 23 Jun 2022 04:11:36 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"817adf7d66c317133193f6a33f4a5552"
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Jun 2023 02:59:08 GMT
fpdata.js
gaua.hit.gemius.pl/ 		277 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=ivona.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
e452ea838b6c7d1284c0df7fa16d3a61d5a6ba9bb6de3ffc0c6801a90bc9164b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:36 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
277
expires
Sat, 23 Jul 2022 04:11:36 GMT
lsget.html
ls.hit.gemius.pl/ Frame D8F5 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
42a9a446d86f8c44ad3cf52a4eb21cc3cd1ad0c3ff765b29404f0cb2f5a45170

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2721
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:37 GMT
etag
PRIVATE7520710249
expires
Sat, 23 Jul 2022 04:11:37 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
ivona.bigmir.net.1211636.js
jsc.idealmedia.io/i/v/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1817662902&div=zone_1817662902&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c6fb2e24874c5d972df4e9e1547ac23a34490514145bdf0bff9f85bab9ef3b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
27JXAMVMNBVCNSGG
cf-ray
71fa61746af654d5-MAN
content-length
910
x-amz-id-2
M63U2zdBnz5VDeUnPMMQ089/Tp5KJpB1w67dd/R3XxCrX9GYZzLqUfMzsA7V1jgQmipyfuR9NoQ=
last-modified
Wed, 15 Jun 2022 13:26:55 GMT
server
cloudflare
etag
"115ac34db26286c0dfd794812e7e6ed0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
ddebkrou7Rn1GFE4KaTR9.VPqHkhkF2M
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 23 Jun 2022 07:11:37 GMT
ivona.bigmir.net.1296107.js
jsc.idealmedia.io/i/v/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.js
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1604070069&div=zone_1604070069&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b34900c61d4bda5741c4e5118bf14b6ef5d5e924b9404e22f6e61363b76460f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
27JTJN1SHDX8BEAB
cf-ray
71fa61746af954d5-MAN
content-length
910
x-amz-id-2
EspXGVKkOsL8VSJo/dlF1G0ogK8KFxte0CymjZqpuTEzOXX4F4FyyrfeYwlXm0lyPThZA2JkHUE=
last-modified
Wed, 15 Jun 2022 13:40:10 GMT
server
cloudflare
etag
"a1c3e8745ef53ed6a1a89aef4d058b68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
JMhqqS3nwk_LyMIv0GdKYn.eo2pIzEAw
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 23 Jun 2022 07:11:37 GMT
/
exchange.informer.ua/informer/stat/ Frame 30CD 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://exchange.informer.ua/informer/stat/?s=kolobok
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=2096059570&div=zone_2096059570&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 / PHP/7.1.17
Resource Hash
d771ea062bc591eff82864310f7516c7e5a75e270416c11c72a5643e8eef5f1b

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Jun 2022 04:15:46 GMT
server
nginx/1.12.2
vary
Accept-Encoding
x-powered-by
PHP/7.1.17
s
h.holder.com.ua/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&bholder_320x100_5759&c1&r40589945&dholder2068016217&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 23 Jun 2022 04:11:37 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
s
h.holder.com.ua/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&bholder_320x100_4084&c1&r40589945&dholder1217097366&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 23 Jun 2022 04:11:37 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
add-view
ivona.ua/click/articles/stat/ 		39 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ivona.ua/click/articles/stat/add-view?cid=6&site=ivona&aid=5255288&0.679378764481309
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
5b212d357f7915537a39783743a0dda30dda09c9b04dd69ae0736f9df9fa174f

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ivona.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Thu, 23 Jun 2022 04:11:54 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA50-C1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ivona.ua
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
*
x-amz-cf-id
5_Z32TN7gJbZYCKSNUPKR0lHZIHjXgbGfBYoVc3XJsk2c3HLLgWSaQ==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-206274582-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4008
date
Thu, 23 Jun 2022 03:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 23 Jun 2022 05:04:49 GMT
z
s.zmctrack.net/ Frame 750A 		50 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
00b4fb39f931aa2eb9ab9075d30b9d4c56337486d55778da6ccdd190e1c9c41c

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23351
expires
Thu, 01 Jan 1970 00:00:01 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29d9c9ee95da159a137373878551a7624726a8a2c1462f99536b932ff1e395a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122737
x-xss-protection
0
server
cafe
etag
2898180631715813126
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Jun 2022 04:11:37 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220616/r20190131/ Frame EA01 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220616/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
42437
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 16:24:20 GMT
etag
8616628553774171045
expires
Wed, 06 Jul 2022 16:24:20 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c.html
cdn.admixer.net/scripts3/46506/ Frame 78C3 		738 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Thu, 23 Jun 2022 04:11:37 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc28
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/46506/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:15 GMT
server
nginx
etag
W/"6282426f-5d41"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/46506/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:04 GMT
server
nginx
etag
W/"62824264-12c39"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
9e4187c04f4cd8b15b61658a5fe227ef-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
i.ivona.ua/i/63/29/47/2/6329472/image_main/ 		135 KB
136 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/63/29/47/2/6329472/image_main/9e4187c04f4cd8b15b61658a5fe227ef-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdd597af1f3fb43e25505375e6531cf353a59c4efa2c8b9f26ce5fe8f53dfc2c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 16:21:39 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 16:11:51 GMT
server
AmazonS3
age
42598
etag
"a00ce6b72072b9f22b6759e12fc8121f"
x-cache
Hit from cloudfront
x-amz-version-id
a_ifgpgfGfA1jp8WWK3bqby6HXnZz54C
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
138703
x-amz-cf-id
8LO_3d2XNogzAUCvy48g6ZLXMsoxID0k4tVa5gaYMmizC9xYTmhWDA==
9e4187c04f4cd8b15b61658a5fe227ef-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/63/29/47/2/6329472/image_main/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/63/29/47/2/6329472/image_main/9e4187c04f4cd8b15b61658a5fe227ef-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12f0426858d64b78d128900c6fe0daa5c9707a630cca92ab7ae862fb6bf2fabc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 16:44:26 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 16:17:08 GMT
server
AmazonS3
age
41231
etag
"49c58c4017a3f63a526b594104bb5a14"
x-cache
Hit from cloudfront
x-amz-version-id
KxcUb1iS2bleudnuQHPuPsKWJsgzGPib
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
5963
x-amz-cf-id
MxcSIRyT1UPPJG2EkiNdhf-rPH7SF8OZbJBoL8DnFFK22pcJJxhD6A==
cbf3769c784342d457e6e9632b7c8ec9-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/63/29/45/7/6329457/image_main/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/63/29/45/7/6329457/image_main/cbf3769c784342d457e6e9632b7c8ec9-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2753dea57c205a69512aac41dc13b76d77ebe3bc70885444c0b47271401b85b6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 16:14:03 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 15:52:59 GMT
server
AmazonS3
age
43055
etag
"3f13d69389a44b5ad9daa1889c140ffa"
x-cache
Hit from cloudfront
x-amz-version-id
zl321KyGDLmGdsYkVKb9ALebp9_ozrpb
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
10088
x-amz-cf-id
W8t_nPBxnQrwFZjVXMeo-1jX7HbxIu35BRNRGSXx07PfPsebvmiveA==
d5ab6ebed4880c47fe07e38043ab3963-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/54/47/60/0/5447600/image_main/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/54/47/60/0/5447600/image_main/d5ab6ebed4880c47fe07e38043ab3963-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b73164d519a3ee0a2acc4025249aea1868009a3bfcb52b8f7e58b03b33cd3692

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 15:41:09 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 15:30:02 GMT
server
AmazonS3
age
45029
etag
"248d3b88f78a7880cccaf4aaeca2ff67"
x-cache
Hit from cloudfront
x-amz-version-id
sQLcvXWJ4Uvlzld5.JZ.miu40tFITxA9
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
4011
x-amz-cf-id
i8sXTl43tEuEiY5Igg9o_WYHzaWULLxAoHgiH8qXD6lV0tDbYllLcg==
ee74fc9ac2f71b9199978246f74b5829-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/63/29/35/3/6329353/image_main/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/63/29/35/3/6329353/image_main/ee74fc9ac2f71b9199978246f74b5829-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ef9ab0b51d6b5508076f25e80b5b385558ab419b0ee2ecde46e53b979916c7f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 15:30:22 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 15:13:31 GMT
server
AmazonS3
age
45676
etag
"06e143ef79a06efab1bb737652ca5073"
x-cache
Hit from cloudfront
x-amz-version-id
6Kn_lkKl2pJfcQF5XaHSSqTHO.AbBzrt
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
5368
x-amz-cf-id
is8xYuSvqTeaKWuIIViZrEhtfEbebJnu7wV6gJSnUY6UrjUZckzqHQ==
cbf3769c784342d457e6e9632b7c8ec9-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/63/29/45/7/6329457/image_main/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/63/29/45/7/6329457/image_main/cbf3769c784342d457e6e9632b7c8ec9-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6ff3083bdc1e1465c8c1c343cc09de615cd96073e09b112725ab502a46a56737

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 15:41:05 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 15:35:59 GMT
server
AmazonS3
age
45033
etag
"f3dc2e6038a977f2e28d75accda0f7d1"
x-cache
Hit from cloudfront
x-amz-version-id
u9AsTrI9z7MnmGL7kTT6zRTsMyfncbAj
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
15560
x-amz-cf-id
Cze7GcMd-HPxvqMBVjJOJpUsQcqktAg_2lQ3ekXnrtgPSolnTJJUsw==
d128fe64e0151ec69c7d85c5c001dac7-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/63/29/27/0/6329270/image_main/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/63/29/27/0/6329270/image_main/d128fe64e0151ec69c7d85c5c001dac7-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc2d10eca6e799481043535b43ce8ae0dbd90dfd8ad15a177cd82fde2c38dcd1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 13:21:39 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 13:12:20 GMT
server
AmazonS3
age
53399
etag
"dcc99d33f9513b96709d0ab608e944bb"
x-cache
Hit from cloudfront
x-amz-version-id
r5LbEugl7yJQwadcZfo7qD0tJGutxNxh
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
13288
x-amz-cf-id
ziYkmbdo22nM_rZ1Oi2VaDaTm2_rqMY6hTmzjs_jnQANJdmn-mOYEA==
0a6def4aca3757f0a74b6f39508de667-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/63/29/14/0/6329140/image_main/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/63/29/14/0/6329140/image_main/0a6def4aca3757f0a74b6f39508de667-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b9e5caf62ae317288ff1294a8b99aaf5041c303f56338b053a0ec975226bd85

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 10:34:30 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 10:27:53 GMT
server
AmazonS3
age
63428
etag
"443bb20238348afcd3375d2db164c0ee"
x-cache
Hit from cloudfront
x-amz-version-id
KyQBkBf18qLn_g6Ioan0nr5ULr8kPMun
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
14990
x-amz-cf-id
31c8DOfypUD6NO5nOB1NsU_WcBd4TmGcMUnr3AN_7jnf_XknNDZopw==
55035a49acb2df5d19a54e435610c75c-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/63/29/06/3/6329063/image_main/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/63/29/06/3/6329063/image_main/55035a49acb2df5d19a54e435610c75c-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ada1e01d1f198af517c01b2e671b156159a41b47a1b53bdbcd235d64e06f5458

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 09:38:54 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 09:14:50 GMT
server
AmazonS3
age
66764
etag
"31e42106879c816f1f37a064788eaf1d"
x-cache
Hit from cloudfront
x-amz-version-id
hIgYMhcRgl.9vWo2y5WxogoJfR.9Hgc9
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
28554
x-amz-cf-id
s3g9ecV5c5SLHkxv88rwRUzFPQfK4zMZ-f8xZFBjyh3it4dpauwF9Q==
ee74fc9ac2f71b9199978246f74b5829-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/63/29/35/3/6329353/image_main/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/63/29/35/3/6329353/image_main/ee74fc9ac2f71b9199978246f74b5829-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bed3c6ee8f8c8abc84097c0c3604ff770c314a5bab600b7cb33aabb45b207c2a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 15:18:40 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 15:11:47 GMT
server
AmazonS3
age
46378
etag
"80129e45b6fafd0187a8f7aadf15f0e1"
x-cache
Hit from cloudfront
x-amz-version-id
3dvcVEe9XRuJ1naIhXPdFIzAfLBwedyE
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
10795
x-amz-cf-id
Jb9__GAWsHx3OW-w8DlxvhfYl0GOVr5i9CsvOGPDXlBLSyw0CfXVYg==
b9c8604ea7cc78f64c6f89b48170d9f0-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/54/47/25/9/5447259/image_main/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/54/47/25/9/5447259/image_main/b9c8604ea7cc78f64c6f89b48170d9f0-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1fd1cfce1cd6e2413a325e9635e4de03839e53cd8dfa43db01538f653a66b16e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 14:23:00 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 14:11:58 GMT
server
AmazonS3
age
49718
etag
"ffbb98aae1c6c7963ddf3c900be3f49a"
x-cache
Hit from cloudfront
x-amz-version-id
7RcIuW6eraBgGjItuuWq0Kof_pSO7YTY
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
10340
x-amz-cf-id
8GgkoCGlpipaAXoRIoFP0jCxnRIFun27YCFMjdpaO1-gkqZFiq-5lw==
fd7ff93bec8078be20523bfdf4f9efc9-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/63/28/65/4/6328654/image_main/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/63/28/65/4/6328654/image_main/fd7ff93bec8078be20523bfdf4f9efc9-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e23420eae1b29de393c1da12717231b04451e73a0593af27815f291af6d448a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 15:59:25 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Tue, 21 Jun 2022 15:45:43 GMT
server
AmazonS3
age
130333
etag
"7442933655979282bc884a1206eb5a43"
x-cache
Hit from cloudfront
x-amz-version-id
wjl7.fPNe.jznlylLzdnU11ndzrpPRen
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
8844
x-amz-cf-id
ztpKhCtW80YsnLkm3_MGp4U03U5YKsmYJu8ogzR8u5j-bodV25e7sA==
0f457717b2a470502b9a02fb51d5591b-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/63/28/51/1/6328511/image_main/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/63/28/51/1/6328511/image_main/0f457717b2a470502b9a02fb51d5591b-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3370768d9195e9b62d5369d029af25c1dbf5f9a295b2d60378d08451f36f5d2e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 13:10:31 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Tue, 21 Jun 2022 13:10:30 GMT
server
AmazonS3
age
140467
etag
"7ae00bed180f221a8f81b889a9dff633"
x-cache
Hit from cloudfront
x-amz-version-id
zpPrrwr0VZqLCG66cVdPJdBFUM5_arBz
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
10708
x-amz-cf-id
fqBYe5vExT3FVN2xKAz6Mjzr9A4Jb0m_GWJgNfbX59X62SgB-_uBmw==
d1d06fde37eb30e4b6e9006007d78789-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/53/45/52/3/5345523/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/53/45/52/3/5345523/d1d06fde37eb30e4b6e9006007d78789-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0d009b4551f9d66afed533ec5898043b509a0c188342405b66d4ad3fd9d30efc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 11:33:52 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Wed, 22 Jun 2022 11:32:38 GMT
server
AmazonS3
age
59866
etag
"d2a8450c3a53972078d77c1fab443ea7"
x-cache
Hit from cloudfront
x-amz-version-id
Uxed1FVNEOKqxBQIWrQXTpbfIYP0km4_
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
25047
x-amz-cf-id
obgTT9tFeBDrc3FgN-9dFxodNN4_O5ZDLaoTLEONwLWCc4AzXI7uvw==
037873139c5c951122191834244d62cf-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/54/37/03/9/5437039/image_main/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/54/37/03/9/5437039/image_main/037873139c5c951122191834244d62cf-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
95710034e080e6e408c4882f7df24e18ee4cece8f058aa1feeaa104434b8d9ef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 15:34:19 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Sat, 18 Jun 2022 15:32:31 GMT
server
AmazonS3
age
391039
etag
"6d3600831c57a401a88671099edb21bf"
x-cache
Hit from cloudfront
x-amz-version-id
bwRPgzCzKiU1mnSI2fZnTSEYZv7dRc7Y
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
26298
x-amz-cf-id
jBVDosOaf0H6ftnD5k79vrkA6RqVRVYIPFt57yQKlRZhpuTuf1tI7A==
baa32dc7d29d251e703087728e115127-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/54/37/08/0/5437080/image_main/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ivona.ua/i/54/37/08/0/5437080/image_main/baa32dc7d29d251e703087728e115127-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-76.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7ec345d6916508a89d277b8c39ada44c34f8d429c5a113abd68240ad1e298d94

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 15:28:26 GMT
via
1.1 e38834cd8f7f79ef118dc9bba0861780.cloudfront.net (CloudFront)
last-modified
Sun, 19 Jun 2022 15:23:14 GMT
server
AmazonS3
age
304992
etag
"4cf58b2aecf51958c37992cbfab88f12"
x-cache
Hit from cloudfront
x-amz-version-id
YwrpcolPkDh2QELyzu8bpFYDeEJyTBmW
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
29155
x-amz-cf-id
FGqH5ss0Jfi8poixCN7pFXpEEyVkYu0VeagtzdffTjwz2QpBF4DlMQ==
mwayss_invocation.min.js
ad.mox.tv/mox/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1424319715&div=zone_1424319715&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 23 Jun 2022 05:11:37 GMT
c.html
cdn.admixer.net/scripts3/46506/ Frame AA6A 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Thu, 23 Jun 2022 04:11:37 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc28
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b2718&c1&r40589945&dholder1320962835&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 23 Jun 2022 04:11:37 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
mwayss_invocation.min.js
ad.mox.tv/mox/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1451965891&div=zone_1451965891&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1119&pl=3&mi=4&me=8&hc=4&n=1655957496890&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2794828250
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 23 Jun 2022 05:11:37 GMT
/
www.facebook.com/tr/ 		44 B
410 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1797034293858937&ev=fb_page_view&dl=https%3A%2F%2Fivona.ua%2F&rl=&if=false&ts=1655957497192&sw=1600&sh=1200&at=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Thu, 23 Jun 2022 04:11:37 GMT
rexdot.js
gaua.hit.gemius.pl/__/_1655957497217/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1655957497217/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F...
  • https://gaua.hit.gemius.pl/__/_1655957497217/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua...
169 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1655957497217/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=N6PL9God23ZCUkbs6XvcPyidk9r4oS9pEkQ8MRk6OZH.P7gjPvw07XkBgYs_7ZUbOT_9mj_F.PY3JFgaVbnHSmoXyEv2/NU5AWpPtQfDsf/&ltime=293&fpdata=AW3RlZ64LZe9hxsI48rl4wY0yuJ8kH.PebXuvFrRpMf.F7&fpcap=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
146.59.10.80 , France, ASN16276 (OVH, FR),
Reverse DNS
ip80.ip-146-59-10.eu
Software
GHC /
Resource Hash
23e0f1ea23ca61b5c2892aa2a26e3878d88d5f267fcaadfac8e61a05076d4f57

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:37 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Wed, 22 Jun 2022 04:11:37 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:37 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1655957497217/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=N6PL9God23ZCUkbs6XvcPyidk9r4oS9pEkQ8MRk6OZH.P7gjPvw07XkBgYs_7ZUbOT_9mj_F.PY3JFgaVbnHSmoXyEv2/NU5AWpPtQfDsf/&ltime=293&fpdata=AW3RlZ64LZe9hxsI48rl4wY0yuJ8kH.PebXuvFrRpMf.F7&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Wed, 22 Jun 2022 04:11:37 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=987638063&t=pageview&_s=1&dl=https%3A%2F%2Fivona.ua%2F&ul=en-us&de=UTF-8&dt=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1516059589&gjid=2080736824&cid=545246093.1655957497&tid=UA-206274582-1&_gid=225374959.1655957497&_r=1&gtm=2ou6f0&z=1270150989
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
ivona.bigmir.net.1211636.es6.js
jsc.idealmedia.io/i/v/ 		259 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9c2b04641a4b8710e2db320a45b7a206ddabcaa991e15ff387a2c240864b93d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
WTG0320V4KK6KVFG
cf-ray
71fa6175cbbb54d5-MAN
content-length
79736
x-amz-id-2
bOepve7dOogdF2mkFjaKcRXTadpMW15lOo3dxedS6xhK75bdTv13OaF/NBaaFCvYOsjQBmKuzuo=
last-modified
Wed, 15 Jun 2022 13:26:55 GMT
server
cloudflare
etag
"0ea3157593d46c34eeab4d7c5eb8bec8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
xm0elCdrjXZUhrJi3Zu4.K32zi8skQVg
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 23 Jun 2022 07:11:37 GMT
ivona.bigmir.net.1296107.es6.js
jsc.idealmedia.io/i/v/ 		249 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
464ea952fb376e9052fa004560e11e8b0d890ea79bc5dc1e5a273cc250ef910a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
cf-cache-status
HIT
x-amz-request-id
27JMY98XHAM8746G
cf-ray
71fa6175fbd454d5-MAN
content-length
77261
x-amz-id-2
GZTPJLvoFRVUtKtq+CwCf/PUTmZTpautZ6JoBEDkE+fw+tDJOo99TzWH1T3/LS2hPOOUxjJWW/A=
last-modified
Wed, 15 Jun 2022 13:40:09 GMT
server
cloudflare
etag
"f8197c4782c7ced8a2d6e9a158adb57b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
GQnIyzfbob2JAMPKUfvjmiUUTd2Ky8S8
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 23 Jun 2022 07:11:37 GMT
logo_top.png
kolobok.ua/images/ Frame 30CD 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kolobok.ua/images/logo_top.png
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:54 GMT
last-modified
Thu, 04 Feb 2021 12:11:24 GMT
server
nginx
etag
"601be46c-208f"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
8335
expires
Thu, 31 Dec 2037 23:55:55 GMT
571d0cfa1806014b4f14d4a254861cdf.jpg
exchange.informer.ua/assets/thumbnails/57/ Frame 30CD 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/57/571d0cfa1806014b4f14d4a254861cdf.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
ba5d1b3e636f50b365ea48b22664e907dd7eeebbc7268fd7d762121730433afe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:15:46 GMT
last-modified
Fri, 17 Jun 2022 09:11:03 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62ac4527-14b8"
content-length
5304
content-type
image/jpeg
f7597b561d5c898699bbb0302c185126.jpg
exchange.informer.ua/assets/thumbnails/f7/ Frame 30CD 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/f7/f7597b561d5c898699bbb0302c185126.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
2cc53c77be9bb972ecb16e71fdef82a122e7e77c7482e0d2616e2e90c6d9e095

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:15:46 GMT
last-modified
Mon, 20 Jun 2022 07:41:08 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62b02494-191f"
content-length
6431
content-type
image/jpeg
1c9325b5b070f064f041907d0bbbfcf0.jpg
exchange.informer.ua/assets/thumbnails/1c/ Frame 30CD 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/1c/1c9325b5b070f064f041907d0bbbfcf0.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
b8a5572d8ef6671c711a6e4733bf0649d3f1e85fcbf76972aa7260d92430deae

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:15:46 GMT
last-modified
Sun, 19 Jun 2022 07:41:02 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62aed30e-14b4"
content-length
5300
content-type
image/jpeg
b9178f782f9f6175e58bf61b46b44554.jpg
exchange.informer.ua/assets/thumbnails/b9/ Frame 30CD 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/b9/b9178f782f9f6175e58bf61b46b44554.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
f94fbe35d1ec85f85d95c729a76dfc8f9e4419cf2843a1712fede13c5456e0b7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:15:46 GMT
last-modified
Wed, 22 Jun 2022 09:20:08 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62b2dec8-16fb"
content-length
5883
content-type
image/jpeg
a9b1e79b481e4ae5276d3f91f55b9414.jpg
exchange.informer.ua/assets/thumbnails/a9/ Frame 30CD 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.informer.ua/assets/thumbnails/a9/a9b1e79b481e4ae5276d3f91f55b9414.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
1a22d3798006041b65ac1482cf92038bfc898a16329b0b33bd781f1a5dd52a0f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:15:46 GMT
last-modified
Mon, 20 Jun 2022 18:40:04 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62b0bf04-1a57"
content-length
6743
content-type
image/jpeg
dsp.aspx
inv-nets.admixer.net/ 		222 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=3351070687077195.5&cpv=3184da3b-9702-bbe6-4ab2-37d8c33b5c3d&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22bf43cba4-78ff-7bc2-b875-d2fffbce2a76%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222dece4dc-091e-8bbe-fa4d-39bd79e5e315%22%2C%22tagid%22%3A%22d9675bdf-cf85-4051-92db-9ca047f83379%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1966145486%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
3d3ecaf28f8730da9fefe446943f67fb78c45fa09d0658f338c8224f95d617a3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 23 Jun 2022 04:11:37 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
202
X-Xss-Protection
0
495cdc49-e5b9-47b1-bf48-e746eb8d7b94
https://ivona.ua/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ivona.ua/495cdc49-e5b9-47b1-bf48-e746eb8d7b94
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
18004c85-919d-4102-b181-66e7b139ebb0
https://ivona.ua/ 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ivona.ua/18004c85-919d-4102-b181-66e7b139ebb0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
collect
stats.g.doubleclick.net/j/ 		7 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-206274582-1&cid=545246093.1655957497&jid=1516059589&gjid=2080736824&_gid=225374959.1655957497&_u=YEBAAUAAAAAAAC~&z=635978503
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 23 Jun 2022 04:11:37 GMT
content-type
text/plain
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		212 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ivona.ua&callback=_gfp_s_&client=ca-pub-3755662197386269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
2d0a8d4df1cb923050d63cdcc24d9d4105fe404a76173e5ba3b3e54522b83e94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
198
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F123 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1655957497&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fivona.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497085&bpp=3&bdt=622&idt=319&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8034334843283&frm=20&pv=2&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=339
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:37 GMT
expires
Thu, 23 Jun 2022 04:11:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
impress
ad.mox.tv/delivery/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=ivona.ua&top_url=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&url=https%3A%2F%2Fivona.ua%2F&referrer=&async=1&uid=2522574842
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
62290e26fe541154bb1c4df2d7c027f50a301f9e2792a86bad6a460c7cc20703

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://ivona.ua
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
/
loadercdn.net/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=2314712a36af4fe9&d=ivona.ua
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Jun 2022 04:11:37 GMT
server
openresty
ads
googleads.g.doubleclick.net/pagead/ Frame 50FB 		103 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0a58b2c7db3744bff882ce01b0e50128a1ab623d5274080245e1e156c80e13c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
32713
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:37 GMT
expires
Thu, 23 Jun 2022 04:11:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
impress
ad.mox.tv/delivery/ 		19 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=ivona.ua&top_url=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&url=https%3A%2F%2Fivona.ua%2F&referrer=&async=1&uid=7779958735
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
748480506d6b0009939aff395354837927c158dbc737847ddcedaff64ee44bb8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://ivona.ua
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/46506/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:20 GMT
server
nginx
etag
W/"62824274-702f"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/46506/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:21 GMT
server
nginx
etag
W/"62824275-a793"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/46506/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:13 GMT
server
nginx
etag
W/"6282426d-326c"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
7103cce7fa6705169441.b.js
cdn.admixer.net/scripts3/46506/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/7103cce7fa6705169441.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:12 GMT
server
nginx
etag
W/"6282426c-2a79"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
5927ef40e4a80e0040be.b.js
cdn.admixer.net/scripts3/46506/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc28
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:11 GMT
server
nginx
etag
W/"6282426b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
27858d13-78a2-4176-ba6e-bae0bedf993e
https://ivona.ua/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ivona.ua/27858d13-78a2-4176-ba6e-bae0bedf993e
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
b051a1db-5b97-48f9-83ea-d1089263af91
https://ivona.ua/ 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://ivona.ua/b051a1db-5b97-48f9-83ea-d1089263af91
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
/
c.idealmedia.io/pv/ 		0
43 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.idealmedia.io/pv/?pv=5&cbuster=1655957497508395975888&uniqId=04e1a&childs=1296181&lct=1655251200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=62b3e7fa-0926b&pageView=1&pvid=1818ec226a49beedaf8&site=466737&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
71fa61778c9d54d5-MAN
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
18728503
fly-request-id
01FMS77QYFR7T91A14VZPZC4YW
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
71fa61783bf9cc4e-ZRH
achernar.min.js
ad.mox.tv/js/achernar/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/achernar.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 14:47:09 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6213a5ed-2b1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 23 Jun 2022 05:11:37 GMT
prebid.js
ad.mox.tv/js/achernar/ 		237 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/prebid.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
last-modified
Fri, 22 Apr 2022 10:13:13 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62627fb9-3b3ea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Thu, 23 Jun 2022 05:11:37 GMT
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4cf11ad70f8cf40fd4ae3985ea9e8cce4968972b38b0e367fb5462f44e278f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28074
x-xss-protection
0
server
sffe
etag
"1253 / 848 of 1000 / last-modified: 1655935551"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 23 Jun 2022 04:11:37 GMT
swiper-bundle.min.js
unpkg.com/swiper@7.3.0/ 		132 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
18728545
fly-request-id
01FMS76ETJSXZKGZGFZVHH4A5S
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
71fa61783bfbcc4e-ZRH
mwayss_invocation.min.css
ad.mox.tv/mox/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-a0a"
vary
Accept-Encoding
content-type
text/css
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 		35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:37 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
magic.png
bgstats.mox.tv/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
sync
ad.invamia.com/delivery/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=6637d8f4-efa2-47ab-81da-adb181bc8e3e&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=6637d8f4-efa2-47ab-81da-adb181bc8e3e&gdpr=0&gdpr_consent=
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dprodoohmox%26bsw_param%3D89fa8901-2ac4-4179-b9b3-2ed85b48...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=fceb62b3-e7f9-4000-b25e-f5138b5f9e0c&expires=30&ssp=prodoohmox&bsw_param=89fa8901-2ac4-4179-b9b3-2ed85b4884a8&gdpr=0&gdpr_consent=
  • https://ad.mox.tv/delivery/sync?userid=89fa8901-2ac4-4179-b9b3-2ed85b4884a8
  • https://ad.mediawayss.com/delivery/sync?userid=89fa8901-2ac4-4179-b9b3-2ed85b4884a8&inner_redirect=1&inner_uuid=725ea815-8aba-4ec3-b060-597264f5a7e2&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
  • https://ad.outstream.today/delivery/sync?userid=89fa8901-2ac4-4179-b9b3-2ed85b4884a8&inner_redirect=1&inner_uuid=725ea815-8aba-4ec3-b060-597264f5a7e2&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
  • https://ad.adopx.net/delivery/sync?userid=89fa8901-2ac4-4179-b9b3-2ed85b4884a8&inner_redirect=1&inner_uuid=725ea815-8aba-4ec3-b060-597264f5a7e2&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG...
  • https://ad.invamia.com/delivery/sync?userid=89fa8901-2ac4-4179-b9b3-2ed85b4884a8&inner_redirect=1&inner_uuid=725ea815-8aba-4ec3-b060-597264f5a7e2&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVy...
0
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-206274582-1&cid=545246093.1655957497&jid=1516059589&_u=YEBAAUAAAAAAAC~&z=326203541
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-206274582-1&cid=545246093.1655957497&jid=1516059589&_u=YEBAAUAAAAAAAC~&z=326203541
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7c55d32c-2c08-48c1-96fa-31b3146dad91
https://ivona.ua/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://ivona.ua/7c55d32c-2c08-48c1-96fa-31b3146dad91
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
im_logo_mini_43x20.svg
cdn.idealmedia.io/images/ 		1 KB
910 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idealmedia.io/images/im_logo_mini_43x20.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
cf-cache-status
HIT
age
6274
x-amz-request-id
3SA83W05S2W4Z85D
x-amz-id-2
EQwUjjZH5/J1AoUGniBZGEkiEUxmp+6tPR7h9R/PsP/jaQ0R7MpIxXWHRa45BBWFUC3rlfR8op8=
last-modified
Mon, 04 May 2020 12:16:51 GMT
server
cloudflare
etag
W/"ff394e3a03921d25c2f03e03046bf506"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-version-id
null
cf-ray
71fa6177ccbc54d5-MAN
expires
Thu, 23 Jun 2022 08:11:37 GMT
5aefb65c-7f54-4e0e-b4fb-6e35c6073a3f
https://ivona.ua/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://ivona.ua/5aefb65c-7f54-4e0e-b4fb-6e35c6073a3f
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
sync
x.bidswitch.net/ 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=725ea815-8aba-4ec3-b060-597264f5a7e2&gdpr=0&gdpr_consent=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.207.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-207-48.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 23 Jun 2022 04:11:37 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:26:54 GMT
x-content-type-options
nosniff
age
31483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 19:26:54 GMT
1
servicer.idealmedia.io/1296107/ 		1 KB
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.idealmedia.io/1296107/1?pv=5&cbuster=1655957497589473609450&uniqId=04e1a&childs=1296181&lct=1655251200&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=300&h=100&cols=1&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=62b3e7fa-0926b&pageView=1&pvid=1818ec226a49beedaf8&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7d45971810c66712db772d6d5293df84263b6707b70c43c71f88af0e66fb423

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
71fa61781cd754d5-MAN
1
servicer.idealmedia.io/1211636/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.idealmedia.io/1211636/1?mp4=1&ap=1&w=300&h=211&wrongImageSize=1&cols=1&pv=5&cbuster=1655957497612489275473&uniqId=0ed47&lct=1655251200&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=62b3e7fa-0926b&pageView=0&pvid=1818ec226a49beedaf8&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9927c45dff602e742a82a4040e063051c71d7da4687952405c0f6f7cce7516c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
71fa61785d0454d5-MAN
z
s.zmctrack.net/ Frame 662F 		102 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
f84d959ad366409b4040bf676f754e5859d870d12b18acd45d58991add711437

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://ivona.ua
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF81NjIseV8zNDAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvN...
s-img.idealmedia.io/g/13312542/492x328/-/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/g/13312542/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF81NjIseV8zNDAvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvNzI0ODU1L2Q4NjRjMzZiMzJmMmJkZGQwYzBmOTk3YTQwZjI1ZDE5LmpwZWc.webp?v=1655957497-Qct32TczM590MTyXNtOebpLIy_1D9uxQfQe1DZTtc0c
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0732fb3612951d99c975e950c0f33c51e960796270f1748d6aaca69adf3e07ab

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
cf-cache-status
HIT
last-modified
Wed, 22 Jun 2022 16:12:29 GMT
x-mg-request-uuid
2a5f11aa-2a71-4f4b-b2f2-8334d2343310
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
71fa61793941b2e7-MAN
content-length
30828
server
cloudflare
expires
Thu, 23 Jun 2022 16:12:29 GMT
pubads_impl_2022061601.js
securepubads.g.doubleclick.net/gpt/ 		370 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
sffe /
Resource Hash
801d950152c16000c54c7303164bd5857300d473e853a89546c22eda7b3b045f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 22:28:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20563
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128400
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 08:36:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 22 Jun 2023 22:28:54 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		160 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ivona.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
36e8435564fbeaa59d7c1b052cc8297092a2fce7471d86976777f7027daef8a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Thu, 23 Jun 2022 04:11:37 GMT
upwards.png
ivona.ua/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ivona.ua/img/upwards.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-45.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
c228cfe6b3ebb46f183eda1d08be68dfc80fd7680ce97ec6daef9b3d81f52b44

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 13:35:31 GMT
via
1.1 1b73451818d2dd47a574604c0b84f692.cloudfront.net (CloudFront)
age
21220391
x-cache
Hit from cloudfront
content-length
1602
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-642"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
r9RPtO7d3rW_U34uZMpEtTT1UvDlqx_jJ75y3m-Uc7lwqK-L1W8W3w==
expires
Thu, 31 Dec 2037 23:55:55 GMT
i.js
cm.idealmedia.io/ 		0
133 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.idealmedia.io/i.js?&cbuster=1655957497797783181025
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:37 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Jun 2022 04:11:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
71fa61795d8054d5-MAN
content-length
0
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvNjg2MzMwL2NlOWJjMTAyNTYxMGU4MGVkYmQwMzMxYmI5MmFjMjNhLmpwZWc.webp
s-img.idealmedia.io/n/10143906/492x328/0x24x707x471/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10143906/492x328/0x24x707x471/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDYvNjg2MzMwL2NlOWJjMTAyNTYxMGU4MGVkYmQwMzMxYmI5MmFjMjNhLmpwZWc.webp?v=1655957497-7VfQxhwnEna69yZPEe09V85OiGjBoaUrAAJ9aFgOvHU
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19036eb427538c6fe3a1e1d9bba8effe3af740a0797527a0cd484f6b1a837a16

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
cf-cache-status
HIT
last-modified
Wed, 22 Jun 2022 12:04:32 GMT
x-mg-request-uuid
ad04d961-91f9-4e7f-9443-8edc80f90d12
age
22216
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
71fa61796957b2e7-MAN
content-length
14746
server
cloudflare
expires
Thu, 23 Jun 2022 12:06:43 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvNTA5MTUzLzRhOGIyZTY3YmEzNzBjNGMzODA3ZGE0ZDQ2MzhkNWQyLmpwZWc.webp
s-img.idealmedia.io/n/10123322/492x328/246x0x945x630/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10123322/492x328/246x0x945x630/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvNTA5MTUzLzRhOGIyZTY3YmEzNzBjNGMzODA3ZGE0ZDQ2MzhkNWQyLmpwZWc.webp?v=1655957497-0VXdwUNkn8WICJJUvSt8iIEeFRyAMdXl2I1NYOh_c1E
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32f6c3ea47b2078da427f859df068057495851cb9993d0da6c122c320baf485f

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
cf-cache-status
HIT
last-modified
Thu, 26 May 2022 12:44:32 GMT
x-mg-request-uuid
184a5848-26c2-4031-983e-b0fde87a5a6b
age
68681
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
71fa61796958b2e7-MAN
content-length
26646
server
cloudflare
expires
Wed, 22 Jun 2022 12:51:24 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNDI3MDI0LzI5NDU2ZmY1NDBkMDJiOTkzZmM3Y2IwZTBhZGZhMmVmLmpwZWc.webp
s-img.idealmedia.io/n/10075223/492x328/0x7x619x412/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/n/10075223/492x328/0x7x619x412/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNDI3MDI0LzI5NDU2ZmY1NDBkMDJiOTkzZmM3Y2IwZTBhZGZhMmVmLmpwZWc.webp?v=1655957497-kHY-50B5vg1JMPWVy1i3A5Suz1330zEMMPzWC5YkTrY
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80b0c55e4a4c0025fb1003e4ff4fc844e0f4f84884dc50eda5d785613def01d7

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
cf-cache-status
HIT
last-modified
Wed, 30 Mar 2022 17:20:22 GMT
x-mg-request-uuid
bbf3ad53-1a54-4342-94d2-81fd6dad329b
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
71fa61796959b2e7-MAN
content-length
13818
server
cloudflare
expires
Thu, 23 Jun 2022 13:30:26 GMT
i-noref.js
cm.idealmedia.io/ Frame 3B68 		0
40 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.idealmedia.io/i-noref.js?cbuster=1655957497809475855973
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:37 GMT
cf-cache-status
MISS
last-modified
Thu, 23 Jun 2022 04:11:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
71fa61796d8654d5-MAN
content-length
0
css
fonts.googleapis.com/ Frame 50FB 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 02:23:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Jun 2022 04:11:37 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Jun 2022 04:11:37 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 50FB 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:53:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1114
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:53:03 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame 50FB 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:37:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2069
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:37:08 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 50FB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C0u9G-eezYvK1IdiT7_UPls25kAjq4pjkarbKxLPKD9SEu_uaAhABIMbgi3lgu4aAgNAKoAHwg_bbA8gBCakCL-A93aqStD6oAwHIA8sEqgTCAU_QpyIbCP_8QgOEt96v_Qq1IMzUmAfbQ8vITiBKhabFFiM7vtJq13prcHZd36jPXl4cPdQStqvLwCKp22YVzVjMjSefPiX0GaD1Y5mLk5_CoUeGY-P2fdLbGB9LtkNTG5Chu3UAmOfxhUJAI_Xj2M7yV-PpJU0N8gsMht0Vo7Kxq2ap9QEklZ63Db_7Oyi-ubt-Itsx32NLlq3wezltI8350j15Pt1gMBUW-ibb5PruzjkajY_gbZtVOPug509UIkqmwATHqcHC-AOSBQQIBBgBkgUECAUYBKAGLoAH-PuJJKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOHbA9IIEQiA4YBwEAEYHzIC6wI6AoBAgAoByAsBmAy6qfOJ_AO4E4ME2BMO0BUBmBYBgBcBshccChoIABIUcHViLTM3NTU2NjIxOTczODYyNjkYAA&sigh=dubl_OAYYvk&uach_m=[UACH]&template_id=515
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Jun 2022 04:11:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Thu, 23 Jun 2022 04:11:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 50FB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:23:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2911
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:23:06 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 50FB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:47:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1452
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:47:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 50FB 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 04:11:37 GMT
10f77a9ed5e9dbc13462adf17b625271.js
www.gstatic.com/mysidia/ Frame 50FB 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/10f77a9ed5e9dbc13462adf17b625271.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 23:07:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12964
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 22:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 20 Sep 2022 23:07:18 GMT
counter.php
autocounter.idealmedia.io/autocreative/ 		0
73 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autocounter.idealmedia.io/autocreative/counter.php?id=466737&pid=49813&referer=&cxurl=https://ivona.ua/&undefinedh2=f4mNXHc2P8vJX4X5YKO1Vw8Jp_1RKQSmrLX5h6o9TLc*&cbuster=1655957497843141833807
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
71fa6179ada454d5-MAN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
15394214611500912864
tpc.googlesyndication.com/simgad/ Frame 50FB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15394214611500912864?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5a5f3bf47639ff16f465a6eea27633b8cae3d55478b7cd0bb5d189ea070c9ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 20:48:15 GMT
x-content-type-options
nosniff
age
285802
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1686
x-xss-protection
0
last-modified
Wed, 23 Mar 2022 10:13:32 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 19 Jun 2023 20:48:15 GMT
truncated
/ Frame 50FB 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 50FB 		336 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 50FB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f2418f8a690bc45dd361c947651cebc6da47effa8cad7461835eff8be39cb5d4

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=ivona.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ivona.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		433 B
269 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3142203581033101&correlator=4001007695667823&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022061601&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_ivona.ua_S_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=3&adks=2923693811&sfv=1-0-38&ecs=20220623&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3D5d7dfe12af71a4fc-22da1e02b9cd0003%3AT%3D1655957497%3ART%3D1655957497%3AS%3DALNI_MZ9rSdjVljI4yzOGhvTo69f4xrp0A&abxe=1&dt=1655957498067&lmt=1655957498&dlt=1655957496463&idt=1536&biw=1600&bih=1200&adxs=1050&adys=1208&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=true&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
c03e107ea308bc27d29cd224fb8cd3395ca7b36d3e370f788471bde9cbd7bdf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
240
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3142203581033101&correlator=4001007695667823&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022061601&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_ivona.ua_S_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=2624882344&sfv=1-0-38&ecs=20220623&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D5d7dfe12af71a4fc-22da1e02b9cd0003%3AT%3D1655957497%3ART%3D1655957497%3AS%3DALNI_MZ9rSdjVljI4yzOGhvTo69f4xrp0A&abxe=1&dt=1655957498071&lmt=1655957498&dlt=1655957496463&idt=1536&biw=1600&bih=1200&adxs=2250&adys=1208&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=true&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
a8f17a0124b42849b8574e733516df4ef2d24ca04d7dc386681eb253dd572d87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12462
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3142203581033101&correlator=4001007695667823&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022061601&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.ua_S_ww_%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=1808510045&sfv=1-0-38&ecs=20220623&fsapi=false&sc=1&cookie=ID%3D5d7dfe12af71a4fc-22da1e02b9cd0003%3AT%3D1655957497%3ART%3D1655957497%3AS%3DALNI_MZ9rSdjVljI4yzOGhvTo69f4xrp0A&abxe=1&dt=1655957498074&lmt=1655957498&dlt=1655957496463&idt=1536&biw=1600&bih=1200&adxs=3450&adys=1208&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=true&btvi=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
497a40b8d5b6bba0c4350f9fdbf8d8b2d300406108e2b6daf6970f63683ead55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9749
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3142203581033101&correlator=4001007695667823&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022061601&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Civona.bigmir.net_S_WW_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=6&adks=1507351061&sfv=1-0-38&ecs=20220623&fsapi=false&sc=1&cookie=ID%3D5d7dfe12af71a4fc-22da1e02b9cd0003%3AT%3D1655957497%3ART%3D1655957497%3AS%3DALNI_MZ9rSdjVljI4yzOGhvTo69f4xrp0A&abxe=1&dt=1655957498078&lmt=1655957498&dlt=1655957496463&idt=1536&biw=1600&bih=1200&adxs=4650&adys=1208&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=true&btvi=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
198ea2a90105c3cbc27a1578d14e829b2b02a622079063b97bf12e621bd26aa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9319
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		69 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3142203581033101&correlator=4001007695667823&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022061601&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_ivona.ua_banner_300x600_WW&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=7&adks=1563346462&sfv=1-0-38&ecs=20220623&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3D5d7dfe12af71a4fc-22da1e02b9cd0003%3AT%3D1655957497%3ART%3D1655957497%3AS%3DALNI_MZ9rSdjVljI4yzOGhvTo69f4xrp0A&abxe=1&dt=1655957498082&lmt=1655957498&dlt=1655957496463&idt=1536&biw=1600&bih=1200&adxs=2330&adys=718&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=1600&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
4986e52729cfe48c197ff44bc549e475495e2d03bde28e2607b5530be62c9a70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34263
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3142203581033101&correlator=4001007695667823&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022061601&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.bigmir.net%2C300x600_ww&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=8&adks=3289015771&sfv=1-0-38&ecs=20220623&fsapi=false&sc=1&cookie=ID%3D5d7dfe12af71a4fc-22da1e02b9cd0003%3AT%3D1655957497%3ART%3D1655957497%3AS%3DALNI_MZ9rSdjVljI4yzOGhvTo69f4xrp0A&abxe=1&dt=1655957498086&lmt=1655957498&dlt=1655957496463&idt=1536&biw=1600&bih=1200&adxs=3830&adys=718&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=1600&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
89f2108d6678428c75ed2b26a3d2eeab77e80b418bd62334e1c97e326ea04b81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9715
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3142203581033101&correlator=4001007695667823&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022061601&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_ivona.ua_banner_300x600_WW&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=9&adks=3248695870&sfv=1-0-38&ecs=20220623&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D5d7dfe12af71a4fc-22da1e02b9cd0003%3AT%3D1655957497%3ART%3D1655957497%3AS%3DALNI_MZ9rSdjVljI4yzOGhvTo69f4xrp0A&abxe=1&dt=1655957498089&lmt=1655957498&dlt=1655957496463&idt=1536&biw=1600&bih=1200&adxs=5330&adys=718&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=1600&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
e66f2dfd57915458e619e18596561c6a691e1fc50436494d902d7c5306bf031e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12723
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3142203581033101&correlator=4001007695667823&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022061601&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.ua_300x600_WW_%2C300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=10&adks=4122882013&sfv=1-0-38&ecs=20220623&fsapi=false&sc=1&cookie=ID%3D5d7dfe12af71a4fc-22da1e02b9cd0003%3AT%3D1655957497%3ART%3D1655957497%3AS%3DALNI_MZ9rSdjVljI4yzOGhvTo69f4xrp0A&abxe=1&dt=1655957498091&lmt=1655957498&dlt=1655957496463&idt=1536&biw=1600&bih=1200&adxs=6830&adys=718&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=1600&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
84b00e2d77f599e6a52c1a95204b10c7ba61daed423e3b461c55cd6c71701de5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10089
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3142203581033101&correlator=4001007695667823&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022061601&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Civona.ua_300x600_WW&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=11&adks=1221479441&sfv=1-0-38&ecs=20220623&fsapi=false&sc=1&cookie=ID%3D5d7dfe12af71a4fc-22da1e02b9cd0003%3AT%3D1655957497%3ART%3D1655957497%3AS%3DALNI_MZ9rSdjVljI4yzOGhvTo69f4xrp0A&abxe=1&dt=1655957498094&lmt=1655957498&dlt=1655957496463&idt=1536&biw=1600&bih=1200&adxs=8330&adys=718&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=1600&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=true&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s28-in-f2.1e100.net
Software
cafe /
Resource Hash
9df2b281bcbf6c576db18b0a2fa98cf89327b5acff1b3df8fae540af5704d795
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9952
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 341E 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:38 GMT
expires
Fri, 23 Jun 2023 04:11:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 50FB 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 20:36:54 GMT
x-content-type-options
nosniff
age
27284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 20:36:54 GMT
soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
pagead2.googlesyndication.com/bg/ Frame FCE6 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b282508d53045b3f805b6697d9c106215798fa6a836e52efb5bb664b72b2342e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
30563
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13867
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 19:42:15 GMT
container.html
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A546 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:38 GMT
expires
Fri, 23 Jun 2023 04:11:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=Wm0vaE90WFFzNlpTYUhocHE4anh2NVhFaG8wSWhtbXkxbE5zRTNQNmFmK1U4VDZBbHFuRXM1RUpoT2c2RGJNMXpNbUZZZy95WWZKSWw1YUY2TDNLMElsM0EwZUF6bndBZmx5WVl6M045R2JNaWpXdENZay9ucVd2M2lRY2liblVqOFJYeFBxNVk3VnRZQktCZnZubTZYUVh0VE1TOGVVeUc0Qmp4QlJjRmFxa0dXNWhSV1JqTS9zLzhUcXd0LzdaMGVDMnhpSDhPS1JsaTRrdUFsajlEY0tLU3BwZFdSRFJXUkZ1aEsvZWNmenlNMWZXYk00d0tqMURMVS9tQ01JUA%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 439E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:38 GMT
expires
Fri, 23 Jun 2023 04:11:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=VUZCYVZmcnNwQUFMSWxVQkh6UHlxbWJRU0xuS052cDZ3cXJqTGR5MHFJd0JGMHoyL3dSaGFscXg2eDFDN045TjU3dU9ldU5HMTBBTHNJVFNFbVg5eU9jQzJyUTI3cnp3R2w2aWpITGQyQmFvUDZlNlJoODhaV1p5citrQ0FoMndyQ3hRalg3NUVZUDB3RHdkdUtkdi93eWxoRzR3MmR1V2JnV1Z0d3FrakFKeUUxUHlIcjdJN0VjT3hLWWsycitQK2tKUXN2TjltQWxCbDh0RXNleUNzYXp0eFp3WE9IVWJWbWMxeXRieWUzNzBJV3ZnV09ZdUxvNm1aTzFBZnA5TEc3eGhuTG9qeXJMLzlhcm5uNXhBRlE9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C2E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:38 GMT
expires
Fri, 23 Jun 2023 04:11:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=R2hDN2tHbThpOEhtK25CazI2UlcrU0dVK0doWExqazJDNnJYL2xBd2tQS2VBR2ZDTjluS3FBZXVZT2dsSEtTaWY4azNlR3lHaklZbDYxV1RXaFMraEs5eld5N0xES0wxN2FHMUFuUzBhcUJ6NTBsdFlobmVVS1gwY3ppbVJZUE5PZVUzbU9xM3JCZytuWHgvRW5TVXNZRVczM3NsaGd6ZVNld05Xb05zYy9LSlZGek1tUHBwc2k3ejlEcEVKNXJIZVI1NDY2T3FiK3JFOUI4VWNmNWt4ci9wTU5ldVlHK3BMYXhDZmJEeDdyd1NGRk11Z3NGOEJxd0VSWktidmJmNXg4RXoyNG5maEgyUEN6Vkd3aGZlVHc9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 04BB 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYp8SmQjAB&v=APEucNXdW_Yi2FOeWV9dF8oQTUlLMgS0D4T3LCYRjqC8nLZl2d2V6mRka41bSYmJVzi35IT8Zd5J85PI5k21iCY9XBDe9L6J8Xk3vagIyToD-iifQwLm62TnBM7OxScCt2zJQ4XU8bmG1a_QC_LltmyQJ64qD-CNiOkMLyOzT3SP4ygpjaDyz4Mvd31JmgJnvRFFhhSVHgs5
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 6C2E 		76 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdIBcxan4rOlNOEQF8amcbEz9IvLGrUtY20bOWzv0BzTqjpK89ktHzT2Z_nbP2PBNj251epcNhyD8ubRmql5NASxxwCQ&cry=1&dbm_d=AKAmf-AYwTWeeR8_z-m1yFGM5wf8fV1OrUTGYwdP2k1ulFkLUtPDnHn-v8y2wqWL33vHu7rlRVSty4E1AmilEJxuFvBI5fIEbSukLJ9oWaVaClOfgW93BP5ZNEM-1L_H7ZSmDwfUKCcBjWVNFgN_ckhogvFxMaGDAV5xWNQjahIeatKlZm3Qq-nUN9viDt2P0DKHAiJiQpbZa8lvbEQcgxhDTYuNN-MbkeyYINw0CzrCAkJb2eP1qaanfbeXz16ig1JIK5YWLh-k4pPJUYuLfFSwR800IrHRBbF__BtteoOTdX63cV4_9feWRA0puqB2M2uudB6lpamG9sQFhFfpB-QOa4qw8qNH521U3U4ezjp7ni4LlwpSqjB3y0HPrstCkQSYHx3OIZwH_nzIB83EXzImRT8bAg6vgK2TXk2V8-9mPz-xRr7VpTEHUgKGdIFYvQ0RlWOz2LCRtyCzPcD51_SVjKI-LPUjXKfrhrQIGfmptmD4hNDYq0FugHhWcL_PHRkfbVg843HHdFXdGc0e3_6TMZUSTyrOuB6V7kFGugrIlS7P6cao0oYm_nNuJqNc6cDMDYmdtIMpQx4tu3nYNDquSGYpgl31E1AlxbaZB7kW_1VDvaib6b4jfDXUCePB6IaXzBlfmqo7Mak4Ob7v2l1pawtX9YZpK7Ay2mOX7CF8UNys3WTDdazD64Ri05se-cHT9u68BIp-vDW06gYRBnUXAD4dwLy_vDuzjNcatIUSE-ebwNt2zfUh2RBEKkGi2G6kwgxJ2KP-ZP0lsPElRSTC6daT5HMVjWco0n-xtmvWWMNmcyIzyE7HfVBF0_lUugyYNsw_Sxva8i4VVC0J63OGBXTcEQF-fHjxC_WZM96HUuK4bt01P2wHBUhEpnYGcloIf856k4JIpfF4o6Ku4_ev6HipFn1YDB9hKt5ss9HsL_nX25B_jtWZWp4cgn-jxG2pGYD3rj62VLqzHB7ZyjGpRoY9cKaH31HROIVFAxW8mp5eG_zuQImtMXePq3MmegdpivdzFAKuAIgCMorXuviJ6XbdmXwfWBa8lb9o42klBAKr3UtyuoJnO1ztVNPQaP5iOApN4SesA41fi-FrWVS091KPVCgVdR7agKHl38snV6GSouN7P5X7lafw0-cLJGuEXjjSQDXE4n5ln6fN_Iq3yWUcdBut8OvC2F4ZkBe18egLdKAXotHsKIWAxOSkCKnhm5iVrgf8Pt-jsgPbXK-vLI1PytuzD4vTtdpKuL1CkbQKJoZza2ru-Q5OHNcM-1xm07blM5BgQkxloiOsY2rWv3BTAG4jsL_2fB7SGiMpDAfOUJhsLTVj-I7J6vMLibwc25l_8UWN_fA1rFYm4jWbOZ--cKu5EHP5y3ZHc3fHcRabgEhGP7ejafbTxx6Pl6uMekouHS-od573W0aJgiUUuGQB71WYyO_Ku7IWKuyW2CMirnid3l7SOYvNSU3J5KL_yE-agGjXjIDPaaxWEVpu8PK9_BirFLlavIE7fx5mgZt9XUbQ01JbZncSJ4zT0DWbGMFhVx41e45CfikJUyFuLKeviBv7SN0OTbzy3LN1YcCGgt5LTFkRnLMVpR3Ui_T1kE4M4326lSURxopi2j6XfK5nuSY9qrXklHQcFMHeHOi6DlrtmWMFjUveorhlK8SvQ-RHcm2VQm7G4MjMX97gppttioip7kfuuwW0qsM1x25YBET_s5k3Z5BobEjNuz8QhjGz6HvVcy6S81OuqDOpQ0VX8lwsproKkuUbOtcguWtGIs6f8J4V65qDiJjWu4UEB07NDuyr4TsErtC84FgRFRULjb9ro0LAHOSDlorsIoj8zb7cB8JMoRMuLU0IOeKaM5Kg_RBoKdqwQ0mbUONcfopmmokPswf8K0cL8r_J4dDCYlg1Pg972wX7YhU4prMxaOZC77crI3vAnyVXtf_-v4BuWHw5NN9buhD6Poa1tqhob4zBY1zTNxACckOfKwovEoOnM0gFoyg798Ik9KNzn2ds8Z9xroFJy3OuOPOUrb28Lv0A1QBeLw_0CegLAeUW7CMzVpFrsSQPvfloguWW3QvudprwJofQTZxfBZe1YinwRru0mv7-qKxFpdzokSHBdeJ1hgJHjwiNuOsRp6WfNgyupmwNxXeqH9E1pAS4beAS6WObkDMY7CLdtDBCps1o0qy2VjDGedGTkCnT7CfccJeQEaJFeqflHAKQLs6DXWDJPMBajrpmSuVuuy9hDt-lw1Dk6rQg--O8cOwxH5OtPpkLgI8lcKD3f6518bQ-_Tb4IxhxV8D6YAWXv0LnLo2yr6zleub53OcEV2D8scSi8h-YaW8qwQExbLbKO7fUAqFfIV7hUravL06Bhq2bXMrmxrBH9zjln2PPPse5Gnzk29_xa5T86KkY60b-jLBoNsnXmSFPchpSZV0dn2nWBPu1bIr1Y2i46AZad7Nns-xDv9jgYly8bFDV9G6pXhT6464yDXHYMmQAqbHhfrUJUWn7kVD9WoWux2OlvLeyEPYDdDyBd6Ci6T_MGTU33XhUlQSVgf35aAtEJmzZIj1oULYHTRVX1zeFJaLFAFfiXT4FCYZprHoaMT6J7fke0VBpzJ7dtyqEiyX3zrYP9buhZ_ez1WdIN_b63uiYbHPCySf8bbzx81-Dan7lYiAbiNHzvG9uajhx5MrEGGUaQ54Y14hg35yVI9nc6CxDoSmglp0Dd6CBm5OfwR-l4zJc9ys4QrZ-22Mb4d9E-xEK08c6ex2ic0SZJXFIVNbUKTbTXP30gsBUXQlPVjBgvMlDTD-EpDUdbnNk0DsRx9FzFeIlE0VPev9ATraUTVNV_hBLRwp2oRCKKCSpmYYQokLIaXtjFc0yMyObJRVEhN5QGo9QfOFthzKggYBGRrx27uS7TM8TCqro5q1NMAHK6-FIbAuLMWAG5ixk-Uh_XEnQLDy15PQciRYnbtMzL9IGd8X8dRw0KIcFAyBJ9wCNvcPm_Ef_SBhPiStofSoE6gcig-kbY1xeaomcyl73&cid=CAASJORoskhO0Lg2FAyu5SUsGmxECCo7-J_HQBSiF9TGb7cjbBM9vg&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f83e87c2da4c56a61a3f3680ae93a5f2cff6cd00191c8c18ccd9fc39d0e009c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33007
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C2E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DU3oyWvQ88jg8gpOSkujHPUHYo01mF7ok_8jqwhRo1GzZSGH0qbhoU9xXJIlObqD1rJxH3fnUcqkJeoPqXagWvNYJJqCAFBtaTqRWokI6mCVa7YuM
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 6C2E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:57:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C2E 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 04:11:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 6C2E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:55:05 GMT
l
www.google.com/ads/measurement/ Frame 6C2E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAxG_IsdWTCT5F9bc_-PDBnmZi6lhQas82rng4q8TzCvEai4nu2TpfQtheDZrh2nu0_LzgEuJYsYdpt0QPYlF_F1wpYw
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame A80D 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQlvvE0AIYs43bqQEwAQ&v=APEucNX-J6oXZmjb2FCAYnxHuqk8Mr_1_xcQg4zfwGWnHOPIbIDTbH8vl45NVkg2voVai3PRhVDK2fpFtwHQaIKVnbH8aA8QwNBXrzRAnpt22voP8HtOUArmiTEFmb94qYb1lmB7SLITtTItWuOSwTMR6Aq_-VxOqKW57Th9Y9vUPz1Drrk3F30
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 439E 		14 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFVldHoC1dNMScZ1Y40IGX0tsY4QmYOh88SoHeTxpdGfAs5YueSYXj7wui5n2FepgooPqn6a8XUjrr1ka7LowU2rVh8hZ40a0zGR1FOcLTU0GauPhYygWdmPTy588cwXi64clfrh2_hZ6Tb0MRxpxwmwaOyA&cry=1&dbm_d=AKAmf-Cdeau1HsLRZNw6VafGaen4jFgrs8uwTFi4PTG545p7_rWK_AT2ZkbyNLsFaBG88aBz-1P0SBX7lpbmirRqZlaCu13m4eQV_3LsflFsoznCKUalzPXr-JN0-zHwYxTKvtblvBnPa1FpIQWY04rtmJMgB3heG8TH8A-UQeWqx_pSOxu1py9dkj7jMist63WIR6G7t7LAXK2PcwG1F4cKN73FNHG3f4k35LwnxTiply83BpC9gZGFat_5IR-Qr-AAeo0r0dPeVObQatjFpN44YAPV8YMGzK026hDOO8_cWP9cpHxVJYbGjg2n7KSx_WV2Gp1On9GHoyRRKeUDZbPtpXVrXjMWe3Ud_rnZHKVbWUmAyn9PZ2-BsA6pQo6aWz2ono_8VLJ1RH0t5f8k8UVg5pRYsAkaTaG3evP_U2CbvOur86FjJmbsqBlt67lB8ppXr3MODduqUrXvDFrnE_2AwUbDlWmGSTyfyMWVFglyg2DfvSEIoacvrVxYNno26Qzy294rxFcwcSbJBpniQnTSqH9fUDd0QfNfzOeV36L3EUvQNk8CtPiPe4RQ5E49DitF6-c8d1Vog29d67V7-wGMvsBUlbGheJLRkYqbVjPAZ19IWDH_u71bPm5AUzoZARhwhmwdGRhQNfu_fc9b2FuMqrZOTcRbE_qb_1iKkqVdYynwCnnv3W4B9Yxfxm1CQKZr_Niy_6GbeouZsORHpIPEtkzaWH8c_H6bidDNev1-m-GkscNCHWw6kZe-t7NsWb16x7z9UVZY0V7ttsePpdlgXzLE42YIBiYDPSeB0vJkonUwv_Ylw76OICvJcM-zWwSF9unvJ_cmmd0t-ZALughZI8_AizCKv3g_KLG5ALJis7cKXZAJaNcmcwrvt-lTj8jeZkzZD4LGOAjLE5-YAVVZRdQg4BpG2A12KzgUxk5xALbjlMIOazCaRrglp8LuvQRnUFgzSTuDjhCl18hC1DgYMKFRcE2cAx5Sp4cmU34WS50tAf_wp38BWRD6uBWaXfVnYh6nhFVrtanJrxBLNHhJ-KeTzOl8CQklMCHy7_u7zh_VCnacSFZrolOk_lS2D0Q45B1X8p8FMNqTL1A2B3mqc66FkD6H5V46rAH-R7asyxx8xYWZn-H397Qgd5Bs3g7_ILri0HHYaWU9559Jj7LEMIl6mMqvLz9yWke5nI9WJxJax9Z4q7b2GR8puVplETjN4ORjlNCYTi4399IuKQNeIUOnKf9QMD3y8-qsTcP1r90Okm3UMkMxDBZo13wjUtoS6p9QhB7Pf3xT0QW9DwFSVI1s5OtrS7Ui3lIUtTmzGycIOmSe6zuC-kK8fL-ZM7QRZoC7HqpVii9NyeQLlt1hOsCa5LKbx3EzHy4xeZDzkNvPf3VgrhJKvQHnz1V0SlfOh3e-n-BkoXAAMwwEJN0RJXNAPkpFnPtjTYbV1y-40a0vBccKRJ1c9epqz-mpQCKG2IHfiui8JLq91ppKtnPbtpdI1pciwHpKzP9Zhhqtl042XhwZbJhoJmrXLaGPPXWg79dNZD436sT5IClgZStcHNy5kCBxjfodHCnV4FWqQsvojN9FzPsm6tnwz_vpOsXL_h4zkr4YwwI5OBiExJEHF2fvt9hV2I33hj0tai79nUU0UGUZvy6sHbJE9jmrTOsZ6LQaISl938UQ6wZzqxauhQeTsc_3latijtDAlCFKDSLcIIpkeqLhpE1BIfqJSNx6Ep4hP0f5AUDx5qHWdAXNOA5DHIB1Pr6d3dI6H2qrfpgBKW7NddSnmGHZ-3qzlQzzjCM2BbTA9qUE11ccTzlfg3KKu3tE1Aqt6ipvF7LsizU9RP-zRbhp8k1jR6hciLCPh7Be4HD9rALiJIu5EQxPFFNyAC_oQ6TndJ_6i0eBJ5aWS-KKsimo0ur-j3lXrPBTRsJldK3b_4FysM5B7SMBOBfx47wQY0QZ71aGH-rz78zBpBpdUD-Xzq8hkfy9rcmUp5FARpvyc5DCok1_PXmEupRKextYbEyKmpdFRM2ZI6mvsMoO_VpO-dNg1OyB6RpvP1H-Ov1WUv4gbEZkSmR1CJantFwzGHPx7s9mkV9jNDkdn5sEn6KeDWoTc3_GqWzU5wV7vHXYetemFmuevBGV7B0-HVuHhDJkB-QIE1nFrV6flJjNJjYVYHKJzb84rxwb6A0U_bxgp8FJ2uMDoawkwPo_poaDtLHrvnbzykLVo8NwkR3wxFJr3Zo0KvqLH_QfspH-8CsyM9rMh_kG6A_Y3aorU_cP253Q7fTa7w7t4g72udhmOF0-lC9TF6by1OQgpfULS5tG1env7z2Mu_CsXtfIWDBST8L4XtiMoRfFpGV30t7LHqeIG0tLw84kuJCIFi7MlWNpySC47Ry7Mf_C6i6x-otkU_HKHDKTh7DMtz18NiCmUhZdmHyXhWeZmWNWkGEZpnGykdijgD1c2Hkk1m3OZRv4QwNR9pebr7lWmw-vmTmQVRqOHIRivZT-2BrIp8yT1mRuNmoDIN0Gi5YHz8m8Y8nfLNTSLGPfnwwodn_zdb89ijm70t4s9rHnRJWAauTV8fe1m5S8-ATmWRHv6eQ9n3HO_8TARD5HaPzNK6GKbhRUDKZ-aPXGaKgGD-7SzGKjN3_v&cid=CAASJORof2VZXiYA09AsRJqvghLoueXAVO_uLW5r7GEQdrLAxx1SKw&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ccfeb4438115a74ddf5814dc60c5cf17481757417250492570deb5d0931079da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10848
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 439E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CB6YilkL3WaWNRax-sediIQUKSr5HAHdckXgEB4W2r2uJSk7LM_yW3vTI-ofao1-43-ilIzLI5ghAecXZnpi15MzZB1d_62NY11O_UsvUfO8jFp2A
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 439E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:57:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 439E 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 04:11:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame 439E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:55:05 GMT
l
www.google.com/ads/measurement/ Frame 439E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQhss3uCrZj-RpGh2BNCAlVYQJRDBhisNvO-GYjhu9ZAGOWWfI6qmGiMu8oQxUXitQvp_kXfhVy7juXg4G4QLY4V0R0KQ
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 30B6 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGIHZha8BMAE&v=APEucNU7HlxH6emPpY7kNrJDB7-En1uLWejCH8HFZIOHvbxML9zAEZn9DDcJ2oIgBPVU1C0gr8kvEpT19fPhA8h3rtzNws2ZsP7xCoDlviyFzPZRK0ehUxPS_2EIpwVY9l1R8WFspREOsIIuuRlEMWSnfq863vVDMIPcg_FsA3OuVoj0v55s9zs
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame A546 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXKqctM_dXd_F3XucOfveEf4d8HJIccprKOopjhSKKYNtoGIo-6Ci-CdSjP5ZP7CwaCzPeEYfA1K-QR6FmNiHRbn8IoM8pLlwTOeSuxzm8TcR-l_K6O-_0FG29SUnWHAHTa29MTknJjeqRKaOBjGUCMsI1eQ&dbm_d=AKAmf-AyRdRkdbJEDJ-URNoXx71yxiisEsf8-g6pkmA1Yy-8vClCxDaF3UYyDth2taE1NQZTwDBQqa6JoXOqAmuLI2SkxzsVo_IcIHdfi58NvbA3zuw_nDuDl6f5Z7BgrGyoYFRKZxQCqL4VLh-9utbrNu84HSm7nMCmlccElTPuhWwhEIG-f_przt00s3Dj_82C5PEIF3NE2Nze-RS2ttYfNTTwuYpOOQoocvnY1_E0aQDmwiM-QKP9AHOlPt1t6r3nQ8dDNn6junoxDpHDwg33S1_wGdh1i1Mvkk-gHNNwd_07t386EHVg1AYLGgAzCrQQnFIC3gV8GRhFOgOqlDjnVQEv43vcknfG2epYzOf7e8l6WXIIeYPNxqVwEXp5SYY1sW582wD3BkOl4WVzRjL7hiCCFqN_TEr0QluiILfIXyx3E6Cmkjb3HUuehr08uMTw6ux7_6Ep1j-exiLVYZInwX3DUzVFjwnoJOZlQwUqBvCZEBwRoM4snjO3uaqQBa16fQ2r8btiVRri41GziKaCDxncCHDucpQW2r1EF-oD9p-iMmz9T3MTrv8Xq6XOSebn_DHiXB8Lz9JEgkqV5fN-4iavBzVKmURCQx3X3Orfs7GQWEpoclFukWyvgbdWpuzf5Bi1ZOSoDGvNlw0xLWwWi_D53kQT5NTsJ0-OBzHlo76NTzZ00mYppsA-euXP7tIEC76ThzFfd7xlfQxRt7_KQjZ6G0eOjXJowClLvW3HKstw5H4MBaZkCCluhh2mCyVrzHPm8q4SDY5UGlpDnS9dUknXOFTTdANDNedcHAjfGGbhqwY6ogFHHiSe2fFkf8ScK6Hhy0XeMl7iXxADCu8xGRZczdd8_kHbe7jS3EwsaE4menwnZKK15DuhrbQ95NvaPv3GtWGnelJ_vgExyp1vdy6PXRHtaI56wIkat3EhCEN-WfOyS1Vgr4ssGY0QXu0ebWqhqnZOmR712qNnsKd0vczSphu1RnGj2SZ3MWL9WFcoRiTSPL27czgGg3nXFO5hyPa1qcTTAIST7CUE0ROm0KBn53yuvNQboS5paN0RdPFTj-3lsYSwXgVgw15KvkZFiKOOrmSX8c3HNO4xM-D7ZIyO4LJZ324n5TS3k8etf0_iaihR-SutCtIZMyebxjG5RubAbMNAUb4yRzjB6f0K9usyi0yxHB9BGo9_MCElvVDThxbkDjqDw8Ttf8jzOPfaYx5NtyE3oQcvDM39-z-Gshr9HSTBpDipJbACUWJo0Fntm-p86mHM2T1NC7XWJW6_O43Qv4OdvU4SxbQ9VOhW9PL5nfhcdswwOfbFsDxfT2tKORPdxaVz69oJXW4sVnXvJSdQ-bC7TZqQ5rupASpDfXvvX1QiFHPghGji5hfOtkeAiAZuLzdeWSMSAHRSzg-XmuyfuqsAl-WtMiW33ybP64sX9oi_RUyArEb9efP5BV4uEbbbx48hd38gn3U0tmQjdpUNEtA7HwOPPR4K_D3dsPm8_zqxLneD4xTIE8GLxz-3MzyRu3dJgF6onZPaUd0bmUF2sWll8Ccgueye5iRv0DBxlQlc0GmHX3xneJL8FCmAjdYgTwyMsc4cvGsolo69MKo0_0aWPkKEQKgbWri6QlYRj24V-MZPNkNnNOqE8VSOD11Xj9wWmFyXO9SSNGYPe1neRo79fZX3rP5_qiXz9DeuFetgHFKPQv_cq66LGgNhVjBiPzzb6S8D-fOCBPNfathCWRFd-AIGb1tTUTCvcpKzFTR0X1CriT098rA0MEj4eaJaK8pUscCI3S7_HyatpjDq8IMYKAMEAcs4sxs99XWXphoRmKeY67cGh7kPnso7DGQxnjbLDh05rna_9tcmrt5gIy0sR2Bbl9as4aIHi5-EyT0E3gtOZ_Yupave8giYXoO6bNpx-9-8pKay2EmZQJZP7MmI1zUJWOqTg_O5LuRmVuOpy1kSur-2BPkTt32QrIA29LSWCK4rDdOS_Xh0f2zPLIVYwNPmGUBJl9DByyDsX3t4fNyThmZF8XLVGuuveHQZqbkFH5jno6fG_F5AQgIPigANCdBDyQDYTU8iET6AkiYRq6Iy5Af7NZjtTFvGdfF5-i0HYuqRjSUGGw0NpdJtCFVl_XHzDH3fS3mXuXiDEsb329LbAaPWztm_RuI71-gLE0Qh7qQ_ElfWObKmzb5N39U-q-Leio2vFhw2ppG8dDY3uKTZVt2yw_72EuMjt8OikpudDnVB47d0_WNjHIcftVwwas93xdT3yjLre0cdPABcOWO7yY3oOSs1lJH2JqJKEhRyyk1ref7jfSiXYRWdSXBAteKKZrXjZcjNw4dAyMEqu3Ed8KQJ0TR3jHdl__Wp43ACNO-BF5L7xZ_F6hn5SVHQhPK53JrnDSqTZo2u4JnlLroSCXtMQp3d0T6H7s5CbOHo1ZlahcY13fgOVARvOcIbS30T2jGTi9MBmCm_VJcAcVviI6hGtXFLGl1Tva2222brPBUpZVwuXPT5KeXIVHOL2_jI96_brYeCsaEdYhomjixWc3BhmEpkDUJ23sIDVy1Gd2ZrZ31IEgWEgzjIZYq2d_jJa8-HzbT-YjSWmJlHmFYz0BD46i26HyVXwTE4qaUDwCb2EPebEcCxNOHefwc1fPoNtlwCFui9HHZD9mkcwgNfGfRe5PesP87KBvlOFznjdtRd9ML3P8tMsF_7N-S_mkxAIuqT-HQK2CswQ0ziROqtFgwrrkWs_PbKf_7taJXjrpTFkG-zpmMr_YkbuOlEWZAnHE2DvBHmiMrNS-VcoYg62ptqMMZFIZtewXdPh5Ithn3PVZdMJZXFNZCiqOdYDMtQidBzeO2knnvs7MU8-1IsAW27KUBqPym0wVMh78i_iLCASi8rGnbN0Tc5WHFhuGJcLB319Usc1vXXiNmj3rfGbEUgTXepU53ycV0H-CuReiydQ15AkhLh0WVfh7uFqtDgqY8I5MeYHZBnc593MK2TysZDwfnD4i4GOA6Ysg3ViKSY7Mhkh1XkE5OhIMsllZGnmyxg6jroBkFqTM491Xkxwd5h4SZ6q1hW2t_DxXd3GM1YIGAi0mnmSTYUgXEF-sliR0OqVs38HylgkL7IAV83ko7B_gXMGrZ7TmtoyCrcp1bpkaGMo9vomc4IDh69UK_YpunflWYo3I7IcwcTu8GV6RvFrH4IHb4e-OGk4hRN3WLBrQYLRPAJuFBeBSmFyDCBk-9XhtDITyLYHzYh0gvH5M7J50I989HXr576f6UqPiq1pGFjVTuiGI4W-lnJZNhGHW-ITn60jjyk4wqDqORg7Ffh4OJig2Z976PLcz6T_vYrKhQtiGCOh6nRxuLED3cvPbUleTDr1Tzc3Nlr44dcUDVqxaCQSVFgiTnYpeXt3khJ4NL4ms6liwF5DdGHeiVPiqB-1kyATTjjCdAEMmS6K_v8DZVhvfajd_LTQVkik-j0hsr0w2sHxYuAD_CSOajw6gnCRRFu-zkd96MKasWR3dE3sPZwk47Oe8FVFyM6K5C-6evd1FjkBHQ1Fu4m94GMG42J0I4GKkNT_y0VMg&cid=CAASJORoCYL9q-GeuqPYpSKZp2W8HLe70JJtPgo4MX9cBQjAd7eLaA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d24602f35aaa10804c56603c2961ee9d624192f2fba78782ec4d3766e21fa143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32964
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A546 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AZlAvwiLkvWJipXZJwvuznvpwh4ELWSSejpTeswKr8xqb12nuu9bly5nQv48EVYDkLi6SGACZS7T6TrJW7RmN9vjxUu_PDNfE5rMwTQeDPU9-XdvI
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame A546 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:57:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A546 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 04:11:38 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame A546 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:55:05 GMT
l
www.google.com/ads/measurement/ Frame A546 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTu04_LwDIZPYZt_iVOSiqFTaAEyMkm6m9mtMHQ9y185v30rSu_pXPbZCtBJlRSzwJreStWxcoh0jiQvktvEL6XQp6agA
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame 04BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKaxxyErQin-S6iwA2mWhc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKaxxyErQin-S6iwA2mWhc&google_cver=1&C=1
43 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKaxxyErQin-S6iwA2mWhc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYp8SmQjAB&v=APEucNXdW_Yi2FOeWV9dF8oQTUlLMgS0D4T3LCYRjqC8nLZl2d2V6mRka41bSYmJVzi35IT8Zd5J85PI5k21iCY9XBDe9L6J8Xk3vagIyToD-iifQwLm62TnBM7OxScCt2zJQ4XU8bmG1a_QC_LltmyQJ64qD-CNiOkMLyOzT3SP4ygpjaDyz4Mvd31JmgJnvRFFhhSVHgs5
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Jun 2022 04:11:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 23 Jun 2022 04:11:39 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Jun 2022 04:11:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEMKaxxyErQin-S6iwA2mWhc&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Thu, 23 Jun 2022 04:11:39 GMT
rum
dsum-sec.casalemedia.com/ Frame 04BB
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YrPn.jYD76snqHG8qQUiXAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKaxxyErQin-S6iwA2mWhc&google_cver=1&google_hm=2
43 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKaxxyErQin-S6iwA2mWhc&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYp8SmQjAB&v=APEucNXdW_Yi2FOeWV9dF8oQTUlLMgS0D4T3LCYRjqC8nLZl2d2V6mRka41bSYmJVzi35IT8Zd5J85PI5k21iCY9XBDe9L6J8Xk3vagIyToD-iifQwLm62TnBM7OxScCt2zJQ4XU8bmG1a_QC_LltmyQJ64qD-CNiOkMLyOzT3SP4ygpjaDyz4Mvd31JmgJnvRFFhhSVHgs5
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Jun 2022 04:11:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 23 Jun 2022 04:11:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMKaxxyErQin-S6iwA2mWhc&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 04BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAd365cBfHbRtaArX54Ov9o&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAd365cBfHbRtaArX54Ov9o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYp8SmQjAB&v=APEucNXdW_Yi2FOeWV9dF8oQTUlLMgS0D4T3LCYRjqC8nLZl2d2V6mRka41bSYmJVzi35IT8Zd5J85PI5k21iCY9XBDe9L6J8Xk3vagIyToD-iifQwLm62TnBM7OxScCt2zJQ4XU8bmG1a_QC_LltmyQJ64qD-CNiOkMLyOzT3SP4ygpjaDyz4Mvd31JmgJnvRFFhhSVHgs5
Protocol
HTTP/1.1
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Jun 2022 04:11:39 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c70baa6f-4710-4a66-9cf6-c6d70f9392ab
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAd365cBfHbRtaArX54Ov9o&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 04BB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk2MzYwMTY0ODgxOTMyNjI1Mg%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk2MzYwMTY0ODgxOTMyNjI1Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCGwFUYp8SmQjAB&v=APEucNXdW_Yi2FOeWV9dF8oQTUlLMgS0D4T3LCYRjqC8nLZl2d2V6mRka41bSYmJVzi35IT8Zd5J85PI5k21iCY9XBDe9L6J8Xk3vagIyToD-iifQwLm62TnBM7OxScCt2zJQ4XU8bmG1a_QC_LltmyQJ64qD-CNiOkMLyOzT3SP4ygpjaDyz4Mvd31JmgJnvRFFhhSVHgs5
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Jun 2022 04:11:38 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4c3aa597-7d79-44c3-83c4-76b3803e2d1d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDk2MzYwMTY0ODgxOTMyNjI1Mg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=d9675bdf-cf85-4051-92db-9ca047f83379
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.110 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Jun 2022 04:11:38 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
container.html
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E928 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:38 GMT
expires
Fri, 23 Jun 2023 04:11:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=Z2haVjhPWm8rSXBqdzVxSVhER0p4d1ZEMXhuV1ZoZnNNTTFSdzY5R1ZUdDVUb2Q4QnJaUEx2ek5uYTdYM2ZVNWNwcTdFT2Q0WllZSjhEMGJTdmE1VnVvZGV1TVFRRUczUWprczRrNEwyV21pV1Y4dTRuaWFuSGlWNUlZcExmUE9TclJHS3o0ZWdtTVlFZmVJeDlKVCtlQkdxbXdBcUdPcVlVNzZVUTVyYXBvdjJDdDRhMC9xcUtSK0VjRnNNRXJtK2t6eE9Yc3NkdXpBU2crcmRlRDRYdGlsdzlIVzB1M25Ca1FaaXZIQ2R5bTVvMUdudDlNSERqWEpmeUdxZFdTOGJqMDl5NVNWeUZRZmVBcDNUKzNJbmc9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ABAD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:38 GMT
expires
Fri, 23 Jun 2023 04:11:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=bnRJQmhhTXIzbmkrckIydDU5bll2elF4OGU2VlRpSzhRSDJYYkJwTmhZMTl5M3hUYlg1d3BmMXJUTE02azMvNWovVUp4VUN1ODhuVXpodHVmSk1tV2NySEh5ems4OWllZDQrZ3A4V3hZMnhTb2d3OHA5Z3J3Mm5HcGFlUUdPZSt6SnJvSEFKZ1c1eStIRWgweDlxb1kyYVZXSzNTSHN0elNURDdXYkM2YTdpUWw5a0x6ZVNIenh0VnM1N29kUUZMczByV1hNMnBDNU5jbnZabG1uaTZGSFVDOWVNL25YT0FFUkgyQW4rN243UjNERTc5UEJ2dTVQTkRpdnZtaENoSUdDajZaQ2IyeDdyTWFVRkdjSitRRFE9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 30B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPF_lusPiipKdtvJOXf9WeI&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPF_lusPiipKdtvJOXf9WeI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGIHZha8BMAE&v=APEucNU7HlxH6emPpY7kNrJDB7-En1uLWejCH8HFZIOHvbxML9zAEZn9DDcJ2oIgBPVU1C0gr8kvEpT19fPhA8h3rtzNws2ZsP7xCoDlviyFzPZRK0ehUxPS_2EIpwVY9l1R8WFspREOsIIuuRlEMWSnfq863vVDMIPcg_FsA3OuVoj0v55s9zs
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPF_lusPiipKdtvJOXf9WeI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 30B6 		43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGIHZha8BMAE&v=APEucNU7HlxH6emPpY7kNrJDB7-En1uLWejCH8HFZIOHvbxML9zAEZn9DDcJ2oIgBPVU1C0gr8kvEpT19fPhA8h3rtzNws2ZsP7xCoDlviyFzPZRK0ehUxPS_2EIpwVY9l1R8WFspREOsIIuuRlEMWSnfq863vVDMIPcg_FsA3OuVoj0v55s9zs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 30B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBcuguXGEWOe6Zb9OM2JZAU&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBcuguXGEWOe6Zb9OM2JZAU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGIHZha8BMAE&v=APEucNU7HlxH6emPpY7kNrJDB7-En1uLWejCH8HFZIOHvbxML9zAEZn9DDcJ2oIgBPVU1C0gr8kvEpT19fPhA8h3rtzNws2ZsP7xCoDlviyFzPZRK0ehUxPS_2EIpwVY9l1R8WFspREOsIIuuRlEMWSnfq863vVDMIPcg_FsA3OuVoj0v55s9zs
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 23 Jun 2022 04:11:39 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEBcuguXGEWOe6Zb9OM2JZAU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 30B6 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGIHZha8BMAE&v=APEucNU7HlxH6emPpY7kNrJDB7-En1uLWejCH8HFZIOHvbxML9zAEZn9DDcJ2oIgBPVU1C0gr8kvEpT19fPhA8h3rtzNws2ZsP7xCoDlviyFzPZRK0ehUxPS_2EIpwVY9l1R8WFspREOsIIuuRlEMWSnfq863vVDMIPcg_FsA3OuVoj0v55s9zs
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 23 Jun 2022 04:11:39 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
sd
us-u.openx.net/w/1.0/ Frame A80D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPF_lusPiipKdtvJOXf9WeI&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPF_lusPiipKdtvJOXf9WeI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQlvvE0AIYs43bqQEwAQ&v=APEucNX-J6oXZmjb2FCAYnxHuqk8Mr_1_xcQg4zfwGWnHOPIbIDTbH8vl45NVkg2voVai3PRhVDK2fpFtwHQaIKVnbH8aA8QwNBXrzRAnpt22voP8HtOUArmiTEFmb94qYb1lmB7SLITtTItWuOSwTMR6Aq_-VxOqKW57Th9Y9vUPz1Drrk3F30
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEPF_lusPiipKdtvJOXf9WeI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame A80D 		43 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQlvvE0AIYs43bqQEwAQ&v=APEucNX-J6oXZmjb2FCAYnxHuqk8Mr_1_xcQg4zfwGWnHOPIbIDTbH8vl45NVkg2voVai3PRhVDK2fpFtwHQaIKVnbH8aA8QwNBXrzRAnpt22voP8HtOUArmiTEFmb94qYb1lmB7SLITtTItWuOSwTMR6Aq_-VxOqKW57Th9Y9vUPz1Drrk3F30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame A80D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBcuguXGEWOe6Zb9OM2JZAU&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBcuguXGEWOe6Zb9OM2JZAU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQlvvE0AIYs43bqQEwAQ&v=APEucNX-J6oXZmjb2FCAYnxHuqk8Mr_1_xcQg4zfwGWnHOPIbIDTbH8vl45NVkg2voVai3PRhVDK2fpFtwHQaIKVnbH8aA8QwNBXrzRAnpt22voP8HtOUArmiTEFmb94qYb1lmB7SLITtTItWuOSwTMR6Aq_-VxOqKW57Th9Y9vUPz1Drrk3F30
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 23 Jun 2022 04:11:39 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEBcuguXGEWOe6Zb9OM2JZAU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame A80D 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQlvvE0AIYs43bqQEwAQ&v=APEucNX-J6oXZmjb2FCAYnxHuqk8Mr_1_xcQg4zfwGWnHOPIbIDTbH8vl45NVkg2voVai3PRhVDK2fpFtwHQaIKVnbH8aA8QwNBXrzRAnpt22voP8HtOUArmiTEFmb94qYb1lmB7SLITtTItWuOSwTMR6Aq_-VxOqKW57Th9Y9vUPz1Drrk3F30
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
cache-control
max-age=0, no-cache, no-store
expires
Thu, 23 Jun 2022 04:11:39 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 6C2E 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Origin
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 07:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Jun 2022 07:25:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/ Frame 6C2E 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdIBcxan4rOlNOEQF8amcbEz9IvLGrUtY20bOWzv0BzTqjpK89ktHzT2Z_nbP2PBNj251epcNhyD8ubRmql5NASxxwCQ&cry=1&dbm_d=AKAmf-AYwTWeeR8_z-m1yFGM5wf8fV1OrUTGYwdP2k1ulFkLUtPDnHn-v8y2wqWL33vHu7rlRVSty4E1AmilEJxuFvBI5fIEbSukLJ9oWaVaClOfgW93BP5ZNEM-1L_H7ZSmDwfUKCcBjWVNFgN_ckhogvFxMaGDAV5xWNQjahIeatKlZm3Qq-nUN9viDt2P0DKHAiJiQpbZa8lvbEQcgxhDTYuNN-MbkeyYINw0CzrCAkJb2eP1qaanfbeXz16ig1JIK5YWLh-k4pPJUYuLfFSwR800IrHRBbF__BtteoOTdX63cV4_9feWRA0puqB2M2uudB6lpamG9sQFhFfpB-QOa4qw8qNH521U3U4ezjp7ni4LlwpSqjB3y0HPrstCkQSYHx3OIZwH_nzIB83EXzImRT8bAg6vgK2TXk2V8-9mPz-xRr7VpTEHUgKGdIFYvQ0RlWOz2LCRtyCzPcD51_SVjKI-LPUjXKfrhrQIGfmptmD4hNDYq0FugHhWcL_PHRkfbVg843HHdFXdGc0e3_6TMZUSTyrOuB6V7kFGugrIlS7P6cao0oYm_nNuJqNc6cDMDYmdtIMpQx4tu3nYNDquSGYpgl31E1AlxbaZB7kW_1VDvaib6b4jfDXUCePB6IaXzBlfmqo7Mak4Ob7v2l1pawtX9YZpK7Ay2mOX7CF8UNys3WTDdazD64Ri05se-cHT9u68BIp-vDW06gYRBnUXAD4dwLy_vDuzjNcatIUSE-ebwNt2zfUh2RBEKkGi2G6kwgxJ2KP-ZP0lsPElRSTC6daT5HMVjWco0n-xtmvWWMNmcyIzyE7HfVBF0_lUugyYNsw_Sxva8i4VVC0J63OGBXTcEQF-fHjxC_WZM96HUuK4bt01P2wHBUhEpnYGcloIf856k4JIpfF4o6Ku4_ev6HipFn1YDB9hKt5ss9HsL_nX25B_jtWZWp4cgn-jxG2pGYD3rj62VLqzHB7ZyjGpRoY9cKaH31HROIVFAxW8mp5eG_zuQImtMXePq3MmegdpivdzFAKuAIgCMorXuviJ6XbdmXwfWBa8lb9o42klBAKr3UtyuoJnO1ztVNPQaP5iOApN4SesA41fi-FrWVS091KPVCgVdR7agKHl38snV6GSouN7P5X7lafw0-cLJGuEXjjSQDXE4n5ln6fN_Iq3yWUcdBut8OvC2F4ZkBe18egLdKAXotHsKIWAxOSkCKnhm5iVrgf8Pt-jsgPbXK-vLI1PytuzD4vTtdpKuL1CkbQKJoZza2ru-Q5OHNcM-1xm07blM5BgQkxloiOsY2rWv3BTAG4jsL_2fB7SGiMpDAfOUJhsLTVj-I7J6vMLibwc25l_8UWN_fA1rFYm4jWbOZ--cKu5EHP5y3ZHc3fHcRabgEhGP7ejafbTxx6Pl6uMekouHS-od573W0aJgiUUuGQB71WYyO_Ku7IWKuyW2CMirnid3l7SOYvNSU3J5KL_yE-agGjXjIDPaaxWEVpu8PK9_BirFLlavIE7fx5mgZt9XUbQ01JbZncSJ4zT0DWbGMFhVx41e45CfikJUyFuLKeviBv7SN0OTbzy3LN1YcCGgt5LTFkRnLMVpR3Ui_T1kE4M4326lSURxopi2j6XfK5nuSY9qrXklHQcFMHeHOi6DlrtmWMFjUveorhlK8SvQ-RHcm2VQm7G4MjMX97gppttioip7kfuuwW0qsM1x25YBET_s5k3Z5BobEjNuz8QhjGz6HvVcy6S81OuqDOpQ0VX8lwsproKkuUbOtcguWtGIs6f8J4V65qDiJjWu4UEB07NDuyr4TsErtC84FgRFRULjb9ro0LAHOSDlorsIoj8zb7cB8JMoRMuLU0IOeKaM5Kg_RBoKdqwQ0mbUONcfopmmokPswf8K0cL8r_J4dDCYlg1Pg972wX7YhU4prMxaOZC77crI3vAnyVXtf_-v4BuWHw5NN9buhD6Poa1tqhob4zBY1zTNxACckOfKwovEoOnM0gFoyg798Ik9KNzn2ds8Z9xroFJy3OuOPOUrb28Lv0A1QBeLw_0CegLAeUW7CMzVpFrsSQPvfloguWW3QvudprwJofQTZxfBZe1YinwRru0mv7-qKxFpdzokSHBdeJ1hgJHjwiNuOsRp6WfNgyupmwNxXeqH9E1pAS4beAS6WObkDMY7CLdtDBCps1o0qy2VjDGedGTkCnT7CfccJeQEaJFeqflHAKQLs6DXWDJPMBajrpmSuVuuy9hDt-lw1Dk6rQg--O8cOwxH5OtPpkLgI8lcKD3f6518bQ-_Tb4IxhxV8D6YAWXv0LnLo2yr6zleub53OcEV2D8scSi8h-YaW8qwQExbLbKO7fUAqFfIV7hUravL06Bhq2bXMrmxrBH9zjln2PPPse5Gnzk29_xa5T86KkY60b-jLBoNsnXmSFPchpSZV0dn2nWBPu1bIr1Y2i46AZad7Nns-xDv9jgYly8bFDV9G6pXhT6464yDXHYMmQAqbHhfrUJUWn7kVD9WoWux2OlvLeyEPYDdDyBd6Ci6T_MGTU33XhUlQSVgf35aAtEJmzZIj1oULYHTRVX1zeFJaLFAFfiXT4FCYZprHoaMT6J7fke0VBpzJ7dtyqEiyX3zrYP9buhZ_ez1WdIN_b63uiYbHPCySf8bbzx81-Dan7lYiAbiNHzvG9uajhx5MrEGGUaQ54Y14hg35yVI9nc6CxDoSmglp0Dd6CBm5OfwR-l4zJc9ys4QrZ-22Mb4d9E-xEK08c6ex2ic0SZJXFIVNbUKTbTXP30gsBUXQlPVjBgvMlDTD-EpDUdbnNk0DsRx9FzFeIlE0VPev9ATraUTVNV_hBLRwp2oRCKKCSpmYYQokLIaXtjFc0yMyObJRVEhN5QGo9QfOFthzKggYBGRrx27uS7TM8TCqro5q1NMAHK6-FIbAuLMWAG5ixk-Uh_XEnQLDy15PQciRYnbtMzL9IGd8X8dRw0KIcFAyBJ9wCNvcPm_Ef_SBhPiStofSoE6gcig-kbY1xeaomcyl73&cid=CAASJORoskhO0Lg2FAyu5SUsGmxECCo7-J_HQBSiF9TGb7cjbBM9vg&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
793
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:58:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame 6C2E 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AdIBcxan4rOlNOEQF8amcbEz9IvLGrUtY20bOWzv0BzTqjpK89ktHzT2Z_nbP2PBNj251epcNhyD8ubRmql5NASxxwCQ&cry=1&dbm_d=AKAmf-AYwTWeeR8_z-m1yFGM5wf8fV1OrUTGYwdP2k1ulFkLUtPDnHn-v8y2wqWL33vHu7rlRVSty4E1AmilEJxuFvBI5fIEbSukLJ9oWaVaClOfgW93BP5ZNEM-1L_H7ZSmDwfUKCcBjWVNFgN_ckhogvFxMaGDAV5xWNQjahIeatKlZm3Qq-nUN9viDt2P0DKHAiJiQpbZa8lvbEQcgxhDTYuNN-MbkeyYINw0CzrCAkJb2eP1qaanfbeXz16ig1JIK5YWLh-k4pPJUYuLfFSwR800IrHRBbF__BtteoOTdX63cV4_9feWRA0puqB2M2uudB6lpamG9sQFhFfpB-QOa4qw8qNH521U3U4ezjp7ni4LlwpSqjB3y0HPrstCkQSYHx3OIZwH_nzIB83EXzImRT8bAg6vgK2TXk2V8-9mPz-xRr7VpTEHUgKGdIFYvQ0RlWOz2LCRtyCzPcD51_SVjKI-LPUjXKfrhrQIGfmptmD4hNDYq0FugHhWcL_PHRkfbVg843HHdFXdGc0e3_6TMZUSTyrOuB6V7kFGugrIlS7P6cao0oYm_nNuJqNc6cDMDYmdtIMpQx4tu3nYNDquSGYpgl31E1AlxbaZB7kW_1VDvaib6b4jfDXUCePB6IaXzBlfmqo7Mak4Ob7v2l1pawtX9YZpK7Ay2mOX7CF8UNys3WTDdazD64Ri05se-cHT9u68BIp-vDW06gYRBnUXAD4dwLy_vDuzjNcatIUSE-ebwNt2zfUh2RBEKkGi2G6kwgxJ2KP-ZP0lsPElRSTC6daT5HMVjWco0n-xtmvWWMNmcyIzyE7HfVBF0_lUugyYNsw_Sxva8i4VVC0J63OGBXTcEQF-fHjxC_WZM96HUuK4bt01P2wHBUhEpnYGcloIf856k4JIpfF4o6Ku4_ev6HipFn1YDB9hKt5ss9HsL_nX25B_jtWZWp4cgn-jxG2pGYD3rj62VLqzHB7ZyjGpRoY9cKaH31HROIVFAxW8mp5eG_zuQImtMXePq3MmegdpivdzFAKuAIgCMorXuviJ6XbdmXwfWBa8lb9o42klBAKr3UtyuoJnO1ztVNPQaP5iOApN4SesA41fi-FrWVS091KPVCgVdR7agKHl38snV6GSouN7P5X7lafw0-cLJGuEXjjSQDXE4n5ln6fN_Iq3yWUcdBut8OvC2F4ZkBe18egLdKAXotHsKIWAxOSkCKnhm5iVrgf8Pt-jsgPbXK-vLI1PytuzD4vTtdpKuL1CkbQKJoZza2ru-Q5OHNcM-1xm07blM5BgQkxloiOsY2rWv3BTAG4jsL_2fB7SGiMpDAfOUJhsLTVj-I7J6vMLibwc25l_8UWN_fA1rFYm4jWbOZ--cKu5EHP5y3ZHc3fHcRabgEhGP7ejafbTxx6Pl6uMekouHS-od573W0aJgiUUuGQB71WYyO_Ku7IWKuyW2CMirnid3l7SOYvNSU3J5KL_yE-agGjXjIDPaaxWEVpu8PK9_BirFLlavIE7fx5mgZt9XUbQ01JbZncSJ4zT0DWbGMFhVx41e45CfikJUyFuLKeviBv7SN0OTbzy3LN1YcCGgt5LTFkRnLMVpR3Ui_T1kE4M4326lSURxopi2j6XfK5nuSY9qrXklHQcFMHeHOi6DlrtmWMFjUveorhlK8SvQ-RHcm2VQm7G4MjMX97gppttioip7kfuuwW0qsM1x25YBET_s5k3Z5BobEjNuz8QhjGz6HvVcy6S81OuqDOpQ0VX8lwsproKkuUbOtcguWtGIs6f8J4V65qDiJjWu4UEB07NDuyr4TsErtC84FgRFRULjb9ro0LAHOSDlorsIoj8zb7cB8JMoRMuLU0IOeKaM5Kg_RBoKdqwQ0mbUONcfopmmokPswf8K0cL8r_J4dDCYlg1Pg972wX7YhU4prMxaOZC77crI3vAnyVXtf_-v4BuWHw5NN9buhD6Poa1tqhob4zBY1zTNxACckOfKwovEoOnM0gFoyg798Ik9KNzn2ds8Z9xroFJy3OuOPOUrb28Lv0A1QBeLw_0CegLAeUW7CMzVpFrsSQPvfloguWW3QvudprwJofQTZxfBZe1YinwRru0mv7-qKxFpdzokSHBdeJ1hgJHjwiNuOsRp6WfNgyupmwNxXeqH9E1pAS4beAS6WObkDMY7CLdtDBCps1o0qy2VjDGedGTkCnT7CfccJeQEaJFeqflHAKQLs6DXWDJPMBajrpmSuVuuy9hDt-lw1Dk6rQg--O8cOwxH5OtPpkLgI8lcKD3f6518bQ-_Tb4IxhxV8D6YAWXv0LnLo2yr6zleub53OcEV2D8scSi8h-YaW8qwQExbLbKO7fUAqFfIV7hUravL06Bhq2bXMrmxrBH9zjln2PPPse5Gnzk29_xa5T86KkY60b-jLBoNsnXmSFPchpSZV0dn2nWBPu1bIr1Y2i46AZad7Nns-xDv9jgYly8bFDV9G6pXhT6464yDXHYMmQAqbHhfrUJUWn7kVD9WoWux2OlvLeyEPYDdDyBd6Ci6T_MGTU33XhUlQSVgf35aAtEJmzZIj1oULYHTRVX1zeFJaLFAFfiXT4FCYZprHoaMT6J7fke0VBpzJ7dtyqEiyX3zrYP9buhZ_ez1WdIN_b63uiYbHPCySf8bbzx81-Dan7lYiAbiNHzvG9uajhx5MrEGGUaQ54Y14hg35yVI9nc6CxDoSmglp0Dd6CBm5OfwR-l4zJc9ys4QrZ-22Mb4d9E-xEK08c6ex2ic0SZJXFIVNbUKTbTXP30gsBUXQlPVjBgvMlDTD-EpDUdbnNk0DsRx9FzFeIlE0VPev9ATraUTVNV_hBLRwp2oRCKKCSpmYYQokLIaXtjFc0yMyObJRVEhN5QGo9QfOFthzKggYBGRrx27uS7TM8TCqro5q1NMAHK6-FIbAuLMWAG5ixk-Uh_XEnQLDy15PQciRYnbtMzL9IGd8X8dRw0KIcFAyBJ9wCNvcPm_Ef_SBhPiStofSoE6gcig-kbY1xeaomcyl73&cid=CAASJORoskhO0Lg2FAyu5SUsGmxECCo7-J_HQBSiF9TGb7cjbBM9vg&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10546
x-xss-protection
0
server
cafe
etag
1672864604874404814
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:58:56 GMT
container.html
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F936 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:38 GMT
expires
Fri, 23 Jun 2023 04:11:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=OXh3YWNpdVUvdlAxUEE0eStMWEVqQTdQdnJCcEFQV0VtNXhsd0Q5Z2pxZjBWaDl6OVp4a3hnT0hZaU00NmNaalY5OTFmZXJVMXRyejNFMTBkY21xQmo0SFdBdXE4NmlXNW5DaDVQK1NIYXRJR1F1aWd5QXZ4Mlp6b1QvMWVvUzRlWmtPdnZrOWxCQ0RlZDFPejVqYVRiOTFNZzh4SStWdDZ4U2xwVlRtL1pKVUV0NUR1Nmg5Y01CWDdrT04rS3VPMWVYUnVyU0JTcW9NWXRXWDYrU1czL3ludEFpNldwS3pUZXdpSGNvdG0zL2VwbXcwWUpiamVjVUM4QmNJVnBnQkhzRGpOWUZiaGRBcHllYTJWdnR0VVE9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC44 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:38 GMT
expires
Fri, 23 Jun 2023 04:11:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=TEFFZDFkU2krZjFyVEZMQjJoejF1ck9tVFJnUjFxdkxUVThWQ3pQcmdSUlN1UlA3TFFIQ3NHbmZQMEdXTy9GN1l6Z00rSG51ZmgyRnZGOWQ4YzIvVVlkMi81dkJCcDFFU3FUbWRBQ2ozUy9rdS9RbWxnai91M1c0R1J0T2dFaVJuRmtCTGEzLzBGQzVkSlNPMnBpWEdDVTROc1Q2cjhJTXh0WmVURGJ5RXVoVzN6YW5veS9ZZmhWdmUvM0NqWlF1RnhTYkxZS2g2b05WRlc4cldmeVgra0Y5dUZvUkljN2hMeHhDY2VSNTNrdC94Ui8yK2Yza2FQNHhMNE1rNS9aaQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Jun 2022 04:11:38 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 439E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CFVldHoC1dNMScZ1Y40IGX0tsY4QmYOh88SoHeTxpdGfAs5YueSYXj7wui5n2FepgooPqn6a8XUjrr1ka7LowU2rVh8hZ40a0zGR1FOcLTU0GauPhYygWdmPTy588cwXi64clfrh2_hZ6Tb0MRxpxwmwaOyA&cry=1&dbm_d=AKAmf-Cdeau1HsLRZNw6VafGaen4jFgrs8uwTFi4PTG545p7_rWK_AT2ZkbyNLsFaBG88aBz-1P0SBX7lpbmirRqZlaCu13m4eQV_3LsflFsoznCKUalzPXr-JN0-zHwYxTKvtblvBnPa1FpIQWY04rtmJMgB3heG8TH8A-UQeWqx_pSOxu1py9dkj7jMist63WIR6G7t7LAXK2PcwG1F4cKN73FNHG3f4k35LwnxTiply83BpC9gZGFat_5IR-Qr-AAeo0r0dPeVObQatjFpN44YAPV8YMGzK026hDOO8_cWP9cpHxVJYbGjg2n7KSx_WV2Gp1On9GHoyRRKeUDZbPtpXVrXjMWe3Ud_rnZHKVbWUmAyn9PZ2-BsA6pQo6aWz2ono_8VLJ1RH0t5f8k8UVg5pRYsAkaTaG3evP_U2CbvOur86FjJmbsqBlt67lB8ppXr3MODduqUrXvDFrnE_2AwUbDlWmGSTyfyMWVFglyg2DfvSEIoacvrVxYNno26Qzy294rxFcwcSbJBpniQnTSqH9fUDd0QfNfzOeV36L3EUvQNk8CtPiPe4RQ5E49DitF6-c8d1Vog29d67V7-wGMvsBUlbGheJLRkYqbVjPAZ19IWDH_u71bPm5AUzoZARhwhmwdGRhQNfu_fc9b2FuMqrZOTcRbE_qb_1iKkqVdYynwCnnv3W4B9Yxfxm1CQKZr_Niy_6GbeouZsORHpIPEtkzaWH8c_H6bidDNev1-m-GkscNCHWw6kZe-t7NsWb16x7z9UVZY0V7ttsePpdlgXzLE42YIBiYDPSeB0vJkonUwv_Ylw76OICvJcM-zWwSF9unvJ_cmmd0t-ZALughZI8_AizCKv3g_KLG5ALJis7cKXZAJaNcmcwrvt-lTj8jeZkzZD4LGOAjLE5-YAVVZRdQg4BpG2A12KzgUxk5xALbjlMIOazCaRrglp8LuvQRnUFgzSTuDjhCl18hC1DgYMKFRcE2cAx5Sp4cmU34WS50tAf_wp38BWRD6uBWaXfVnYh6nhFVrtanJrxBLNHhJ-KeTzOl8CQklMCHy7_u7zh_VCnacSFZrolOk_lS2D0Q45B1X8p8FMNqTL1A2B3mqc66FkD6H5V46rAH-R7asyxx8xYWZn-H397Qgd5Bs3g7_ILri0HHYaWU9559Jj7LEMIl6mMqvLz9yWke5nI9WJxJax9Z4q7b2GR8puVplETjN4ORjlNCYTi4399IuKQNeIUOnKf9QMD3y8-qsTcP1r90Okm3UMkMxDBZo13wjUtoS6p9QhB7Pf3xT0QW9DwFSVI1s5OtrS7Ui3lIUtTmzGycIOmSe6zuC-kK8fL-ZM7QRZoC7HqpVii9NyeQLlt1hOsCa5LKbx3EzHy4xeZDzkNvPf3VgrhJKvQHnz1V0SlfOh3e-n-BkoXAAMwwEJN0RJXNAPkpFnPtjTYbV1y-40a0vBccKRJ1c9epqz-mpQCKG2IHfiui8JLq91ppKtnPbtpdI1pciwHpKzP9Zhhqtl042XhwZbJhoJmrXLaGPPXWg79dNZD436sT5IClgZStcHNy5kCBxjfodHCnV4FWqQsvojN9FzPsm6tnwz_vpOsXL_h4zkr4YwwI5OBiExJEHF2fvt9hV2I33hj0tai79nUU0UGUZvy6sHbJE9jmrTOsZ6LQaISl938UQ6wZzqxauhQeTsc_3latijtDAlCFKDSLcIIpkeqLhpE1BIfqJSNx6Ep4hP0f5AUDx5qHWdAXNOA5DHIB1Pr6d3dI6H2qrfpgBKW7NddSnmGHZ-3qzlQzzjCM2BbTA9qUE11ccTzlfg3KKu3tE1Aqt6ipvF7LsizU9RP-zRbhp8k1jR6hciLCPh7Be4HD9rALiJIu5EQxPFFNyAC_oQ6TndJ_6i0eBJ5aWS-KKsimo0ur-j3lXrPBTRsJldK3b_4FysM5B7SMBOBfx47wQY0QZ71aGH-rz78zBpBpdUD-Xzq8hkfy9rcmUp5FARpvyc5DCok1_PXmEupRKextYbEyKmpdFRM2ZI6mvsMoO_VpO-dNg1OyB6RpvP1H-Ov1WUv4gbEZkSmR1CJantFwzGHPx7s9mkV9jNDkdn5sEn6KeDWoTc3_GqWzU5wV7vHXYetemFmuevBGV7B0-HVuHhDJkB-QIE1nFrV6flJjNJjYVYHKJzb84rxwb6A0U_bxgp8FJ2uMDoawkwPo_poaDtLHrvnbzykLVo8NwkR3wxFJr3Zo0KvqLH_QfspH-8CsyM9rMh_kG6A_Y3aorU_cP253Q7fTa7w7t4g72udhmOF0-lC9TF6by1OQgpfULS5tG1env7z2Mu_CsXtfIWDBST8L4XtiMoRfFpGV30t7LHqeIG0tLw84kuJCIFi7MlWNpySC47Ry7Mf_C6i6x-otkU_HKHDKTh7DMtz18NiCmUhZdmHyXhWeZmWNWkGEZpnGykdijgD1c2Hkk1m3OZRv4QwNR9pebr7lWmw-vmTmQVRqOHIRivZT-2BrIp8yT1mRuNmoDIN0Gi5YHz8m8Y8nfLNTSLGPfnwwodn_zdb89ijm70t4s9rHnRJWAauTV8fe1m5S8-ATmWRHv6eQ9n3HO_8TARD5HaPzNK6GKbhRUDKZ-aPXGaKgGD-7SzGKjN3_v&cid=CAASJORof2VZXiYA09AsRJqvghLoueXAVO_uLW5r7GEQdrLAxx1SKw&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 07:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 07:43:15 GMT
bsi.js
z.moatads.com/pbb847483933/ Frame 439E 		51 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/pbb847483933/bsi.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f1f875833ddb7ecdb962369413465f1a6fff8a887398966d2d248e5a4d34e817

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 18:39:25 GMT
server
AmazonS3
x-amz-request-id
66JCQTHFSEE3Q7T0
etag
"302acac31c108dadcd3aed706c8787a1"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=22621
accept-ranges
bytes
content-length
22862
x-amz-id-2
PYJaKYERr9d1HnSqIFmUvzQy+I7yKsUrtZnCZ08zkCAt0Dna1YxzP2INzOMyd6ib84PLD9uLV8g=
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame A546 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Origin
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 07:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Jun 2022 07:25:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/ Frame A546 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXKqctM_dXd_F3XucOfveEf4d8HJIccprKOopjhSKKYNtoGIo-6Ci-CdSjP5ZP7CwaCzPeEYfA1K-QR6FmNiHRbn8IoM8pLlwTOeSuxzm8TcR-l_K6O-_0FG29SUnWHAHTa29MTknJjeqRKaOBjGUCMsI1eQ&dbm_d=AKAmf-AyRdRkdbJEDJ-URNoXx71yxiisEsf8-g6pkmA1Yy-8vClCxDaF3UYyDth2taE1NQZTwDBQqa6JoXOqAmuLI2SkxzsVo_IcIHdfi58NvbA3zuw_nDuDl6f5Z7BgrGyoYFRKZxQCqL4VLh-9utbrNu84HSm7nMCmlccElTPuhWwhEIG-f_przt00s3Dj_82C5PEIF3NE2Nze-RS2ttYfNTTwuYpOOQoocvnY1_E0aQDmwiM-QKP9AHOlPt1t6r3nQ8dDNn6junoxDpHDwg33S1_wGdh1i1Mvkk-gHNNwd_07t386EHVg1AYLGgAzCrQQnFIC3gV8GRhFOgOqlDjnVQEv43vcknfG2epYzOf7e8l6WXIIeYPNxqVwEXp5SYY1sW582wD3BkOl4WVzRjL7hiCCFqN_TEr0QluiILfIXyx3E6Cmkjb3HUuehr08uMTw6ux7_6Ep1j-exiLVYZInwX3DUzVFjwnoJOZlQwUqBvCZEBwRoM4snjO3uaqQBa16fQ2r8btiVRri41GziKaCDxncCHDucpQW2r1EF-oD9p-iMmz9T3MTrv8Xq6XOSebn_DHiXB8Lz9JEgkqV5fN-4iavBzVKmURCQx3X3Orfs7GQWEpoclFukWyvgbdWpuzf5Bi1ZOSoDGvNlw0xLWwWi_D53kQT5NTsJ0-OBzHlo76NTzZ00mYppsA-euXP7tIEC76ThzFfd7xlfQxRt7_KQjZ6G0eOjXJowClLvW3HKstw5H4MBaZkCCluhh2mCyVrzHPm8q4SDY5UGlpDnS9dUknXOFTTdANDNedcHAjfGGbhqwY6ogFHHiSe2fFkf8ScK6Hhy0XeMl7iXxADCu8xGRZczdd8_kHbe7jS3EwsaE4menwnZKK15DuhrbQ95NvaPv3GtWGnelJ_vgExyp1vdy6PXRHtaI56wIkat3EhCEN-WfOyS1Vgr4ssGY0QXu0ebWqhqnZOmR712qNnsKd0vczSphu1RnGj2SZ3MWL9WFcoRiTSPL27czgGg3nXFO5hyPa1qcTTAIST7CUE0ROm0KBn53yuvNQboS5paN0RdPFTj-3lsYSwXgVgw15KvkZFiKOOrmSX8c3HNO4xM-D7ZIyO4LJZ324n5TS3k8etf0_iaihR-SutCtIZMyebxjG5RubAbMNAUb4yRzjB6f0K9usyi0yxHB9BGo9_MCElvVDThxbkDjqDw8Ttf8jzOPfaYx5NtyE3oQcvDM39-z-Gshr9HSTBpDipJbACUWJo0Fntm-p86mHM2T1NC7XWJW6_O43Qv4OdvU4SxbQ9VOhW9PL5nfhcdswwOfbFsDxfT2tKORPdxaVz69oJXW4sVnXvJSdQ-bC7TZqQ5rupASpDfXvvX1QiFHPghGji5hfOtkeAiAZuLzdeWSMSAHRSzg-XmuyfuqsAl-WtMiW33ybP64sX9oi_RUyArEb9efP5BV4uEbbbx48hd38gn3U0tmQjdpUNEtA7HwOPPR4K_D3dsPm8_zqxLneD4xTIE8GLxz-3MzyRu3dJgF6onZPaUd0bmUF2sWll8Ccgueye5iRv0DBxlQlc0GmHX3xneJL8FCmAjdYgTwyMsc4cvGsolo69MKo0_0aWPkKEQKgbWri6QlYRj24V-MZPNkNnNOqE8VSOD11Xj9wWmFyXO9SSNGYPe1neRo79fZX3rP5_qiXz9DeuFetgHFKPQv_cq66LGgNhVjBiPzzb6S8D-fOCBPNfathCWRFd-AIGb1tTUTCvcpKzFTR0X1CriT098rA0MEj4eaJaK8pUscCI3S7_HyatpjDq8IMYKAMEAcs4sxs99XWXphoRmKeY67cGh7kPnso7DGQxnjbLDh05rna_9tcmrt5gIy0sR2Bbl9as4aIHi5-EyT0E3gtOZ_Yupave8giYXoO6bNpx-9-8pKay2EmZQJZP7MmI1zUJWOqTg_O5LuRmVuOpy1kSur-2BPkTt32QrIA29LSWCK4rDdOS_Xh0f2zPLIVYwNPmGUBJl9DByyDsX3t4fNyThmZF8XLVGuuveHQZqbkFH5jno6fG_F5AQgIPigANCdBDyQDYTU8iET6AkiYRq6Iy5Af7NZjtTFvGdfF5-i0HYuqRjSUGGw0NpdJtCFVl_XHzDH3fS3mXuXiDEsb329LbAaPWztm_RuI71-gLE0Qh7qQ_ElfWObKmzb5N39U-q-Leio2vFhw2ppG8dDY3uKTZVt2yw_72EuMjt8OikpudDnVB47d0_WNjHIcftVwwas93xdT3yjLre0cdPABcOWO7yY3oOSs1lJH2JqJKEhRyyk1ref7jfSiXYRWdSXBAteKKZrXjZcjNw4dAyMEqu3Ed8KQJ0TR3jHdl__Wp43ACNO-BF5L7xZ_F6hn5SVHQhPK53JrnDSqTZo2u4JnlLroSCXtMQp3d0T6H7s5CbOHo1ZlahcY13fgOVARvOcIbS30T2jGTi9MBmCm_VJcAcVviI6hGtXFLGl1Tva2222brPBUpZVwuXPT5KeXIVHOL2_jI96_brYeCsaEdYhomjixWc3BhmEpkDUJ23sIDVy1Gd2ZrZ31IEgWEgzjIZYq2d_jJa8-HzbT-YjSWmJlHmFYz0BD46i26HyVXwTE4qaUDwCb2EPebEcCxNOHefwc1fPoNtlwCFui9HHZD9mkcwgNfGfRe5PesP87KBvlOFznjdtRd9ML3P8tMsF_7N-S_mkxAIuqT-HQK2CswQ0ziROqtFgwrrkWs_PbKf_7taJXjrpTFkG-zpmMr_YkbuOlEWZAnHE2DvBHmiMrNS-VcoYg62ptqMMZFIZtewXdPh5Ithn3PVZdMJZXFNZCiqOdYDMtQidBzeO2knnvs7MU8-1IsAW27KUBqPym0wVMh78i_iLCASi8rGnbN0Tc5WHFhuGJcLB319Usc1vXXiNmj3rfGbEUgTXepU53ycV0H-CuReiydQ15AkhLh0WVfh7uFqtDgqY8I5MeYHZBnc593MK2TysZDwfnD4i4GOA6Ysg3ViKSY7Mhkh1XkE5OhIMsllZGnmyxg6jroBkFqTM491Xkxwd5h4SZ6q1hW2t_DxXd3GM1YIGAi0mnmSTYUgXEF-sliR0OqVs38HylgkL7IAV83ko7B_gXMGrZ7TmtoyCrcp1bpkaGMo9vomc4IDh69UK_YpunflWYo3I7IcwcTu8GV6RvFrH4IHb4e-OGk4hRN3WLBrQYLRPAJuFBeBSmFyDCBk-9XhtDITyLYHzYh0gvH5M7J50I989HXr576f6UqPiq1pGFjVTuiGI4W-lnJZNhGHW-ITn60jjyk4wqDqORg7Ffh4OJig2Z976PLcz6T_vYrKhQtiGCOh6nRxuLED3cvPbUleTDr1Tzc3Nlr44dcUDVqxaCQSVFgiTnYpeXt3khJ4NL4ms6liwF5DdGHeiVPiqB-1kyATTjjCdAEMmS6K_v8DZVhvfajd_LTQVkik-j0hsr0w2sHxYuAD_CSOajw6gnCRRFu-zkd96MKasWR3dE3sPZwk47Oe8FVFyM6K5C-6evd1FjkBHQ1Fu4m94GMG42J0I4GKkNT_y0VMg&cid=CAASJORoCYL9q-GeuqPYpSKZp2W8HLe70JJtPgo4MX9cBQjAd7eLaA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
793
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:58:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame A546 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CXKqctM_dXd_F3XucOfveEf4d8HJIccprKOopjhSKKYNtoGIo-6Ci-CdSjP5ZP7CwaCzPeEYfA1K-QR6FmNiHRbn8IoM8pLlwTOeSuxzm8TcR-l_K6O-_0FG29SUnWHAHTa29MTknJjeqRKaOBjGUCMsI1eQ&dbm_d=AKAmf-AyRdRkdbJEDJ-URNoXx71yxiisEsf8-g6pkmA1Yy-8vClCxDaF3UYyDth2taE1NQZTwDBQqa6JoXOqAmuLI2SkxzsVo_IcIHdfi58NvbA3zuw_nDuDl6f5Z7BgrGyoYFRKZxQCqL4VLh-9utbrNu84HSm7nMCmlccElTPuhWwhEIG-f_przt00s3Dj_82C5PEIF3NE2Nze-RS2ttYfNTTwuYpOOQoocvnY1_E0aQDmwiM-QKP9AHOlPt1t6r3nQ8dDNn6junoxDpHDwg33S1_wGdh1i1Mvkk-gHNNwd_07t386EHVg1AYLGgAzCrQQnFIC3gV8GRhFOgOqlDjnVQEv43vcknfG2epYzOf7e8l6WXIIeYPNxqVwEXp5SYY1sW582wD3BkOl4WVzRjL7hiCCFqN_TEr0QluiILfIXyx3E6Cmkjb3HUuehr08uMTw6ux7_6Ep1j-exiLVYZInwX3DUzVFjwnoJOZlQwUqBvCZEBwRoM4snjO3uaqQBa16fQ2r8btiVRri41GziKaCDxncCHDucpQW2r1EF-oD9p-iMmz9T3MTrv8Xq6XOSebn_DHiXB8Lz9JEgkqV5fN-4iavBzVKmURCQx3X3Orfs7GQWEpoclFukWyvgbdWpuzf5Bi1ZOSoDGvNlw0xLWwWi_D53kQT5NTsJ0-OBzHlo76NTzZ00mYppsA-euXP7tIEC76ThzFfd7xlfQxRt7_KQjZ6G0eOjXJowClLvW3HKstw5H4MBaZkCCluhh2mCyVrzHPm8q4SDY5UGlpDnS9dUknXOFTTdANDNedcHAjfGGbhqwY6ogFHHiSe2fFkf8ScK6Hhy0XeMl7iXxADCu8xGRZczdd8_kHbe7jS3EwsaE4menwnZKK15DuhrbQ95NvaPv3GtWGnelJ_vgExyp1vdy6PXRHtaI56wIkat3EhCEN-WfOyS1Vgr4ssGY0QXu0ebWqhqnZOmR712qNnsKd0vczSphu1RnGj2SZ3MWL9WFcoRiTSPL27czgGg3nXFO5hyPa1qcTTAIST7CUE0ROm0KBn53yuvNQboS5paN0RdPFTj-3lsYSwXgVgw15KvkZFiKOOrmSX8c3HNO4xM-D7ZIyO4LJZ324n5TS3k8etf0_iaihR-SutCtIZMyebxjG5RubAbMNAUb4yRzjB6f0K9usyi0yxHB9BGo9_MCElvVDThxbkDjqDw8Ttf8jzOPfaYx5NtyE3oQcvDM39-z-Gshr9HSTBpDipJbACUWJo0Fntm-p86mHM2T1NC7XWJW6_O43Qv4OdvU4SxbQ9VOhW9PL5nfhcdswwOfbFsDxfT2tKORPdxaVz69oJXW4sVnXvJSdQ-bC7TZqQ5rupASpDfXvvX1QiFHPghGji5hfOtkeAiAZuLzdeWSMSAHRSzg-XmuyfuqsAl-WtMiW33ybP64sX9oi_RUyArEb9efP5BV4uEbbbx48hd38gn3U0tmQjdpUNEtA7HwOPPR4K_D3dsPm8_zqxLneD4xTIE8GLxz-3MzyRu3dJgF6onZPaUd0bmUF2sWll8Ccgueye5iRv0DBxlQlc0GmHX3xneJL8FCmAjdYgTwyMsc4cvGsolo69MKo0_0aWPkKEQKgbWri6QlYRj24V-MZPNkNnNOqE8VSOD11Xj9wWmFyXO9SSNGYPe1neRo79fZX3rP5_qiXz9DeuFetgHFKPQv_cq66LGgNhVjBiPzzb6S8D-fOCBPNfathCWRFd-AIGb1tTUTCvcpKzFTR0X1CriT098rA0MEj4eaJaK8pUscCI3S7_HyatpjDq8IMYKAMEAcs4sxs99XWXphoRmKeY67cGh7kPnso7DGQxnjbLDh05rna_9tcmrt5gIy0sR2Bbl9as4aIHi5-EyT0E3gtOZ_Yupave8giYXoO6bNpx-9-8pKay2EmZQJZP7MmI1zUJWOqTg_O5LuRmVuOpy1kSur-2BPkTt32QrIA29LSWCK4rDdOS_Xh0f2zPLIVYwNPmGUBJl9DByyDsX3t4fNyThmZF8XLVGuuveHQZqbkFH5jno6fG_F5AQgIPigANCdBDyQDYTU8iET6AkiYRq6Iy5Af7NZjtTFvGdfF5-i0HYuqRjSUGGw0NpdJtCFVl_XHzDH3fS3mXuXiDEsb329LbAaPWztm_RuI71-gLE0Qh7qQ_ElfWObKmzb5N39U-q-Leio2vFhw2ppG8dDY3uKTZVt2yw_72EuMjt8OikpudDnVB47d0_WNjHIcftVwwas93xdT3yjLre0cdPABcOWO7yY3oOSs1lJH2JqJKEhRyyk1ref7jfSiXYRWdSXBAteKKZrXjZcjNw4dAyMEqu3Ed8KQJ0TR3jHdl__Wp43ACNO-BF5L7xZ_F6hn5SVHQhPK53JrnDSqTZo2u4JnlLroSCXtMQp3d0T6H7s5CbOHo1ZlahcY13fgOVARvOcIbS30T2jGTi9MBmCm_VJcAcVviI6hGtXFLGl1Tva2222brPBUpZVwuXPT5KeXIVHOL2_jI96_brYeCsaEdYhomjixWc3BhmEpkDUJ23sIDVy1Gd2ZrZ31IEgWEgzjIZYq2d_jJa8-HzbT-YjSWmJlHmFYz0BD46i26HyVXwTE4qaUDwCb2EPebEcCxNOHefwc1fPoNtlwCFui9HHZD9mkcwgNfGfRe5PesP87KBvlOFznjdtRd9ML3P8tMsF_7N-S_mkxAIuqT-HQK2CswQ0ziROqtFgwrrkWs_PbKf_7taJXjrpTFkG-zpmMr_YkbuOlEWZAnHE2DvBHmiMrNS-VcoYg62ptqMMZFIZtewXdPh5Ithn3PVZdMJZXFNZCiqOdYDMtQidBzeO2knnvs7MU8-1IsAW27KUBqPym0wVMh78i_iLCASi8rGnbN0Tc5WHFhuGJcLB319Usc1vXXiNmj3rfGbEUgTXepU53ycV0H-CuReiydQ15AkhLh0WVfh7uFqtDgqY8I5MeYHZBnc593MK2TysZDwfnD4i4GOA6Ysg3ViKSY7Mhkh1XkE5OhIMsllZGnmyxg6jroBkFqTM491Xkxwd5h4SZ6q1hW2t_DxXd3GM1YIGAi0mnmSTYUgXEF-sliR0OqVs38HylgkL7IAV83ko7B_gXMGrZ7TmtoyCrcp1bpkaGMo9vomc4IDh69UK_YpunflWYo3I7IcwcTu8GV6RvFrH4IHb4e-OGk4hRN3WLBrQYLRPAJuFBeBSmFyDCBk-9XhtDITyLYHzYh0gvH5M7J50I989HXr576f6UqPiq1pGFjVTuiGI4W-lnJZNhGHW-ITn60jjyk4wqDqORg7Ffh4OJig2Z976PLcz6T_vYrKhQtiGCOh6nRxuLED3cvPbUleTDr1Tzc3Nlr44dcUDVqxaCQSVFgiTnYpeXt3khJ4NL4ms6liwF5DdGHeiVPiqB-1kyATTjjCdAEMmS6K_v8DZVhvfajd_LTQVkik-j0hsr0w2sHxYuAD_CSOajw6gnCRRFu-zkd96MKasWR3dE3sPZwk47Oe8FVFyM6K5C-6evd1FjkBHQ1Fu4m94GMG42J0I4GKkNT_y0VMg&cid=CAASJORoCYL9q-GeuqPYpSKZp2W8HLe70JJtPgo4MX9cBQjAd7eLaA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
762
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10546
x-xss-protection
0
server
cafe
etag
1672864604874404814
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:58:56 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 183F 		586 B
315 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqMdRCtoPD1AhjC2Ke3ATAB&v=APEucNXsgHkeC6Wyo0FOMT9ogIQXd7GXZW6Jip5zIqdGDtQGz2N2oqkZlm9VNwY_3fLBD_dXm1ge3w6obHYsXR71791r6BRqmcok4XibUIuN9yDc-loFRTOKbiNtzrHgJ_FnCxmALeQVLk6VeLdew1PHo8i5WYra_TYvaSitIqg0Sml6eoPOggE
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
294
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame E928 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite_fy2021.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8671
x-xss-protection
0
server
cafe
etag
3673595682727343497
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 04:11:30 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/ Frame E928 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:52:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29946
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Jul 2022 19:52:32 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E928 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv0cfzB0fNYTD-z9s7_A8MlGPKopuXESmRxAxl8JwlVqnBQ092GxsdIaACnnzXVpdnDZTDJvAW6b4G7QulPjT8w3Br25QxvX6SIWMbF-7Vvmp5otCPLM5Owcv75D39-M1vO3kmgLmJeBQY7x-1k-TaYuVyYrdV_VAdKfgyK4NEiL5jfsgjRq8UkM7ovpG7dfnauxwmFtEobFErs1BIy4DN_Q7zY-5pqjD_6RTwWf0WPGRf0Rj2CLzeZFT_-07Dp36obolyyLkf5h6RAh-mj6rafFHWoQRaCG3BIa05MI-Gz5AxRrGHctgi-oRKkmmkPiB7jmYqhqJDO3xPM5Tfbr_jabAIVxcn0jlKIl8zXx3kellMpr8SgLF7wHSEQXW1A0CFiO1XNvep3AX29nKIWu2ktoEGBB2IAUsbrsO0hODX4-8kcSzzF60FAK9ng654XPVFnWV0qD3_wFm8KVmPimJ2lMtQWNROfkHZ7esRKqXE6LnUMbnYbn8qn_S-OEwW70-Nbhx-rID5e0kxI0Jll412SpFiAx4c7r_ptvimQMgvYkRABxudHw0r4pBHHF1orDtcMLfQRGc4UpFFtvjiH3myFb_W6kGrxHa__Y8a_2kF5a5hQtfbgEbPDVil0pQigVUSpvO2Es8n0xpbkJplcEoMuY8ZbNQhN0YzixxQKw34ddRD-7-V36IzJsY6mwXJxSEoJGjWXMAHers2qdwlbHxOyBOPWcyZtkxHeSE28gcGEZhUHZ7ts_MKIs0Ge4GU_Pd16QFQAt62N5t2iOb-0rsP3JxSir6PgTXbcxaVRrTAjpUJ327CjfOkumEV21xmNIz8N4rZECoJmLztVEPdAGx3Xuy-8V1OpC0a0nCbkvc-cp9gPccF98WLWm-F0H4DQCONf-W41WgpZENKl3f9tgh26DDlWI-3Q9XOvmdk7GfxNpS7zVyE6HpLDuF8laoxKmo-_dOYnVMM7tKDpTlc4fd4EXhPCxkjWgTtlOTM3sDnwxcq_NYWBigoFBZXgxRKdER3JKsSXS8o6ZYWHus6tCw-cT-rspQ4Sj_Bvfx8CH4N_IXGG2V04lNI2p2sfkXKFV7CtioswuRam79ggg4M-BsSaWOx5VuNu0YE_gW9uKEJcx_9-jY5KPfYKVPHwVxqZ6vjnlrha4TEQdYS_49LKdv1F2Vr3L92hYIClE_h2IDHmnq9zDWmD&sai=AMfl-YQyTBA0PmtAHVBwOMaPxvlRpg21hHQR3cHltm6rLU5I_jXDvqVPzQAQPG2OEe_0t1wN-nQxlScDVZz-RMpENbMj2eJtrgWsJD0tp9KLatgNsisLsFTWGwS-biCX_YkEjprBC_CPChctpxP0P61YfmXngOhdkKen-fM-kPqQmHeAYZMd0CtOo4l1H9wuaLiuWcmJq7wpNPzYdKi6wPYCsi70HdmlqynL5Y-csBAQaN3s2fikhf5i0e1f94s8K9qyKzTRshQ8g_fKLObJDiczXnzy0svzDLWKNDIvipw&sig=Cg0ArKJSzFtH1qkxF00SEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220616.90963&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 23 Jun 2022 04:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E928 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 07:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73703
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 07:43:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E928 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DJml_d4VbAeo91_agrdEzSibNpAJRL6u3x9dYPsLVuzjcHyuaeeFjvI2WSFsS0yJyLkh-GqELIQ0nyZEvDv29a1oTUaagN5-jOtm83QZMoEAK2MqY
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame E928 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
855
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:57:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E928 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 04:11:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame E928 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:55:05 GMT
l
www.google.com/ads/measurement/ Frame E928 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS8MrN6X4zeS7mQDAY7VoD3uV2pteiuX3am2T8HWetitahiEzJY5sCSaY9MtkUsWBVFwn_zXsMKBS58khQ1LPAHYw2oMg
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
11882750851151370991
s0.2mdn.net/simgad/ Frame E928 		153 KB
154 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/11882750851151370991
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ed8f8cc79ae1977ae60faced3ce01f3596812b5b87782392d4046af153c3f58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 18 Jun 2022 13:18:09 GMT
x-content-type-options
nosniff
age
399210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
157042
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 04:29:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 18 Jun 2023 13:18:09 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B983 		500 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COmWlQEQ-OyukgMYs7aCzQEwAQ&v=APEucNUCPRBtIInIVeWtTYdsWHQp6n0cI5ZiFYokJQ5pogEo_O9DlZVqEGFliWMjKJI7a6mKwCY3jdwXkkuZv0iNMos9mWZWiiR9fY4fiP-JtuDRtRWDIMFVEFy1kNYVMaRwK58SixUBIaNav3DnQ5HCoHx_3bbV4fiCulfYipiC0qDm-Hl9a3o
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aedf3dff6e3596bea2ed1f9bb489aca220ac62eb0f0eb2ec34306f215388a1c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
299
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame ABAD 		56 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9FZxHlzhbx1ANcimr7igpFGFpSu43Ga6HSLNJuQOKzuFHCGouktpZGG1L1bFeFZmZ_Bb1droal1pTtM55IovyA8eQ1pjLoGQqTWkcLstqQscitO2yR71nwzixVlFj8HYFxhtrh2nrT-Ykx0SzRK__1v7SWA&dbm_d=AKAmf-CdV8CrCcdUvr9wEnF9LoGgV71z03Q4XhTXzukSviRkB3qeMb7xdTdZ20oOa7LitIBkPtm6Ixwz2znxHr2sD3OngJDZ9AUKMACIdv1L-gL9hdXsW7Ljv96eBUuB1IB2BHj6QmwgoTF_jko5LmlLOirS08B8CfQCGNYMGtNSFxpEL9Le9Ku6IQbQnCpKaj9e5XeXRP1tbShTa2D2EeKz-ZEvZ2F9Y0o213hLfqaO3XvgooWHLrPwoZTDzDlVfxscIlbEMC1n7sbzstfPoOX21jbxdueRe-3txWJI8opMh7Ed6fcWzjrnvNT9fO37otg-D4HRoKHeZekWkJb1Xj1YDBu3lSF0-y6Fu2zavqPZlgx7Q4W5qOCzzaCus5nZpFlhopvEg8vfnMJXXexCQY3cJC1uBJkGQ3DWkTKETLIeYJVshI4ruKJyNIueCfB55CEGkvHCFwArXOfu4FJcjuJOe_l-vw65a3MFhRMyFyp6vtPcNJLl3KDxWE2V5o8Yiz4VfxnOz492u1CUgJk5lzCez2Zr5Ip_V6i3nWJCTCWu9h-WoAsdmuFKWD4kv7rJPS3BAcSrr9frf--G_KIumNDPfNtvMOF8Raw7iAYHqAHvrhkQdcj5eb_kDJ1kRhoyFlqvfLhJBfUzbv3dhS6u-TU1IPyC1am26NjvKtjFldtjlimDDyse2IfpTojLKoAYRtUQbr62mMFUZSOf9X648yMRgXSNxV1-8qKzw6eVi2hlpsc5hqvc8hPl4o6xBle2bxRIaRyP_lTFL8H5mkzQqn0IQLviLuFE53GKdSKoi-xz10c6L1LPLOUWj7vRrg_10mHVIdt36nRq3EG-VWUqQLr7_108W1zrWDQ0KniDqA8nvKNMmm1I0_oZdULSDeE-Rf5BLy1qpVs3TwXZTGhL41k2k-hh1ZvuLf__E8nHfURpm94rLMFkwnzadO3uluEFZrgxD-y4-BP8r5oU8yTKCLduJGCDc3kjjtOuJvMpfJjNVGw-DB1GuN9RKmG_XE13ZmIoUn7thWNaDvnnOr0y4DWcAw2piY60-8xyj-Y_8l2jrXxoKAuufAGCpKyRWNN5Q_tWlJAsWAlrgi8fVcSBiUhIxqgYPjOw9Ih-9G9FCIpjif8WDugMp1cFqvK05JvMFroCIlJ7_LBvb-1bvu_zDer4Pfi_PDbMnkoEAF7bc62BpF0aq_FKuDtF8aS7GuyttuZfQIODrpy6dQTaorRfjEipk5nnSct2KNri_JmTcTsfd_VExOIAZIOpaAtweoWnOoDFNHeRUG8BBW9DsFR4qZUEmuteOMHl31lgEiU-ovom2fOtMGKkYIvaotEGFaWprp4hcMEpT5_302cmSwRilI9bTw8MzExNNQHwIfJcKtUXfhNIPZeu-TMp0NNMm8uynRrFNa4nPkpIP4gwmq2JRcm_gWNrmpsBaKiJkMF6Gp-8noJAgaK9dsUk0-9REjCSjMLDM7J8waJOpoRcjLcCH5rQInK9buy8Oci7AF8fSj6w5VdTlJ7f__scas_iWVL-eR07O7T16KcQNN19TBScaS8M28INwOQ2jJzEY9dR5lRamaKedJPzH2Ffk57Cb-iAfoXcnPQGCgzJ2FS4QRtU8TZLMxCEzQ49FZq-XzFOUjpF3iCqz2CtQdOkdS4xgYkItckSD3xA397Fo3I_37W9GQCE1qBqkMPdkm36e2MK_Fo6NZ1lY6BltDKuiNhrnI2aWeYJ_onKq9Qo47jRzv3E-lsGy-Apw6Yz2uwjHVbrIe4u31wfQFOj-aBm08t_vTCO5lHLj5tFLckw_a7cxniaLogUSVNnAy-KStQ48C2TfIcvrbsyPKuJrLCBHBw_dMEfKG6nZKUxep9vPbQj1kKPifE5Wkr3joauNJcSmhFqiZ24Wy_VyELFeJfVx6tcVJW-CYVVeSE5ZgCDNlGg0fuUZbOt3HEUHPdMDz0oGY-Off3jqqJW6qFyYI-1K8XtjeUmIU--gDPFo91TKsjW0cRnzSPtHgKyyHQyKTB7uV_o4b21xB2atg1kwTF-RMTG4tri4tj6WwG_tGTlQ0UhVxgvwZgrJdSNajgiK-K6mw0sO-nu0-KgyY6qPG99FVZO_HNu5PeUZeb7rAIUD53gHrtoys2wxSXBECVyAvVPx23q_TGdHAp0eQzpnOKfk2-0xq3KIrl2zFjs912UJSMfOrSQb6NPwZ1PGf8gqRdMLp2nevPovtUUHqDihjWQbzRR0spuZpGojreq8qnWmrQXI2Gub1H3dsWj0ixMC3T3d2NVVluNsldomlVk2afbb4bVxkR_Kwrkz0aBTzazROeAhAHxagy6MWqPXxKt2ZeLej44uAVVVBh9QWC7W-Ks7b-FTIp-OSGZJV0Lng74-Ek7ytJYwWKWKBTlkQTlWTud0qyTxCYRR_jycWExHCOcY2-d15J4V7WFVsXsCI_iUcCiDwsMvmBch1oeFiirOXkAySmcnvwgazNcErepNfEK8ai6lGbmmAaU0BwGDMYIiQNu08MmIGctFPkHsT-j2MQKGoxkjtO-jEQ0ue8dyJ9P1KhuITPzXaqzUC0VHxmZiBM_PkF9rbjvs0bBsfX-Ntz4mkuKo3BjqU3yaP9juPJPk_oYKTSLc189qUJOPnb3HZ2aTOq8Q1RIkiNrK5Zn6zSJimx1KtfwoaJYS_GqLs7VjgkkQHSfdD-zF3WqLN27JyIFew8GSDqEQrnAdUWOJv8TV0PvvXLeHxa2qT6333dhMSVN1ToUfn80xfQCul29bXvMRg4OC1_-AJ8pRyUykI-P_lRcvpLAO7JhOz_nni0eKhTc7N9ViwteedmEcgPIuA35tfYUoeNnr0UHNDA5FZIJ5WqdH8T8oLZlVVe8APtCM37Jg7VT5WJGTEgnWdkvSO7QwC3DdFf_yCfRdMdngllDXlClseUHeLZnLBNjV4L67-_AwpmkwwzFkbX1mTfDilUICdulFP3eqT-N3pwsjcsY6MDFsASGwzWiH37OGfNEDoiqBjWbnOdYCmNzDKRaaWGfrSpSZZCGT_7pAyMsHTtDKV55sFM7J6QuGK1NlzMCbYXElN-hO1QG3uCRewX-s4Nk6XUI1Y0CPeWZvBeiOW1OID8CB4xrN3vF3XaSee-1EMBV4vyISiLtxL5xu2ZgjEgJi21hkan5N3Gcr9oIiW3Zaip-jHOsFiYpCt6ZgeF6NCLvaFLNCa3S-ybpgivYn0qOsSK9__ns6nd_y-RvyLi4K_cwaYZn1QNW89lRNNGyhx_G6RSI0VVMJeIwQOJnXZpcivYxqSo572H-VzX2VY0FqLjL0xedpvViAa-sNyOgyB4n85pRU0-WZ9z0AJzIAP5d-ZTyghXF47YebGlgo3GPnprHvBxo0-drvNdjlucRo0TbuNgTFhOD6NNV6Lvguhu3abmuNM49Xd_xIk5bsuGlSaFypTkpAdk2tCQ0RVKTTWYjjZPV5BJk1fi9AZTi_gScKFW2P7KtNDhjTzgzm97xAxfmHTHOA1XjdRj5PPFqlngcXRZ63TWtbKC86JmJl6xU5DkWXR3fkau12pt8sQ&cid=CAASJORop1xjPDgOwfBoLrhYwgAoorzAZWPbYVQkH33J9G9S-shAWA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc8245ccbb62b28ad7022cad9c2aa7007e3b90bc256e4bcb01b748d056d245e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27087
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame ABAD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BQDtSFkSIsGTxdDVcqiwUm5S-kSo2mlphRchJDyMP6dxJNeCXIFu9cBnMXf4h5Y8F8Dv-s88Kb67WCk-SlDO7qcIgF5FPGcdw6ccsgXQ0XDjRLbrA
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame ABAD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:57:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ABAD 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 04:11:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame ABAD 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:55:05 GMT
l
www.google.com/ads/measurement/ Frame ABAD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRhDGFqp9cQ8vDNY9ES3VyiftyinkQCrS3DdzbRGXz3ciJTd6-lLWLjXBEVSAHWHZwHbcaJlbyS92EiL68m79n4eExsKw
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 6C2E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 07:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 07:43:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C7ED 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
80275
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 23 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6C2E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
31ade8e775fbbba3335212758da01e3d870c3d1b60685463a2ebdfaf621f767f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame E89A 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjepwIQ67KGuwIY8NGJqgEwAQ&v=APEucNWaPlkpWoPsrPFjCCkQp4yXNSxU2WKjkqhgFlZYw0i3bSO6rxIA7Y8ItTZ_6wr_z5jKcx5-ZIdj2w1AHrUpzG3Lmctuo5ZiLzok3wchGfWO5WHhVegWhzPAaAJe1jo3xUL1cA17eyQEgRUAGzSKpZpeQQNAOPR7kET0KaP9n4ZqFwvz9wo
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame F936 		14 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ag9A5438HQTBNLXE6oJ9_G3XZiNodCH0OVOmZi_2WSSbqaaO5ejgxCOqyfBg41HlcrXeFQzQb2o6Q-RvhBTlb9VPcTgcMh2idxD_yN2UKfVH8cA2dRLUGkHyG_3flQfO1zcrnQ2yHFmgSYwYmKuv942kPylg&cry=1&dbm_d=AKAmf-CSmK2YWgBQMJzjSZ6bSUxoN92Gzi2wgBEW_EBnw3MuKa7OIJ87yDUghzr_KS7aiGEGbd25cI3uPDAMXKnqEuygLcb3SD0kGUH50CizfY_L6An3rvrRG9Ln2E1P6ybgO2lbjFft2v7OCAttyWH75D6OVvVmzrLeLXV6ntw-HAe7Cdo5vMkKlFw543Do2LpA_uLjjYcdSmYRqfQumK20_PlagxGoKTlrDDpGum_rD7WOo-XoOPPltDDPjrPAE1KxBBUwJLYtrj0C7QLh9WASEHanLuFXbIBmW1CyBVh_HepOWqzL1uFZasaxrNVTpn_CA1jtpoPyRzxDc6kC-PGbHPcPMAwgribT30B24fVoEX0jEREEYQSOqKsVkl04dIUupo1Uqh3erJllg1oBHszrxpDZ-TsR7BLmyOi0yl25LBdMfz-1i0SOC9dtabYUecZxe3L1inkXxqCtFTzRVsDh61KlaSWGLRuSpF4Q7_Ngj79O6Hf3XdYoeO2E9xYNLYdQhPraoAzjJEhNLDMeXUqcaaUfCgjWhqRHCxKPdNU2fuFGqbqjIj_2AgvVtO_pnNp6oscyQlcyAyNqcQENaXH7wyeAm9sC92kSAUTiMYUFxB7UStY4zfeBuPu-kb6mIvUR8MRZI0d3YNvMW0iSorW6r6rbKNGkfTBsaPO5ow4D-Ce-BGZh84v1EvMBzwm5knmWR3Zpm448BSOmtW1EBHOgHaKY5EXlaDLBUaxCV_ZWD18xzvUmD8JLNfG_O4MNOe0R_sjs-60PXMWxAp6Cs1NLOZZaxBm_dtyYSd2MdnqGAK7MNANAvihOVnkn8EEC7q5R2LuapC21Iv1jKzQAF4N0WreTyKnUL9WaVYOY7-0IMGpwCr8T1H4ejAsxbrzHy1Wbzz92BJjIC17D9zVZmtTXbWnuPHB1IPfy4JIA2Pq2Zs227sNaxoqEJ0SMhEZ08x2Mfy3eq45jSWlONUYKcixQgArBrfgwjIaLUd-XMOqR0fmYQBfoZbcgiaFaTgHFNtyDkT4L4aRwjKwy4Wi_3J-mW8K4_jf-iWM-n-K-mcpq7_1D4KdSoBnFdrL7crk7QQI5YJd5sfN_UfO7mcN4zobLKN8mepzf0tNG9tyyPtQIPwlPiFguxTiM3dytIPJs1wX6PQHlKrz9VeOzPp9WcftLzBmGZ2nCk2vtNTW_wHUyQ33pDKHmLkunpS13n6pwwYbPO6v3Me5-8t8WDDsnDU-KZ8o_RrDGfyJyf94FgwPh35Fl64hIKO7E2Zrz53kgPqfhZ4ptJKeJNxRMZ87oIbQRTVmldZ-Rz1L6NqAXQeYv5YfbVaB8JiwA9DWGfCD2VEP1cotJDw5W6JwPf8D88J3QjFNjne1hSOJJcSRIHtvMtpdaVb6h-Lf9Pjxb9ybjVzenIykS0D0_DPr6rbFXoIpxuk-ff2glGiBMOV-F1y6GFajdLC9gj5UJ-X-ZJ1Vi8oGp7hkIjAhxrxA7WFoi5nFHeSVXI-mFjahOJ9tKryghpUznAXDd_SbZxU8IZvXnK5R6LXm79wDWpJXgQ940YHQzt8Lsuzv2k3dHclF7DfJShu5M41_pSYRaE6yFxrUNF3uW5xDH6X5vcwImXnXVE-CMtff8rYLFIoWN8YnQIn-mzcVNE2uz4IAmwY6x31nVb3wwLUzWnRPrZgj-5aoKFcQRgTEmPDRO9mIQrqzCbQO4OcyiyWAzBxoAT74TDIpjf-OCyOnqZA9M8uxGKPf_piK-GtkvM17Im1qRnqTHJlEADLhol-IxltwS6juKTf5YHbSHEnal2ZAKBRsrxtjVR61YR6PvXfe-RfyjL49SR0zHtRP-awEgcaYBfNIkLyUF6uhFHHFOO6XE_wq731jfcmLBX1GQdxIT5-llF2qD48xUFaz9-aemSIcm8XgQfogsEQ_KXfGgyKN6SRIU_xrd5_SLe8nVMh3eceOZuj7JDBfm87q41QLv5Y9uxuo67QdTpuo2nsbpou_UVodS7oH1ut-12Ddrj8RrY3n7ueRSuXn5G0Fr1TWUAECv3pSkZFopaUWz7Zr0UyYeyqFVOY7T40pZ2_Oi1x4lFd6hvjO5jnYMtIROZlxSn86s1WlSwwLAG6MoW2EieYH6TlBfgFZ_kOyqh2V-ECIlOF4VypDuehSb3bS0UoNYZheHAGtoEj4qx-uCGn1ub8KYi06p9t_SyUtYRhQx29V9-5l2tICHdaFotFeIYOFuS96JbTepKPvgGTyPL7xwZydFsA7haB5aC69QVApIJ95HlSjMnBfK_dc-_kyslxhniYU2pNTnB8VTQkt8B0IfuyS3vFg0s2kl3XXDL_Y4JA0zMOuLscO-lwJCE4g3yQv-M1Xxqdvjn5tRRz5gg8_EOwnFDlQMMHXK1ZSqkzdJKbjb6IepxgmCobhDBaSN0YqWIZ1hxkFsDjDr7tZAiGgr7TE1TC19jV_PitXxlDQuBE0sJQVgyVEGBggxyIIP2I5-R8FViu4yxivu0qox2O-stuKhy8Cnwp1qOS71TCFOQJxxjoWXCxtCqAXReKsKN9xiEoiXALkcsVHZuxdt-UIUE1K-DLkhR12NosB_o6QD-p7jK-bm95UAOMapPn7bToFZBVWd0fepXnGa-eBw9nBXtQrr&cid=CAASJORoXm2tJ01_c3Ipmdy_nv68U0YQvZ1kgob6MGDhtwHWO86jaw&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4470fa917cfa4ddadb982f708d0c54d9ad989609716343dd2f35ca351422d6c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10656
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F936 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AC04HQOlidQ4Y47U1jSwbgMRciE_hyUwfY6bexi3YPkcEWuX1GprJBgkoMLI2g67opJOJ5fX3TR-ZevqpXJe5tmtJyAdpruL_Ig31-78dVd1Ad_zc
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame F936 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:57:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F936 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 04:11:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame F936 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:55:05 GMT
l
www.google.com/ads/measurement/ Frame F936 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwHywoP-VerYbLnF1PCazwYKm9BxqlWO0KwysYANc8J3Ui2xRP-rMTs9KeC0zWHsv6eFyKwwoNjZo0l7_u9JUDUdrm5g
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 2AC3 		240 B
190 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGJe-ha8BMAE&v=APEucNVnGGakuVFr7slTTVzYzyZZPF3UjXYNFp2hFO0oGO9kcQ4b7HhuT-EFadNFRAe5UktrLhJq6pviuuqfMrrzKJFb_prZkjwyJvGb3cZZVYw73G7u3qhaXFvpO6xERtMPgDViOjbUl3obwKikg14k_OvoRZrHP-tlufdsRjTXfaJ3iz8ywdI3CPeC7N4oF7-6z2DcaOGu
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c83a0aa34db53034150f203e727698bfe2535ef3f4cffd3f03ef9ea988960e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
169
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame CC44 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuW-GfQi_yELlPxNxbaKEf1TmxtQ3fmkdX7I3Fvn4mgrz7bAiMXN48kfvrcArT5sDao3gmgAtPSFDvdDtLrpYShoXds_6fe5TM-_znmDZYq_g3GSpCeKGtiV7E6Y39q6D-4FHf82aoeaif1tZjSfqvRbuNJQ&dbm_d=AKAmf-DoNMIe_1EvdBh3HNsqCGAKgxB2q4ygUC2SudY0-19qk3AqfrIj4AEWePmJDXw-e8jap5W8yGOJ_IXh81PnAINVBQL1FiZvWZtT8u2WlyjnRwNu3JycZOzLJrTERrizhd7QDM3DevkhaPK4a-4DFubINk4vFde079E-8tiF3wnRmrbKn7p5PzNaJRyWYWobCoVzDeL33wFrtkMW0Z8adCgJ8HynIdWuTj0zwcG_58Mj96Eb4ngrgr90Tkvg7q8T4VHhXzSEwLxSlHbywexEv-Wc1mEEJRSTRHH6eWlt5WAQ26b99ozymzvyAXXOf4OKksugpvHHa9-hztUcga-bmE2emlOvrhGPLjLVQ8AZb3EwVx651ddNDgU6eWCMqUgiLr058wgI7jWcuvCr5qT2zgu7Rt-RnCYJ2F8CKrtUJ742WvEWwCLsOpUvkx02s5rfeBRxXKnN0KX_ICJI7FCzUxDjThuAF6VyoD7F5NA_Nd2q1JqXUbqel0jbH4xUDSvhwSKzjuENBTww62g9eS6kXJ-coHkWj-TtnJZAAXVOPVCnb3IAkDZm4kytZW8UXHBf8WuDOE8Kr6weB4Soqq6JVORJ-usihZKBp1NEZ8jUEPF90f3c-lw_UQ4ekB4S7yOudtxmAk_hdPWvRH1tCu27GYVjenZXsZeXDMaj3ebWo0zCx8VfM3yrtYo8X5gK65cN5Uv0-LoQwbVLR-CXVHwpqjeZYoHbyjGw10JuedxyXs0do5L_nm1uIixuOZ9JxEFm3Zn09g18eS8iKnuUzCH3E1sp2naa07hXk-OhsZrK7sVrUDqBbHf6dMfbsrOWmc2gT5QZKNidQBIv5V8AyLkqW_YKF45PyVofcJrzQ8ccCJIyaBzLBswad4lah-BeATSU2-geYfauwVzgxNNj-bew6MSnoqlPd4Ibcq0LdSNeK9hWXeSnZB1veYNIN2wz28OuyVTCEO2hRS_wU5bAnJFA2cze5vdFu5pk8FVdDYxs_UPOxPo5-dTJ-zFbnLWhJ2hd8u6isNfGw1JfPN_Rd4dgeXeDDpbZTHoNxPFm2PBs-n-PEkBQvImybuwCknVTh53QyTniB18Oa10noo5dHGp_tMGoHPAD7YJ4Kj3OYFvMtuBqZxVy_9NrsEhFuD9nMVU4LfZY44LqFUPEouTX6OjGbIj2x_MRSuiyHjaM1LV6HtCEltV6GQP3zehquh_gAZLbvdLfuk1J5vY1QggYW2v3z3Ko5gUOLictD3NSzk1RMtVTZtHq9xIctGr0End11QciqEgBTnruhKpXE_HbMdS4JadrwzyB4CxlCSn8UgNT7q5YMCyR_R_XJNGIZ5uwI5FSO-aL7lWHq-WaJ8zbkZfotNKHw2LldZNeWAZ0wvsXWaZ0Unh4d7Cy0Crm7odrcJyt3aoAKf2T81dP0aRKfHLpZ7F4b4zi3nDUAvkNtHpO1cFtg4ohEOWqdsyRIyOqoIsnMZxkCK1hu1ZNpqgeH5_vvqukpx_syAhL9nGqUEs9Oi4Sj3g6GMy6INPQlyyV6f7-N63BOnOySOsI2RfWbHjN9imcmXqIgVKf7PLHQRa-u1mgoviay6PceJDWtK1s-f_k1KtNmRXHtVY5fNL0xrp-aotZ7tNRrn7KLbfnmH8ttYEHhnftTfV1FdIG_3BWVhw3y21GNo93fdnOJMmVoqmT5dkNp5We-Bng9XDVPGcLwjnQfAaGqVFPxClc5uUnPB_t3vgKaby86uRm0-NhhAIe9Fu2gNVykhuitt_wlwknLz7ddVKYYGKUKDue-swZwX90g6XfhoQ4374qnsPsPtTgRoVZssmVao6p_YVon3kLx2B7gt8Re2gSCYgc1zCqo9ZAt8ybBdcpuldr0CgszBB1t0reVFI3-0pEwmB3nZNfJosiXM0AjKYmY2ErhCQya5AI-3MyhVAow0YfaGRFnofDK1h5Z2oCJaSv5lYOhS1W0RgpkQBN034t3iO9eGZKppp18pjfoMstR6AeO-FCvQaOc0mJBizITVCjj-MqLDqLmTLB2igf8uFfoHytThU_DEJWBqhgyHCsAp2j2pAmzC9lPt4EsUdQw1IQPwKSKEXOUYJQoHteSeqrI2KDOf_AlehgpYrohRw3TbS6FOyIi7mbsHPETLuqA0-JZmL35gBHl56JpkDb8q5degYwAj0BW74IqMHoEyaLzhVduT5Qytck5sQAml6R8YCr7iuuNzpRZjownRGu6P4ofXEJhSDlZA6ClERDQkcX6eCsZUnTLXNFO0QYI5mAJhqR5NaOJ-6RuID5FLepqXh8QRJXacYKCpFBE21Z9P4sh04dvb1s_PgHDy6GqI8SrlEeoZ2vlDDEThNbz7_8dpESKDIDMPuXgTz83r30CfSQSSUL3g66SqpTcAON5EIlbkBMCjZx9PTGVl859_SAA6BwwZ7XK4sc-10muKZpM0lttZhB091DkyfzozhDorut1N1bDlbKXJw2HlYcMqLNA6bWYaNwDC36rTlhJ8FB-ayj2mzRyAWBDuQViNpfEdEi9arkJXbiYfxhXKB4moC7WkpWcS0sEsT6N_7cAtxtKmsawTxEMx-cgVYirhg7xBj9jHtc6VA4RaBB0WywnYZKLYqCbpaRdi_iP9KqUJNVJ3HxVeQwtg4dycPTo5mjecbTLIxDGd1eFfxFVBSA_y9Aa16fG64RkCVvKKqKJvMe2jKJA1D9lSvvh18M9_J06OPLcNeB9gB0isVJwzF0ESxFMdTpPaRVvHI1wtVcA9RsGnPpyzFRxpmy1NroBsTJX5yyUdUpHH-KI8fFF0AQdlFzuwcVRNKB9w7P-a0t_yr4nuFba8nD4uCKBUMxjuBVtnbLCclhachVslfHMh6VjxJzARrq1AHV9WVt8MRfHBUGwsFsgSpVfVV8SrvhT2uexbDwX_rVhS84LObdxCDpUqWbu9-FPz0dD975CKjRlkRpaqk3pNts5kr3v3KsIBXPBKeT0JKxJB5rjm-Sp0c-cil_4cnTdi_DJZPAX6Ml7vdjyeCHqsrRESrEfnNbiHZSpJe0ubaoEuo0NduMa6HH9yu-2RuaUSnw7XO0Y0C4JEbxmx2IR8wTCZiHU8RyvMjlTq_SqVE_g_p801tKybdebS7AJvtNgH_iISKz6_E90cJcrFnaUDTUAa05Pq9cPA_poVAb-IbJ5Mgh89l-VCgSVoahbQrwHEXzPXw7wVCucpXyPrtFCD3UiIl5lRvX9-qRgKUakibYIWaKY5v97emvuIGGbQ9Fooh5GWkpJdBRPpOTUyBCn4V2S1FfF92-_eBYSaslH5ciPPQfGzcIE1xmVuoKxue_7qYbaMSqa481kEUZw9i-B6k1YILvfihnh8r_UdA08kvxHf_xWqGI-HP3BQu0IcTfu3DJtM-xa0VZ5LR5qiezdT8z6oHHhQZ8qMKeJa5SIchc_tYhmv10WcjpW3LgZ2He39RQ0dJW0bMKLclH3Wd-LW_w5OklqAhcUYEfPbKdpRHnRvySPYMZP6mM9IC3Ugjt6F1O068Y-gyqk5yTodj93oY3TmmY6Qn3Wm752xw28w&cid=CAASJORoY188lSbBWiGs1rEBiuA2Lw1qhLpuWOmYB2L8E7jU2LBrcw&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ad6a1a81b684582f4df2c0b966cdce7c6ebb1b510d2d697563c6800a99706f78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33064
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CC44 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BlSRs4Gm0GpmsNLBD0CyVZ5g6tmdrEb5jt8CrV8vXm_AJpOTuzOLr-1e_QADEM3iabcO1Ta9lPt-kd4FsRTMdTaxk9Aamibhueq3RIIPvQmtjvltk
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame CC44 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:57:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CC44 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 04:11:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame CC44 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:55:05 GMT
l
www.google.com/ads/measurement/ Frame CC44 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNT-eCV-0pyA7gLcCs95QNsLAms1INV18YYFEbZP-BWpm14uSh0qQ9m5wXysNTc15Kf6Nax-UG9T9jXmwrrZGPIY-exw
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0BDF 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
73674
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 07:43:45 GMT
expires
Thu, 22 Jun 2023 07:43:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A546 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 07:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 07:43:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 20F4 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
80275
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 23 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
partner
sync.search.spotxchange.com/ Frame 183F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOApRhzW2mRyv8Wi3OJwCew&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOApRhzW2mRyv8Wi3OJwCew&google_cver=1&__user_check__=1&sync_id=949d61d7-f2aa-11ec-b624-194044dd0406
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEOApRhzW2mRyv8Wi3OJwCew&google_cver=1&__user_check__=1&sync_id=949d61d7-f2aa-11ec-b624-194044dd0406
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqMdRCtoPD1AhjC2Ke3ATAB&v=APEucNXsgHkeC6Wyo0FOMT9ogIQXd7GXZW6Jip5zIqdGDtQGz2N2oqkZlm9VNwY_3fLBD_dXm1ge3w6obHYsXR71791r6BRqmcok4XibUIuN9yDc-loFRTOKbiNtzrHgJ_FnCxmALeQVLk6VeLdew1PHo8i5WYra_TYvaSitIqg0Sml6eoPOggE
Protocol
HTTP/1.1
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 23 Jun 2022 04:11:39 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
45
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 23 Jun 2022 04:11:39 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEOApRhzW2mRyv8Wi3OJwCew&google_cver=1&__user_check__=1&sync_id=949d61d7-f2aa-11ec-b624-194044dd0406
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
88
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 183F
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTQ5MGY1NGQtZjJhYS0xMWVjLWJkM2ItMTQ2ODRhM2EwMzA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTQ5MGY1NGQtZjJhYS0xMWVjLWJkM2ItMTQ2ODRhM2EwMzA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqMdRCtoPD1AhjC2Ke3ATAB&v=APEucNXsgHkeC6Wyo0FOMT9ogIQXd7GXZW6Jip5zIqdGDtQGz2N2oqkZlm9VNwY_3fLBD_dXm1ge3w6obHYsXR71791r6BRqmcok4XibUIuN9yDc-loFRTOKbiNtzrHgJ_FnCxmALeQVLk6VeLdew1PHo8i5WYra_TYvaSitIqg0Sml6eoPOggE
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 23 Jun 2022 04:11:39 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OTQ5MGY1NGQtZjJhYS0xMWVjLWJkM2ItMTQ2ODRhM2EwMzA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
112
Connection
keep-alive
Content-Length
0
sync
ups.analytics.yahoo.com/ups/55946/ Frame 183F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEK4NqMtMWle-qH61eyHycGM&_origin=1&google_cver=1
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEK4NqMtMWle-qH61eyHycGM&_origin=1&google_cver=1
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEK4NqMtMWle-qH61eyHycGM&_origin=1&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqMdRCtoPD1AhjC2Ke3ATAB&v=APEucNXsgHkeC6Wyo0FOMT9ogIQXd7GXZW6Jip5zIqdGDtQGz2N2oqkZlm9VNwY_3fLBD_dXm1ge3w6obHYsXR71791r6BRqmcok4XibUIuN9yDc-loFRTOKbiNtzrHgJ_FnCxmALeQVLk6VeLdew1PHo8i5WYra_TYvaSitIqg0Sml6eoPOggE
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEK4NqMtMWle-qH61eyHycGM&_origin=1&google_cver=1
date
Thu, 23 Jun 2022 04:11:39 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ups.analytics.yahoo.com/ups/55946/ Frame 183F
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMqMdRCtoPD1AhjC2Ke3ATAB&v=APEucNXsgHkeC6Wyo0FOMT9ogIQXd7GXZW6Jip5zIqdGDtQGz2N2oqkZlm9VNwY_3fLBD_dXm1ge3w6obHYsXR71791r6BRqmcok4XibUIuN9yDc-loFRTOKbiNtzrHgJ_FnCxmALeQVLk6VeLdew1PHo8i5WYra_TYvaSitIqg0Sml6eoPOggE
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true
date
Thu, 23 Jun 2022 04:11:39 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
truncated
/ Frame A546 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
209396ca86ddb4c4613c6c6b5ce2b5ea9d7c979b6e10d78cfc2b55f70bd0c230

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 489A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
80275
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 23 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/12702559889867613319/ Frame 2E04 		105 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8698e0af340a8d0d5fcb29c4926c8a0fa99ec23afac95d7aa3c3ab95ed546ca0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
576383
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22371
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 12:05:16 GMT
expires
Fri, 16 Jun 2023 12:05:16 GMT
last-modified
Wed, 08 Dec 2021 14:13:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 6C2E 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnsQ74UuhhhocI_Sm3xSp24n-8lZ6FweEYa6gdn2FZzNUqcbHfp91rwsuVxRDs66eIog1bkdBwhVooG690xJacCM_PlMBnF-pkuKnQyDqgZIhLanSZYcpLF7XUYp0BA7iK4_fl2Fz_1a8H5LtTGXl0lOnvIWpgVcT7JlIY6_R_RnwKUStABi7YHd6Z4Y5IyvZLInTU0vZZVDxlcD3v5aJ0dB6oRa-vttykuKjy5FJTBNCpC87QmXK6ESjhNd2MlStZUoQFPoDgq4XyPDQfKejr-6jxFO8cELer7xP8WjhHzXSxr94v2JbmOKN6s1iHlVcR4yNhpsvRb9y7miYqbVjhs8nH3lz6-z9rCKqDjmYsv-ow-gXAyiXlhvsQdwvmOCadSiFHkGjxQ0vH5EJ9BQ749PbJBYL5ygCxQuJTs8DFBiTPNVrLDUAjYlH2RHIyazcKF_EUfCUQCNkv7MGj-O3C5ygnQn9bIeJpLlOSyjGTtQsIfpZhb0_7Z5eFvW6wR_FU8kxF5C6QxzJXImy-W8IQxxBYNod4mSllt20Gn4p3tqgsIZTphSl04iIr_tmWmccq6w3LA2ST70hLkMAuFyLO83S3gr4tGxgRjb5fbLEez7-SHeW85V8ZkWh-hsGmpxJIlfZIrW0CMfyMmn1xirlD9L3LHED-HhjGh_-5osG04Cyk_XtXRKNysl_k18onyuRZlD-94sY3_BH7e99QxrjLE6Q_E6Q-jPEdrQzHCtDr37ILLeNXV4a7nYiImUcGSnM-NTwUDKenADm6ffTNazEktAEkwnaXRKRPWH7448qNGvEArCXuB3p1_gnvRnEpUUhQzdcV3Dd8ci-iCDlsIUjAlF2VQpIBj2HvfwTZu-yglUO0omy4So68xQ6wq4I2K5kwjsCJIUIkZmsOslErK12m1spC8tlwGnO5pM1bU9Jumx8cZVjeknYR3U95bGPCq_NYV3dFhbOTLMv8yehNnNIguvtYNz5ZW6bznB0ZG3lGgFisSJtnACFqOmqSvCWUZuq-PFk06_wM5Gb9BHCPYyjAwwfiWIX4hq2dl65sZjzuq---KRMLkCsUKpMh39t2e-j2_uuefLo1LJN4_1kaX8hNfpUmlF1_uWRhejdQqxYtpZ_8Jxjdl8OSQ0dxubOKXoOnFSwWyqIhCGgomGHjlE3zgCLX&sai=AMfl-YQlFBOpB9XNj8HcGm_XtBgDi9eJIIWD9Yj_EKNlBXZ8OZbIEdFusAjvy5G0wAguZdodEqRemK5tlXAdryk56Pk7JUIRTJQXxXhIY7E0dK2c9EKa5dQwjAcgF_peuLD6qe0Yofou1kkYVCVSQ-PXdXX_8umueISwOoQLPpsypKrjDnp6mKdIylvW-gT6Ednin3cAlUM_0Z2j51b9_vcUahtGHCSr9IP820fSg0-skBc4&sig=Cg0ArKJSzE314FMR6GqSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=277&cbvp=1&cstd=274&cisv=r20220616.50271&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 23 Jun 2022 04:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3699 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
73674
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 07:43:45 GMT
expires
Thu, 22 Jun 2023 07:43:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame B983
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1oU2V5cURoRTJ1RS5ObVZQUG9iSFFCeUh4NjR6OTBPR35B
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1oU2V5cURoRTJ1RS5ObVZQUG9iSFFCeUh4NjR6OTBPR35B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmWlQEQ-OyukgMYs7aCzQEwAQ&v=APEucNUCPRBtIInIVeWtTYdsWHQp6n0cI5ZiFYokJQ5pogEo_O9DlZVqEGFliWMjKJI7a6mKwCY3jdwXkkuZv0iNMos9mWZWiiR9fY4fiP-JtuDRtRWDIMFVEFy1kNYVMaRwK58SixUBIaNav3DnQ5HCoHx_3bbV4fiCulfYipiC0qDm-Hl9a3o
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1oU2V5cURoRTJ1RS5ObVZQUG9iSFFCeUh4NjR6OTBPR35B
date
Thu, 23 Jun 2022 04:11:39 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
rtb-csync.smartadserver.com/redir/ Frame B983
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEINus46PeXjGoC2eF0xyl3I&google_cver=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEINus46PeXjGoC2eF0xyl3I&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmWlQEQ-OyukgMYs7aCzQEwAQ&v=APEucNUCPRBtIInIVeWtTYdsWHQp6n0cI5ZiFYokJQ5pogEo_O9DlZVqEGFliWMjKJI7a6mKwCY3jdwXkkuZv0iNMos9mWZWiiR9fY4fiP-JtuDRtRWDIMFVEFy1kNYVMaRwK58SixUBIaNav3DnQ5HCoHx_3bbV4fiCulfYipiC0qDm-Hl9a3o
Protocol
HTTP/1.1
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEINus46PeXjGoC2eF0xyl3I&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame B983 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COmWlQEQ-OyukgMYs7aCzQEwAQ&v=APEucNUCPRBtIInIVeWtTYdsWHQp6n0cI5ZiFYokJQ5pogEo_O9DlZVqEGFliWMjKJI7a6mKwCY3jdwXkkuZv0iNMos9mWZWiiR9fY4fiP-JtuDRtRWDIMFVEFy1kNYVMaRwK58SixUBIaNav3DnQ5HCoHx_3bbV4fiCulfYipiC0qDm-Hl9a3o
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
transfer-encoding
chunked
content-type
image/gif
truncated
/ Frame E928 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
52fc04e1403e348f74c9e65c65278bab2bfeccc48a618c6d77252e957f2c1f98

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame ABAD 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9FZxHlzhbx1ANcimr7igpFGFpSu43Ga6HSLNJuQOKzuFHCGouktpZGG1L1bFeFZmZ_Bb1droal1pTtM55IovyA8eQ1pjLoGQqTWkcLstqQscitO2yR71nwzixVlFj8HYFxhtrh2nrT-Ykx0SzRK__1v7SWA&dbm_d=AKAmf-CdV8CrCcdUvr9wEnF9LoGgV71z03Q4XhTXzukSviRkB3qeMb7xdTdZ20oOa7LitIBkPtm6Ixwz2znxHr2sD3OngJDZ9AUKMACIdv1L-gL9hdXsW7Ljv96eBUuB1IB2BHj6QmwgoTF_jko5LmlLOirS08B8CfQCGNYMGtNSFxpEL9Le9Ku6IQbQnCpKaj9e5XeXRP1tbShTa2D2EeKz-ZEvZ2F9Y0o213hLfqaO3XvgooWHLrPwoZTDzDlVfxscIlbEMC1n7sbzstfPoOX21jbxdueRe-3txWJI8opMh7Ed6fcWzjrnvNT9fO37otg-D4HRoKHeZekWkJb1Xj1YDBu3lSF0-y6Fu2zavqPZlgx7Q4W5qOCzzaCus5nZpFlhopvEg8vfnMJXXexCQY3cJC1uBJkGQ3DWkTKETLIeYJVshI4ruKJyNIueCfB55CEGkvHCFwArXOfu4FJcjuJOe_l-vw65a3MFhRMyFyp6vtPcNJLl3KDxWE2V5o8Yiz4VfxnOz492u1CUgJk5lzCez2Zr5Ip_V6i3nWJCTCWu9h-WoAsdmuFKWD4kv7rJPS3BAcSrr9frf--G_KIumNDPfNtvMOF8Raw7iAYHqAHvrhkQdcj5eb_kDJ1kRhoyFlqvfLhJBfUzbv3dhS6u-TU1IPyC1am26NjvKtjFldtjlimDDyse2IfpTojLKoAYRtUQbr62mMFUZSOf9X648yMRgXSNxV1-8qKzw6eVi2hlpsc5hqvc8hPl4o6xBle2bxRIaRyP_lTFL8H5mkzQqn0IQLviLuFE53GKdSKoi-xz10c6L1LPLOUWj7vRrg_10mHVIdt36nRq3EG-VWUqQLr7_108W1zrWDQ0KniDqA8nvKNMmm1I0_oZdULSDeE-Rf5BLy1qpVs3TwXZTGhL41k2k-hh1ZvuLf__E8nHfURpm94rLMFkwnzadO3uluEFZrgxD-y4-BP8r5oU8yTKCLduJGCDc3kjjtOuJvMpfJjNVGw-DB1GuN9RKmG_XE13ZmIoUn7thWNaDvnnOr0y4DWcAw2piY60-8xyj-Y_8l2jrXxoKAuufAGCpKyRWNN5Q_tWlJAsWAlrgi8fVcSBiUhIxqgYPjOw9Ih-9G9FCIpjif8WDugMp1cFqvK05JvMFroCIlJ7_LBvb-1bvu_zDer4Pfi_PDbMnkoEAF7bc62BpF0aq_FKuDtF8aS7GuyttuZfQIODrpy6dQTaorRfjEipk5nnSct2KNri_JmTcTsfd_VExOIAZIOpaAtweoWnOoDFNHeRUG8BBW9DsFR4qZUEmuteOMHl31lgEiU-ovom2fOtMGKkYIvaotEGFaWprp4hcMEpT5_302cmSwRilI9bTw8MzExNNQHwIfJcKtUXfhNIPZeu-TMp0NNMm8uynRrFNa4nPkpIP4gwmq2JRcm_gWNrmpsBaKiJkMF6Gp-8noJAgaK9dsUk0-9REjCSjMLDM7J8waJOpoRcjLcCH5rQInK9buy8Oci7AF8fSj6w5VdTlJ7f__scas_iWVL-eR07O7T16KcQNN19TBScaS8M28INwOQ2jJzEY9dR5lRamaKedJPzH2Ffk57Cb-iAfoXcnPQGCgzJ2FS4QRtU8TZLMxCEzQ49FZq-XzFOUjpF3iCqz2CtQdOkdS4xgYkItckSD3xA397Fo3I_37W9GQCE1qBqkMPdkm36e2MK_Fo6NZ1lY6BltDKuiNhrnI2aWeYJ_onKq9Qo47jRzv3E-lsGy-Apw6Yz2uwjHVbrIe4u31wfQFOj-aBm08t_vTCO5lHLj5tFLckw_a7cxniaLogUSVNnAy-KStQ48C2TfIcvrbsyPKuJrLCBHBw_dMEfKG6nZKUxep9vPbQj1kKPifE5Wkr3joauNJcSmhFqiZ24Wy_VyELFeJfVx6tcVJW-CYVVeSE5ZgCDNlGg0fuUZbOt3HEUHPdMDz0oGY-Off3jqqJW6qFyYI-1K8XtjeUmIU--gDPFo91TKsjW0cRnzSPtHgKyyHQyKTB7uV_o4b21xB2atg1kwTF-RMTG4tri4tj6WwG_tGTlQ0UhVxgvwZgrJdSNajgiK-K6mw0sO-nu0-KgyY6qPG99FVZO_HNu5PeUZeb7rAIUD53gHrtoys2wxSXBECVyAvVPx23q_TGdHAp0eQzpnOKfk2-0xq3KIrl2zFjs912UJSMfOrSQb6NPwZ1PGf8gqRdMLp2nevPovtUUHqDihjWQbzRR0spuZpGojreq8qnWmrQXI2Gub1H3dsWj0ixMC3T3d2NVVluNsldomlVk2afbb4bVxkR_Kwrkz0aBTzazROeAhAHxagy6MWqPXxKt2ZeLej44uAVVVBh9QWC7W-Ks7b-FTIp-OSGZJV0Lng74-Ek7ytJYwWKWKBTlkQTlWTud0qyTxCYRR_jycWExHCOcY2-d15J4V7WFVsXsCI_iUcCiDwsMvmBch1oeFiirOXkAySmcnvwgazNcErepNfEK8ai6lGbmmAaU0BwGDMYIiQNu08MmIGctFPkHsT-j2MQKGoxkjtO-jEQ0ue8dyJ9P1KhuITPzXaqzUC0VHxmZiBM_PkF9rbjvs0bBsfX-Ntz4mkuKo3BjqU3yaP9juPJPk_oYKTSLc189qUJOPnb3HZ2aTOq8Q1RIkiNrK5Zn6zSJimx1KtfwoaJYS_GqLs7VjgkkQHSfdD-zF3WqLN27JyIFew8GSDqEQrnAdUWOJv8TV0PvvXLeHxa2qT6333dhMSVN1ToUfn80xfQCul29bXvMRg4OC1_-AJ8pRyUykI-P_lRcvpLAO7JhOz_nni0eKhTc7N9ViwteedmEcgPIuA35tfYUoeNnr0UHNDA5FZIJ5WqdH8T8oLZlVVe8APtCM37Jg7VT5WJGTEgnWdkvSO7QwC3DdFf_yCfRdMdngllDXlClseUHeLZnLBNjV4L67-_AwpmkwwzFkbX1mTfDilUICdulFP3eqT-N3pwsjcsY6MDFsASGwzWiH37OGfNEDoiqBjWbnOdYCmNzDKRaaWGfrSpSZZCGT_7pAyMsHTtDKV55sFM7J6QuGK1NlzMCbYXElN-hO1QG3uCRewX-s4Nk6XUI1Y0CPeWZvBeiOW1OID8CB4xrN3vF3XaSee-1EMBV4vyISiLtxL5xu2ZgjEgJi21hkan5N3Gcr9oIiW3Zaip-jHOsFiYpCt6ZgeF6NCLvaFLNCa3S-ybpgivYn0qOsSK9__ns6nd_y-RvyLi4K_cwaYZn1QNW89lRNNGyhx_G6RSI0VVMJeIwQOJnXZpcivYxqSo572H-VzX2VY0FqLjL0xedpvViAa-sNyOgyB4n85pRU0-WZ9z0AJzIAP5d-ZTyghXF47YebGlgo3GPnprHvBxo0-drvNdjlucRo0TbuNgTFhOD6NNV6Lvguhu3abmuNM49Xd_xIk5bsuGlSaFypTkpAdk2tCQ0RVKTTWYjjZPV5BJk1fi9AZTi_gScKFW2P7KtNDhjTzgzm97xAxfmHTHOA1XjdRj5PPFqlngcXRZ63TWtbKC86JmJl6xU5DkWXR3fkau12pt8sQ&cid=CAASJORop1xjPDgOwfBoLrhYwgAoorzAZWPbYVQkH33J9G9S-shAWA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10546
x-xss-protection
0
server
cafe
etag
1672864604874404814
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:58:56 GMT
4234330182124653997
s0.2mdn.net/simgad/ Frame ABAD 		170 KB
170 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4234330182124653997
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9FZxHlzhbx1ANcimr7igpFGFpSu43Ga6HSLNJuQOKzuFHCGouktpZGG1L1bFeFZmZ_Bb1droal1pTtM55IovyA8eQ1pjLoGQqTWkcLstqQscitO2yR71nwzixVlFj8HYFxhtrh2nrT-Ykx0SzRK__1v7SWA&dbm_d=AKAmf-CdV8CrCcdUvr9wEnF9LoGgV71z03Q4XhTXzukSviRkB3qeMb7xdTdZ20oOa7LitIBkPtm6Ixwz2znxHr2sD3OngJDZ9AUKMACIdv1L-gL9hdXsW7Ljv96eBUuB1IB2BHj6QmwgoTF_jko5LmlLOirS08B8CfQCGNYMGtNSFxpEL9Le9Ku6IQbQnCpKaj9e5XeXRP1tbShTa2D2EeKz-ZEvZ2F9Y0o213hLfqaO3XvgooWHLrPwoZTDzDlVfxscIlbEMC1n7sbzstfPoOX21jbxdueRe-3txWJI8opMh7Ed6fcWzjrnvNT9fO37otg-D4HRoKHeZekWkJb1Xj1YDBu3lSF0-y6Fu2zavqPZlgx7Q4W5qOCzzaCus5nZpFlhopvEg8vfnMJXXexCQY3cJC1uBJkGQ3DWkTKETLIeYJVshI4ruKJyNIueCfB55CEGkvHCFwArXOfu4FJcjuJOe_l-vw65a3MFhRMyFyp6vtPcNJLl3KDxWE2V5o8Yiz4VfxnOz492u1CUgJk5lzCez2Zr5Ip_V6i3nWJCTCWu9h-WoAsdmuFKWD4kv7rJPS3BAcSrr9frf--G_KIumNDPfNtvMOF8Raw7iAYHqAHvrhkQdcj5eb_kDJ1kRhoyFlqvfLhJBfUzbv3dhS6u-TU1IPyC1am26NjvKtjFldtjlimDDyse2IfpTojLKoAYRtUQbr62mMFUZSOf9X648yMRgXSNxV1-8qKzw6eVi2hlpsc5hqvc8hPl4o6xBle2bxRIaRyP_lTFL8H5mkzQqn0IQLviLuFE53GKdSKoi-xz10c6L1LPLOUWj7vRrg_10mHVIdt36nRq3EG-VWUqQLr7_108W1zrWDQ0KniDqA8nvKNMmm1I0_oZdULSDeE-Rf5BLy1qpVs3TwXZTGhL41k2k-hh1ZvuLf__E8nHfURpm94rLMFkwnzadO3uluEFZrgxD-y4-BP8r5oU8yTKCLduJGCDc3kjjtOuJvMpfJjNVGw-DB1GuN9RKmG_XE13ZmIoUn7thWNaDvnnOr0y4DWcAw2piY60-8xyj-Y_8l2jrXxoKAuufAGCpKyRWNN5Q_tWlJAsWAlrgi8fVcSBiUhIxqgYPjOw9Ih-9G9FCIpjif8WDugMp1cFqvK05JvMFroCIlJ7_LBvb-1bvu_zDer4Pfi_PDbMnkoEAF7bc62BpF0aq_FKuDtF8aS7GuyttuZfQIODrpy6dQTaorRfjEipk5nnSct2KNri_JmTcTsfd_VExOIAZIOpaAtweoWnOoDFNHeRUG8BBW9DsFR4qZUEmuteOMHl31lgEiU-ovom2fOtMGKkYIvaotEGFaWprp4hcMEpT5_302cmSwRilI9bTw8MzExNNQHwIfJcKtUXfhNIPZeu-TMp0NNMm8uynRrFNa4nPkpIP4gwmq2JRcm_gWNrmpsBaKiJkMF6Gp-8noJAgaK9dsUk0-9REjCSjMLDM7J8waJOpoRcjLcCH5rQInK9buy8Oci7AF8fSj6w5VdTlJ7f__scas_iWVL-eR07O7T16KcQNN19TBScaS8M28INwOQ2jJzEY9dR5lRamaKedJPzH2Ffk57Cb-iAfoXcnPQGCgzJ2FS4QRtU8TZLMxCEzQ49FZq-XzFOUjpF3iCqz2CtQdOkdS4xgYkItckSD3xA397Fo3I_37W9GQCE1qBqkMPdkm36e2MK_Fo6NZ1lY6BltDKuiNhrnI2aWeYJ_onKq9Qo47jRzv3E-lsGy-Apw6Yz2uwjHVbrIe4u31wfQFOj-aBm08t_vTCO5lHLj5tFLckw_a7cxniaLogUSVNnAy-KStQ48C2TfIcvrbsyPKuJrLCBHBw_dMEfKG6nZKUxep9vPbQj1kKPifE5Wkr3joauNJcSmhFqiZ24Wy_VyELFeJfVx6tcVJW-CYVVeSE5ZgCDNlGg0fuUZbOt3HEUHPdMDz0oGY-Off3jqqJW6qFyYI-1K8XtjeUmIU--gDPFo91TKsjW0cRnzSPtHgKyyHQyKTB7uV_o4b21xB2atg1kwTF-RMTG4tri4tj6WwG_tGTlQ0UhVxgvwZgrJdSNajgiK-K6mw0sO-nu0-KgyY6qPG99FVZO_HNu5PeUZeb7rAIUD53gHrtoys2wxSXBECVyAvVPx23q_TGdHAp0eQzpnOKfk2-0xq3KIrl2zFjs912UJSMfOrSQb6NPwZ1PGf8gqRdMLp2nevPovtUUHqDihjWQbzRR0spuZpGojreq8qnWmrQXI2Gub1H3dsWj0ixMC3T3d2NVVluNsldomlVk2afbb4bVxkR_Kwrkz0aBTzazROeAhAHxagy6MWqPXxKt2ZeLej44uAVVVBh9QWC7W-Ks7b-FTIp-OSGZJV0Lng74-Ek7ytJYwWKWKBTlkQTlWTud0qyTxCYRR_jycWExHCOcY2-d15J4V7WFVsXsCI_iUcCiDwsMvmBch1oeFiirOXkAySmcnvwgazNcErepNfEK8ai6lGbmmAaU0BwGDMYIiQNu08MmIGctFPkHsT-j2MQKGoxkjtO-jEQ0ue8dyJ9P1KhuITPzXaqzUC0VHxmZiBM_PkF9rbjvs0bBsfX-Ntz4mkuKo3BjqU3yaP9juPJPk_oYKTSLc189qUJOPnb3HZ2aTOq8Q1RIkiNrK5Zn6zSJimx1KtfwoaJYS_GqLs7VjgkkQHSfdD-zF3WqLN27JyIFew8GSDqEQrnAdUWOJv8TV0PvvXLeHxa2qT6333dhMSVN1ToUfn80xfQCul29bXvMRg4OC1_-AJ8pRyUykI-P_lRcvpLAO7JhOz_nni0eKhTc7N9ViwteedmEcgPIuA35tfYUoeNnr0UHNDA5FZIJ5WqdH8T8oLZlVVe8APtCM37Jg7VT5WJGTEgnWdkvSO7QwC3DdFf_yCfRdMdngllDXlClseUHeLZnLBNjV4L67-_AwpmkwwzFkbX1mTfDilUICdulFP3eqT-N3pwsjcsY6MDFsASGwzWiH37OGfNEDoiqBjWbnOdYCmNzDKRaaWGfrSpSZZCGT_7pAyMsHTtDKV55sFM7J6QuGK1NlzMCbYXElN-hO1QG3uCRewX-s4Nk6XUI1Y0CPeWZvBeiOW1OID8CB4xrN3vF3XaSee-1EMBV4vyISiLtxL5xu2ZgjEgJi21hkan5N3Gcr9oIiW3Zaip-jHOsFiYpCt6ZgeF6NCLvaFLNCa3S-ybpgivYn0qOsSK9__ns6nd_y-RvyLi4K_cwaYZn1QNW89lRNNGyhx_G6RSI0VVMJeIwQOJnXZpcivYxqSo572H-VzX2VY0FqLjL0xedpvViAa-sNyOgyB4n85pRU0-WZ9z0AJzIAP5d-ZTyghXF47YebGlgo3GPnprHvBxo0-drvNdjlucRo0TbuNgTFhOD6NNV6Lvguhu3abmuNM49Xd_xIk5bsuGlSaFypTkpAdk2tCQ0RVKTTWYjjZPV5BJk1fi9AZTi_gScKFW2P7KtNDhjTzgzm97xAxfmHTHOA1XjdRj5PPFqlngcXRZ63TWtbKC86JmJl6xU5DkWXR3fkau12pt8sQ&cid=CAASJORop1xjPDgOwfBoLrhYwgAoorzAZWPbYVQkH33J9G9S-shAWA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae9032d19e41c439dbfa877038b54bc75864202b08859edb2a600e0e07c54d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 17:49:49 GMT
x-content-type-options
nosniff
age
210110
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
173846
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 14:18:19 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Jun 2023 17:49:49 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/ Frame ABAD 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9FZxHlzhbx1ANcimr7igpFGFpSu43Ga6HSLNJuQOKzuFHCGouktpZGG1L1bFeFZmZ_Bb1droal1pTtM55IovyA8eQ1pjLoGQqTWkcLstqQscitO2yR71nwzixVlFj8HYFxhtrh2nrT-Ykx0SzRK__1v7SWA&dbm_d=AKAmf-CdV8CrCcdUvr9wEnF9LoGgV71z03Q4XhTXzukSviRkB3qeMb7xdTdZ20oOa7LitIBkPtm6Ixwz2znxHr2sD3OngJDZ9AUKMACIdv1L-gL9hdXsW7Ljv96eBUuB1IB2BHj6QmwgoTF_jko5LmlLOirS08B8CfQCGNYMGtNSFxpEL9Le9Ku6IQbQnCpKaj9e5XeXRP1tbShTa2D2EeKz-ZEvZ2F9Y0o213hLfqaO3XvgooWHLrPwoZTDzDlVfxscIlbEMC1n7sbzstfPoOX21jbxdueRe-3txWJI8opMh7Ed6fcWzjrnvNT9fO37otg-D4HRoKHeZekWkJb1Xj1YDBu3lSF0-y6Fu2zavqPZlgx7Q4W5qOCzzaCus5nZpFlhopvEg8vfnMJXXexCQY3cJC1uBJkGQ3DWkTKETLIeYJVshI4ruKJyNIueCfB55CEGkvHCFwArXOfu4FJcjuJOe_l-vw65a3MFhRMyFyp6vtPcNJLl3KDxWE2V5o8Yiz4VfxnOz492u1CUgJk5lzCez2Zr5Ip_V6i3nWJCTCWu9h-WoAsdmuFKWD4kv7rJPS3BAcSrr9frf--G_KIumNDPfNtvMOF8Raw7iAYHqAHvrhkQdcj5eb_kDJ1kRhoyFlqvfLhJBfUzbv3dhS6u-TU1IPyC1am26NjvKtjFldtjlimDDyse2IfpTojLKoAYRtUQbr62mMFUZSOf9X648yMRgXSNxV1-8qKzw6eVi2hlpsc5hqvc8hPl4o6xBle2bxRIaRyP_lTFL8H5mkzQqn0IQLviLuFE53GKdSKoi-xz10c6L1LPLOUWj7vRrg_10mHVIdt36nRq3EG-VWUqQLr7_108W1zrWDQ0KniDqA8nvKNMmm1I0_oZdULSDeE-Rf5BLy1qpVs3TwXZTGhL41k2k-hh1ZvuLf__E8nHfURpm94rLMFkwnzadO3uluEFZrgxD-y4-BP8r5oU8yTKCLduJGCDc3kjjtOuJvMpfJjNVGw-DB1GuN9RKmG_XE13ZmIoUn7thWNaDvnnOr0y4DWcAw2piY60-8xyj-Y_8l2jrXxoKAuufAGCpKyRWNN5Q_tWlJAsWAlrgi8fVcSBiUhIxqgYPjOw9Ih-9G9FCIpjif8WDugMp1cFqvK05JvMFroCIlJ7_LBvb-1bvu_zDer4Pfi_PDbMnkoEAF7bc62BpF0aq_FKuDtF8aS7GuyttuZfQIODrpy6dQTaorRfjEipk5nnSct2KNri_JmTcTsfd_VExOIAZIOpaAtweoWnOoDFNHeRUG8BBW9DsFR4qZUEmuteOMHl31lgEiU-ovom2fOtMGKkYIvaotEGFaWprp4hcMEpT5_302cmSwRilI9bTw8MzExNNQHwIfJcKtUXfhNIPZeu-TMp0NNMm8uynRrFNa4nPkpIP4gwmq2JRcm_gWNrmpsBaKiJkMF6Gp-8noJAgaK9dsUk0-9REjCSjMLDM7J8waJOpoRcjLcCH5rQInK9buy8Oci7AF8fSj6w5VdTlJ7f__scas_iWVL-eR07O7T16KcQNN19TBScaS8M28INwOQ2jJzEY9dR5lRamaKedJPzH2Ffk57Cb-iAfoXcnPQGCgzJ2FS4QRtU8TZLMxCEzQ49FZq-XzFOUjpF3iCqz2CtQdOkdS4xgYkItckSD3xA397Fo3I_37W9GQCE1qBqkMPdkm36e2MK_Fo6NZ1lY6BltDKuiNhrnI2aWeYJ_onKq9Qo47jRzv3E-lsGy-Apw6Yz2uwjHVbrIe4u31wfQFOj-aBm08t_vTCO5lHLj5tFLckw_a7cxniaLogUSVNnAy-KStQ48C2TfIcvrbsyPKuJrLCBHBw_dMEfKG6nZKUxep9vPbQj1kKPifE5Wkr3joauNJcSmhFqiZ24Wy_VyELFeJfVx6tcVJW-CYVVeSE5ZgCDNlGg0fuUZbOt3HEUHPdMDz0oGY-Off3jqqJW6qFyYI-1K8XtjeUmIU--gDPFo91TKsjW0cRnzSPtHgKyyHQyKTB7uV_o4b21xB2atg1kwTF-RMTG4tri4tj6WwG_tGTlQ0UhVxgvwZgrJdSNajgiK-K6mw0sO-nu0-KgyY6qPG99FVZO_HNu5PeUZeb7rAIUD53gHrtoys2wxSXBECVyAvVPx23q_TGdHAp0eQzpnOKfk2-0xq3KIrl2zFjs912UJSMfOrSQb6NPwZ1PGf8gqRdMLp2nevPovtUUHqDihjWQbzRR0spuZpGojreq8qnWmrQXI2Gub1H3dsWj0ixMC3T3d2NVVluNsldomlVk2afbb4bVxkR_Kwrkz0aBTzazROeAhAHxagy6MWqPXxKt2ZeLej44uAVVVBh9QWC7W-Ks7b-FTIp-OSGZJV0Lng74-Ek7ytJYwWKWKBTlkQTlWTud0qyTxCYRR_jycWExHCOcY2-d15J4V7WFVsXsCI_iUcCiDwsMvmBch1oeFiirOXkAySmcnvwgazNcErepNfEK8ai6lGbmmAaU0BwGDMYIiQNu08MmIGctFPkHsT-j2MQKGoxkjtO-jEQ0ue8dyJ9P1KhuITPzXaqzUC0VHxmZiBM_PkF9rbjvs0bBsfX-Ntz4mkuKo3BjqU3yaP9juPJPk_oYKTSLc189qUJOPnb3HZ2aTOq8Q1RIkiNrK5Zn6zSJimx1KtfwoaJYS_GqLs7VjgkkQHSfdD-zF3WqLN27JyIFew8GSDqEQrnAdUWOJv8TV0PvvXLeHxa2qT6333dhMSVN1ToUfn80xfQCul29bXvMRg4OC1_-AJ8pRyUykI-P_lRcvpLAO7JhOz_nni0eKhTc7N9ViwteedmEcgPIuA35tfYUoeNnr0UHNDA5FZIJ5WqdH8T8oLZlVVe8APtCM37Jg7VT5WJGTEgnWdkvSO7QwC3DdFf_yCfRdMdngllDXlClseUHeLZnLBNjV4L67-_AwpmkwwzFkbX1mTfDilUICdulFP3eqT-N3pwsjcsY6MDFsASGwzWiH37OGfNEDoiqBjWbnOdYCmNzDKRaaWGfrSpSZZCGT_7pAyMsHTtDKV55sFM7J6QuGK1NlzMCbYXElN-hO1QG3uCRewX-s4Nk6XUI1Y0CPeWZvBeiOW1OID8CB4xrN3vF3XaSee-1EMBV4vyISiLtxL5xu2ZgjEgJi21hkan5N3Gcr9oIiW3Zaip-jHOsFiYpCt6ZgeF6NCLvaFLNCa3S-ybpgivYn0qOsSK9__ns6nd_y-RvyLi4K_cwaYZn1QNW89lRNNGyhx_G6RSI0VVMJeIwQOJnXZpcivYxqSo572H-VzX2VY0FqLjL0xedpvViAa-sNyOgyB4n85pRU0-WZ9z0AJzIAP5d-ZTyghXF47YebGlgo3GPnprHvBxo0-drvNdjlucRo0TbuNgTFhOD6NNV6Lvguhu3abmuNM49Xd_xIk5bsuGlSaFypTkpAdk2tCQ0RVKTTWYjjZPV5BJk1fi9AZTi_gScKFW2P7KtNDhjTzgzm97xAxfmHTHOA1XjdRj5PPFqlngcXRZ63TWtbKC86JmJl6xU5DkWXR3fkau12pt8sQ&cid=CAASJORop1xjPDgOwfBoLrhYwgAoorzAZWPbYVQkH33J9G9S-shAWA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:58:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame ABAD 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBcuT8BNv70-UpCQpidurzSEEQ-eF9D20JwTVsyzQ1W0-XZXC5cttUq1S1vjfL1LOmqagK8zwuaDH6lCF-8B8FqZ8DywtvtVgF6XTcc8XN9IdadGoYhlKtq2CTySBIxkf2UghBapVGlNqutn2AEp3yT19psrJTzpDvQhmYa4X1Z2PvtQ05oSo5e6FQfqMP9HFz3IKsObTHcO_X34Uoo8HG2BDxcmtB6DYauQQUy2lRqnAPgdj1ulC7XcpiP9Dltay2W4vgKJEePI23bGThOl-cm8E6pDEQMxfYy2s63UhsPL95KujoIdT0X-O4HJXKDQ93dM4OeXNnAdHn2yKEH1lcdcvT4PRf0dZFzlkSwf_LaH7CvlIUBK4r2RBKWl3qLiNwEjSgJopQ02rEudpwA_IABKl8RhJ8v8Vp9rjSv_c7tDht7_1KBbSjbg_TYR9jt252K0aO6b14_WK5kXXEZh2sM5TVjK_tmVPT0DirsUhrO1dodLXhJQUAUCbOb8vTc5bK5GSROU_K9XhZZuvzE_lb8FN8t_mUWJTeF3h9uK0NiUruFIUP5lGScgMiJoDD4mgysN_1jpEcN5q_RlMu4vxuBQMSSdzcaTrkZ7TTQhGJRMGBWD_f3xm8qwIpiI_u3XvplRrarZ4QxtUzMxiKx08y2wtjPsXbWoYCQxGgESpT_BZDQfL_WlPpOUFil-fjsCJfAzMN4czRVxVpeT_l5hJBWiwbOVJZU24ELNWtE-tZCL1790S1BjXktSmP38iljm6uIgzEbgSIGM4XiqvKecxGTLmDFKTS4RIj7oz2BitoE_cJ8rb-xoXFH3RtjSbZct1fr8NpPYMd0CkU1FqVS5RznRUP-vfApDdj0kynOL0OCxjPDZNbq7MTAo4lMLuYE7jKZtzsxb5kliIkejxKl2QT_UkscdJmM0FP1ktNA8hJhvRpf-9JyMShSQTKdc5zR_JlVmwn1CHfkgVjRTexIRYCRkIRN3_gC5s-32kJvcWe1QDXd0s6avmJbK9gFkJCZhnMmTPvwFmq4EqRtLiySV8J8Pz16jv7aSTk7J4B4fb4w_HOerdTK4mkxhRST-WX87ii_nFBDovVcsW92TV9eeZwOr46a4ALrM0XxMuuzvoREpLxhZd_LrYo4qNe0FCx7KzysBSkWm6HhPMCHbamV505F_Y&sai=AMfl-YQrybVzvYOCTX2DWJJyC47D4N23VrGgjWETI9pTsVUaMEZQ_Wgxb4iy3-r_zSWE8CyPZ3pBkQDXCIw37bYUUWFT0kY6nfJyvBGTxcltv4h0JaExMZa1M0I6D42UuCE4Z56g7UyPqE1RTO-J1lJ14MExt0lsj0-Y_r7DedusuyJzKTl9RaYPMfsW5YdN-rx2Oq1e-XygqPskEh8aZMV-kg&sig=Cg0ArKJSzEBHsltJOpYHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220616.00462&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9FZxHlzhbx1ANcimr7igpFGFpSu43Ga6HSLNJuQOKzuFHCGouktpZGG1L1bFeFZmZ_Bb1droal1pTtM55IovyA8eQ1pjLoGQqTWkcLstqQscitO2yR71nwzixVlFj8HYFxhtrh2nrT-Ykx0SzRK__1v7SWA&dbm_d=AKAmf-CdV8CrCcdUvr9wEnF9LoGgV71z03Q4XhTXzukSviRkB3qeMb7xdTdZ20oOa7LitIBkPtm6Ixwz2znxHr2sD3OngJDZ9AUKMACIdv1L-gL9hdXsW7Ljv96eBUuB1IB2BHj6QmwgoTF_jko5LmlLOirS08B8CfQCGNYMGtNSFxpEL9Le9Ku6IQbQnCpKaj9e5XeXRP1tbShTa2D2EeKz-ZEvZ2F9Y0o213hLfqaO3XvgooWHLrPwoZTDzDlVfxscIlbEMC1n7sbzstfPoOX21jbxdueRe-3txWJI8opMh7Ed6fcWzjrnvNT9fO37otg-D4HRoKHeZekWkJb1Xj1YDBu3lSF0-y6Fu2zavqPZlgx7Q4W5qOCzzaCus5nZpFlhopvEg8vfnMJXXexCQY3cJC1uBJkGQ3DWkTKETLIeYJVshI4ruKJyNIueCfB55CEGkvHCFwArXOfu4FJcjuJOe_l-vw65a3MFhRMyFyp6vtPcNJLl3KDxWE2V5o8Yiz4VfxnOz492u1CUgJk5lzCez2Zr5Ip_V6i3nWJCTCWu9h-WoAsdmuFKWD4kv7rJPS3BAcSrr9frf--G_KIumNDPfNtvMOF8Raw7iAYHqAHvrhkQdcj5eb_kDJ1kRhoyFlqvfLhJBfUzbv3dhS6u-TU1IPyC1am26NjvKtjFldtjlimDDyse2IfpTojLKoAYRtUQbr62mMFUZSOf9X648yMRgXSNxV1-8qKzw6eVi2hlpsc5hqvc8hPl4o6xBle2bxRIaRyP_lTFL8H5mkzQqn0IQLviLuFE53GKdSKoi-xz10c6L1LPLOUWj7vRrg_10mHVIdt36nRq3EG-VWUqQLr7_108W1zrWDQ0KniDqA8nvKNMmm1I0_oZdULSDeE-Rf5BLy1qpVs3TwXZTGhL41k2k-hh1ZvuLf__E8nHfURpm94rLMFkwnzadO3uluEFZrgxD-y4-BP8r5oU8yTKCLduJGCDc3kjjtOuJvMpfJjNVGw-DB1GuN9RKmG_XE13ZmIoUn7thWNaDvnnOr0y4DWcAw2piY60-8xyj-Y_8l2jrXxoKAuufAGCpKyRWNN5Q_tWlJAsWAlrgi8fVcSBiUhIxqgYPjOw9Ih-9G9FCIpjif8WDugMp1cFqvK05JvMFroCIlJ7_LBvb-1bvu_zDer4Pfi_PDbMnkoEAF7bc62BpF0aq_FKuDtF8aS7GuyttuZfQIODrpy6dQTaorRfjEipk5nnSct2KNri_JmTcTsfd_VExOIAZIOpaAtweoWnOoDFNHeRUG8BBW9DsFR4qZUEmuteOMHl31lgEiU-ovom2fOtMGKkYIvaotEGFaWprp4hcMEpT5_302cmSwRilI9bTw8MzExNNQHwIfJcKtUXfhNIPZeu-TMp0NNMm8uynRrFNa4nPkpIP4gwmq2JRcm_gWNrmpsBaKiJkMF6Gp-8noJAgaK9dsUk0-9REjCSjMLDM7J8waJOpoRcjLcCH5rQInK9buy8Oci7AF8fSj6w5VdTlJ7f__scas_iWVL-eR07O7T16KcQNN19TBScaS8M28INwOQ2jJzEY9dR5lRamaKedJPzH2Ffk57Cb-iAfoXcnPQGCgzJ2FS4QRtU8TZLMxCEzQ49FZq-XzFOUjpF3iCqz2CtQdOkdS4xgYkItckSD3xA397Fo3I_37W9GQCE1qBqkMPdkm36e2MK_Fo6NZ1lY6BltDKuiNhrnI2aWeYJ_onKq9Qo47jRzv3E-lsGy-Apw6Yz2uwjHVbrIe4u31wfQFOj-aBm08t_vTCO5lHLj5tFLckw_a7cxniaLogUSVNnAy-KStQ48C2TfIcvrbsyPKuJrLCBHBw_dMEfKG6nZKUxep9vPbQj1kKPifE5Wkr3joauNJcSmhFqiZ24Wy_VyELFeJfVx6tcVJW-CYVVeSE5ZgCDNlGg0fuUZbOt3HEUHPdMDz0oGY-Off3jqqJW6qFyYI-1K8XtjeUmIU--gDPFo91TKsjW0cRnzSPtHgKyyHQyKTB7uV_o4b21xB2atg1kwTF-RMTG4tri4tj6WwG_tGTlQ0UhVxgvwZgrJdSNajgiK-K6mw0sO-nu0-KgyY6qPG99FVZO_HNu5PeUZeb7rAIUD53gHrtoys2wxSXBECVyAvVPx23q_TGdHAp0eQzpnOKfk2-0xq3KIrl2zFjs912UJSMfOrSQb6NPwZ1PGf8gqRdMLp2nevPovtUUHqDihjWQbzRR0spuZpGojreq8qnWmrQXI2Gub1H3dsWj0ixMC3T3d2NVVluNsldomlVk2afbb4bVxkR_Kwrkz0aBTzazROeAhAHxagy6MWqPXxKt2ZeLej44uAVVVBh9QWC7W-Ks7b-FTIp-OSGZJV0Lng74-Ek7ytJYwWKWKBTlkQTlWTud0qyTxCYRR_jycWExHCOcY2-d15J4V7WFVsXsCI_iUcCiDwsMvmBch1oeFiirOXkAySmcnvwgazNcErepNfEK8ai6lGbmmAaU0BwGDMYIiQNu08MmIGctFPkHsT-j2MQKGoxkjtO-jEQ0ue8dyJ9P1KhuITPzXaqzUC0VHxmZiBM_PkF9rbjvs0bBsfX-Ntz4mkuKo3BjqU3yaP9juPJPk_oYKTSLc189qUJOPnb3HZ2aTOq8Q1RIkiNrK5Zn6zSJimx1KtfwoaJYS_GqLs7VjgkkQHSfdD-zF3WqLN27JyIFew8GSDqEQrnAdUWOJv8TV0PvvXLeHxa2qT6333dhMSVN1ToUfn80xfQCul29bXvMRg4OC1_-AJ8pRyUykI-P_lRcvpLAO7JhOz_nni0eKhTc7N9ViwteedmEcgPIuA35tfYUoeNnr0UHNDA5FZIJ5WqdH8T8oLZlVVe8APtCM37Jg7VT5WJGTEgnWdkvSO7QwC3DdFf_yCfRdMdngllDXlClseUHeLZnLBNjV4L67-_AwpmkwwzFkbX1mTfDilUICdulFP3eqT-N3pwsjcsY6MDFsASGwzWiH37OGfNEDoiqBjWbnOdYCmNzDKRaaWGfrSpSZZCGT_7pAyMsHTtDKV55sFM7J6QuGK1NlzMCbYXElN-hO1QG3uCRewX-s4Nk6XUI1Y0CPeWZvBeiOW1OID8CB4xrN3vF3XaSee-1EMBV4vyISiLtxL5xu2ZgjEgJi21hkan5N3Gcr9oIiW3Zaip-jHOsFiYpCt6ZgeF6NCLvaFLNCa3S-ybpgivYn0qOsSK9__ns6nd_y-RvyLi4K_cwaYZn1QNW89lRNNGyhx_G6RSI0VVMJeIwQOJnXZpcivYxqSo572H-VzX2VY0FqLjL0xedpvViAa-sNyOgyB4n85pRU0-WZ9z0AJzIAP5d-ZTyghXF47YebGlgo3GPnprHvBxo0-drvNdjlucRo0TbuNgTFhOD6NNV6Lvguhu3abmuNM49Xd_xIk5bsuGlSaFypTkpAdk2tCQ0RVKTTWYjjZPV5BJk1fi9AZTi_gScKFW2P7KtNDhjTzgzm97xAxfmHTHOA1XjdRj5PPFqlngcXRZ63TWtbKC86JmJl6xU5DkWXR3fkau12pt8sQ&cid=CAASJORop1xjPDgOwfBoLrhYwgAoorzAZWPbYVQkH33J9G9S-shAWA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 23 Jun 2022 04:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame ABAD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9FZxHlzhbx1ANcimr7igpFGFpSu43Ga6HSLNJuQOKzuFHCGouktpZGG1L1bFeFZmZ_Bb1droal1pTtM55IovyA8eQ1pjLoGQqTWkcLstqQscitO2yR71nwzixVlFj8HYFxhtrh2nrT-Ykx0SzRK__1v7SWA&dbm_d=AKAmf-CdV8CrCcdUvr9wEnF9LoGgV71z03Q4XhTXzukSviRkB3qeMb7xdTdZ20oOa7LitIBkPtm6Ixwz2znxHr2sD3OngJDZ9AUKMACIdv1L-gL9hdXsW7Ljv96eBUuB1IB2BHj6QmwgoTF_jko5LmlLOirS08B8CfQCGNYMGtNSFxpEL9Le9Ku6IQbQnCpKaj9e5XeXRP1tbShTa2D2EeKz-ZEvZ2F9Y0o213hLfqaO3XvgooWHLrPwoZTDzDlVfxscIlbEMC1n7sbzstfPoOX21jbxdueRe-3txWJI8opMh7Ed6fcWzjrnvNT9fO37otg-D4HRoKHeZekWkJb1Xj1YDBu3lSF0-y6Fu2zavqPZlgx7Q4W5qOCzzaCus5nZpFlhopvEg8vfnMJXXexCQY3cJC1uBJkGQ3DWkTKETLIeYJVshI4ruKJyNIueCfB55CEGkvHCFwArXOfu4FJcjuJOe_l-vw65a3MFhRMyFyp6vtPcNJLl3KDxWE2V5o8Yiz4VfxnOz492u1CUgJk5lzCez2Zr5Ip_V6i3nWJCTCWu9h-WoAsdmuFKWD4kv7rJPS3BAcSrr9frf--G_KIumNDPfNtvMOF8Raw7iAYHqAHvrhkQdcj5eb_kDJ1kRhoyFlqvfLhJBfUzbv3dhS6u-TU1IPyC1am26NjvKtjFldtjlimDDyse2IfpTojLKoAYRtUQbr62mMFUZSOf9X648yMRgXSNxV1-8qKzw6eVi2hlpsc5hqvc8hPl4o6xBle2bxRIaRyP_lTFL8H5mkzQqn0IQLviLuFE53GKdSKoi-xz10c6L1LPLOUWj7vRrg_10mHVIdt36nRq3EG-VWUqQLr7_108W1zrWDQ0KniDqA8nvKNMmm1I0_oZdULSDeE-Rf5BLy1qpVs3TwXZTGhL41k2k-hh1ZvuLf__E8nHfURpm94rLMFkwnzadO3uluEFZrgxD-y4-BP8r5oU8yTKCLduJGCDc3kjjtOuJvMpfJjNVGw-DB1GuN9RKmG_XE13ZmIoUn7thWNaDvnnOr0y4DWcAw2piY60-8xyj-Y_8l2jrXxoKAuufAGCpKyRWNN5Q_tWlJAsWAlrgi8fVcSBiUhIxqgYPjOw9Ih-9G9FCIpjif8WDugMp1cFqvK05JvMFroCIlJ7_LBvb-1bvu_zDer4Pfi_PDbMnkoEAF7bc62BpF0aq_FKuDtF8aS7GuyttuZfQIODrpy6dQTaorRfjEipk5nnSct2KNri_JmTcTsfd_VExOIAZIOpaAtweoWnOoDFNHeRUG8BBW9DsFR4qZUEmuteOMHl31lgEiU-ovom2fOtMGKkYIvaotEGFaWprp4hcMEpT5_302cmSwRilI9bTw8MzExNNQHwIfJcKtUXfhNIPZeu-TMp0NNMm8uynRrFNa4nPkpIP4gwmq2JRcm_gWNrmpsBaKiJkMF6Gp-8noJAgaK9dsUk0-9REjCSjMLDM7J8waJOpoRcjLcCH5rQInK9buy8Oci7AF8fSj6w5VdTlJ7f__scas_iWVL-eR07O7T16KcQNN19TBScaS8M28INwOQ2jJzEY9dR5lRamaKedJPzH2Ffk57Cb-iAfoXcnPQGCgzJ2FS4QRtU8TZLMxCEzQ49FZq-XzFOUjpF3iCqz2CtQdOkdS4xgYkItckSD3xA397Fo3I_37W9GQCE1qBqkMPdkm36e2MK_Fo6NZ1lY6BltDKuiNhrnI2aWeYJ_onKq9Qo47jRzv3E-lsGy-Apw6Yz2uwjHVbrIe4u31wfQFOj-aBm08t_vTCO5lHLj5tFLckw_a7cxniaLogUSVNnAy-KStQ48C2TfIcvrbsyPKuJrLCBHBw_dMEfKG6nZKUxep9vPbQj1kKPifE5Wkr3joauNJcSmhFqiZ24Wy_VyELFeJfVx6tcVJW-CYVVeSE5ZgCDNlGg0fuUZbOt3HEUHPdMDz0oGY-Off3jqqJW6qFyYI-1K8XtjeUmIU--gDPFo91TKsjW0cRnzSPtHgKyyHQyKTB7uV_o4b21xB2atg1kwTF-RMTG4tri4tj6WwG_tGTlQ0UhVxgvwZgrJdSNajgiK-K6mw0sO-nu0-KgyY6qPG99FVZO_HNu5PeUZeb7rAIUD53gHrtoys2wxSXBECVyAvVPx23q_TGdHAp0eQzpnOKfk2-0xq3KIrl2zFjs912UJSMfOrSQb6NPwZ1PGf8gqRdMLp2nevPovtUUHqDihjWQbzRR0spuZpGojreq8qnWmrQXI2Gub1H3dsWj0ixMC3T3d2NVVluNsldomlVk2afbb4bVxkR_Kwrkz0aBTzazROeAhAHxagy6MWqPXxKt2ZeLej44uAVVVBh9QWC7W-Ks7b-FTIp-OSGZJV0Lng74-Ek7ytJYwWKWKBTlkQTlWTud0qyTxCYRR_jycWExHCOcY2-d15J4V7WFVsXsCI_iUcCiDwsMvmBch1oeFiirOXkAySmcnvwgazNcErepNfEK8ai6lGbmmAaU0BwGDMYIiQNu08MmIGctFPkHsT-j2MQKGoxkjtO-jEQ0ue8dyJ9P1KhuITPzXaqzUC0VHxmZiBM_PkF9rbjvs0bBsfX-Ntz4mkuKo3BjqU3yaP9juPJPk_oYKTSLc189qUJOPnb3HZ2aTOq8Q1RIkiNrK5Zn6zSJimx1KtfwoaJYS_GqLs7VjgkkQHSfdD-zF3WqLN27JyIFew8GSDqEQrnAdUWOJv8TV0PvvXLeHxa2qT6333dhMSVN1ToUfn80xfQCul29bXvMRg4OC1_-AJ8pRyUykI-P_lRcvpLAO7JhOz_nni0eKhTc7N9ViwteedmEcgPIuA35tfYUoeNnr0UHNDA5FZIJ5WqdH8T8oLZlVVe8APtCM37Jg7VT5WJGTEgnWdkvSO7QwC3DdFf_yCfRdMdngllDXlClseUHeLZnLBNjV4L67-_AwpmkwwzFkbX1mTfDilUICdulFP3eqT-N3pwsjcsY6MDFsASGwzWiH37OGfNEDoiqBjWbnOdYCmNzDKRaaWGfrSpSZZCGT_7pAyMsHTtDKV55sFM7J6QuGK1NlzMCbYXElN-hO1QG3uCRewX-s4Nk6XUI1Y0CPeWZvBeiOW1OID8CB4xrN3vF3XaSee-1EMBV4vyISiLtxL5xu2ZgjEgJi21hkan5N3Gcr9oIiW3Zaip-jHOsFiYpCt6ZgeF6NCLvaFLNCa3S-ybpgivYn0qOsSK9__ns6nd_y-RvyLi4K_cwaYZn1QNW89lRNNGyhx_G6RSI0VVMJeIwQOJnXZpcivYxqSo572H-VzX2VY0FqLjL0xedpvViAa-sNyOgyB4n85pRU0-WZ9z0AJzIAP5d-ZTyghXF47YebGlgo3GPnprHvBxo0-drvNdjlucRo0TbuNgTFhOD6NNV6Lvguhu3abmuNM49Xd_xIk5bsuGlSaFypTkpAdk2tCQ0RVKTTWYjjZPV5BJk1fi9AZTi_gScKFW2P7KtNDhjTzgzm97xAxfmHTHOA1XjdRj5PPFqlngcXRZ63TWtbKC86JmJl6xU5DkWXR3fkau12pt8sQ&cid=CAASJORop1xjPDgOwfBoLrhYwgAoorzAZWPbYVQkH33J9G9S-shAWA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 07:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 07:43:15 GMT
index.html
s0.2mdn.net/sadbundle/14714734884117237288/ Frame 1D90 		17 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
855141b72447ad59625d3b45984ff3c1e829eb5a15bd5bc0da1f8f7263349a2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
212681
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3503
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 20 Jun 2022 17:06:58 GMT
expires
Tue, 20 Jun 2023 17:06:58 GMT
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame A546 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspSD7buffhCkLjRRC7jSvtjiuGhdzCcoj772xsLtoMxYzvEoXVFxjDJeALcDZlzf-l5TITEjL9oGgXClRAMyZvs0AW75o7oTWpX_dNUqAKNRkQxUsXVrcLx7jVqgFEIV2zw1bmZoPrI0kAdpbBbe1WzkSF7xliqHA0QHrECVllU8vgSec7jLNhD0jqqy4-1wbxri-4rQkGMBuIIEHgkELShyu_dCXGsBaZ18SL98AfcPSbFbPyd8cYPttJB9Pqtfa8BcDBiAumHbPH5VgMOaOEE4wAip5vIUP5OCJPfFdGHjitGwFCPmUl3cRSBCx1FS7Hgb6-pBUcVmRThhmZWkLQBiCj-RR-Zj9Y6y7ezSEpIGtGlA54Y74P8k-TAkxKvQ8Sk25Y0FH09rQZ4vsZGOd-lkUMlLspnw1rEa5dwF1Obt1NdOueggJvUtSLsWa6aHl3GGN-v8T9oDOzHc-9LGg3NXOA8LrvZ2P10JHuNkTCOPhk_i6n_dL5prJus16pEq21cHqosl3futZlt_-BRrIuRJNGhYh2rsvMnrXT4Ipfs0jF0zPGnPVYb7eIB1lWakLRRhTMEoiZC9mi2n8ERXSNF2hGN8MP05h9nNdJXTqqbV0w0xwyPBx4fVM3uc8FJnlxBCO6G_dG0JzSzIM6Z7meYTYgleInJPzkh9-Xj4DKYTPY12BsTDNs_pEvc0c--b60iauHU8LtGR5adCiMDxmiIdYZjTb-Ar8U5Xb_LEaw5ra9tfT0qpfj0VkW7y4xW1Gfq2rI0xnFyMuCKeozh8vzPMW0SUyEV4SsF_8qIvBJZUTNp3zsgp0CVR2qYRIx6Cp-C-HRRd3iNQSkRcyb478JcS_4_hei0zxZ6tw2RCbTbQJys542EAixuIMnyyQq6KBULFB1mLUZPBaau_v7oEjpnLJoUghED6gaxUTU1434e4gxx0UGZxdWuSWqfgRGuGse-_Cy973fRKgoLfD8961hPaGsp9yP7iDIGQ0psEn0f02QD3GD515LwNkBuaDY0CkMgki-urIwBOf5cuEai9G2h3_mrXAPc7WCSqHmHlwGl2eRDU4d4Sc8OfB9NH9rDDY6TNI37mAhtcwkc0pKN4oreiMbmbzlGpzIkimaBfB9QPjC0VezO-lMteB_DHGMMoi2KYNEvROYb2CZeZb4ztHQiTAFD9krUvmSZumc1Dwxvt8Y1Y4v3NNQxz-Yg54DUXG1kWkgID2d3k9KUGt9JRAjinV9xv9IqOr2QVM&sai=AMfl-YSdQCUc086T2Cfsetr2v2wKLM2OdFrXryPGqXcwWNsvbGWSqvs7z89oASc1eFHHDxS4VmKxz4rLys-bO_68zWBhNXucENiU-dnYmfgZ1W0UvyCWUxV_0KuSook7Ng3isSTJzh5lFLcNXDf-3MW1-AXs9BIPGxVsgVkXvjeXB4r4CbqQULFNG8PtX5PzcpDIlLx_0otveVI7pRo9vBmhhkS2N7cx-y7MQDGMyAD3bWXBFlg&sig=Cg0ArKJSzCsoyTsjwRC1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=221&cbvp=1&cstd=219&cisv=r20220616.24523&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 23 Jun 2022 04:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B4DC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
73674
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 07:43:45 GMT
expires
Thu, 22 Jun 2023 07:43:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
a.js
mb.moatads.com/ Frame 439E 		351 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/a.js?callback=MoatHandleJsonpResponse_385191&url=https%3A%2F%2Fivona.ua%2F&id=0&level1=24425061&level2=6909169&level3=303945196&level4=151351638&pcode=tuiukftdisplaybs288007166418&tv=359f21c1e97-clean&ol=273284308&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-PVRfgUevl2QD4YpW6R34RpvnDsHp3lN2bOJbBer2APsOGgL%2F6PC5WmU2F3MRrrFWS1qZ&rs=1-1IRrnTcST%2BDrDg%3D%3D&sc=1&os=1-hg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&slicer1=ivona.ua&slicer2=ivona.ua&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatJS=3%3A-&zMoatADV=10150206
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/pbb847483933/bsi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.21.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-21-34.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
87e1f30a61df776164c7d393d2a8206d377459705ba3ee73698bec5fce08b071

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"1308ccd6731755aa8af2861102d324fc80ac651a"
content-length
351
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame 439E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&i=PBB_HC&d=tuiukftdisplaybs288007166418%3A24425061%3ADBM%20TUI%20UK%20189882466-FC_UK_DIS_DR%3A303945196&gw=tuiukftdisplaybs288007166418&bq=0&de=72851734&t=1655957499180&ac=1&ar=6337827-clean&version=v0.5&oi=4&ob=1&na=906176972&cs=0
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:39 GMT
user-registering
ads.stickyadstv.com/ Frame 2AC3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIpK9otIaZiq94Pxr5IImk4&google_cver=1
43 B
722 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIpK9otIaZiq94Pxr5IImk4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGJe-ha8BMAE&v=APEucNVnGGakuVFr7slTTVzYzyZZPF3UjXYNFp2hFO0oGO9kcQ4b7HhuT-EFadNFRAe5UktrLhJq6pviuuqfMrrzKJFb_prZkjwyJvGb3cZZVYw73G7u3qhaXFvpO6xERtMPgDViOjbUl3obwKikg14k_OvoRZrHP-tlufdsRjTXfaJ3iz8ywdI3CPeC7N4oF7-6z2DcaOGu
Protocol
HTTP/1.1
Server
2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Jun 2022 04:11:39 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1655957499143087-548
Expires
Thu, 23 Jun 2022 04:11:39 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEIpK9otIaZiq94Pxr5IImk4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
317
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 2AC3
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=11
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmRlOWYyODM4NGFmMzc4ZDIzNzQyZmZiNGZiMzA1ZA==&gdpr=0&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmRlOWYyODM4NGFmMzc4ZDIzNzQyZmZiNGZiMzA1ZA==&gdpr=0&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEJq67dUCGJe-ha8BMAE&v=APEucNVnGGakuVFr7slTTVzYzyZZPF3UjXYNFp2hFO0oGO9kcQ4b7HhuT-EFadNFRAe5UktrLhJq6pviuuqfMrrzKJFb_prZkjwyJvGb3cZZVYw73G7u3qhaXFvpO6xERtMPgDViOjbUl3obwKikg14k_OvoRZrHP-tlufdsRjTXfaJ3iz8ywdI3CPeC7N4oF7-6z2DcaOGu
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Jun 2022 04:11:39 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=MmRlOWYyODM4NGFmMzc4ZDIzNzQyZmZiNGZiMzA1ZA==&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1655957499158063-552
Expires
Thu, 23 Jun 2022 04:11:39 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F936 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ag9A5438HQTBNLXE6oJ9_G3XZiNodCH0OVOmZi_2WSSbqaaO5ejgxCOqyfBg41HlcrXeFQzQb2o6Q-RvhBTlb9VPcTgcMh2idxD_yN2UKfVH8cA2dRLUGkHyG_3flQfO1zcrnQ2yHFmgSYwYmKuv942kPylg&cry=1&dbm_d=AKAmf-CSmK2YWgBQMJzjSZ6bSUxoN92Gzi2wgBEW_EBnw3MuKa7OIJ87yDUghzr_KS7aiGEGbd25cI3uPDAMXKnqEuygLcb3SD0kGUH50CizfY_L6An3rvrRG9Ln2E1P6ybgO2lbjFft2v7OCAttyWH75D6OVvVmzrLeLXV6ntw-HAe7Cdo5vMkKlFw543Do2LpA_uLjjYcdSmYRqfQumK20_PlagxGoKTlrDDpGum_rD7WOo-XoOPPltDDPjrPAE1KxBBUwJLYtrj0C7QLh9WASEHanLuFXbIBmW1CyBVh_HepOWqzL1uFZasaxrNVTpn_CA1jtpoPyRzxDc6kC-PGbHPcPMAwgribT30B24fVoEX0jEREEYQSOqKsVkl04dIUupo1Uqh3erJllg1oBHszrxpDZ-TsR7BLmyOi0yl25LBdMfz-1i0SOC9dtabYUecZxe3L1inkXxqCtFTzRVsDh61KlaSWGLRuSpF4Q7_Ngj79O6Hf3XdYoeO2E9xYNLYdQhPraoAzjJEhNLDMeXUqcaaUfCgjWhqRHCxKPdNU2fuFGqbqjIj_2AgvVtO_pnNp6oscyQlcyAyNqcQENaXH7wyeAm9sC92kSAUTiMYUFxB7UStY4zfeBuPu-kb6mIvUR8MRZI0d3YNvMW0iSorW6r6rbKNGkfTBsaPO5ow4D-Ce-BGZh84v1EvMBzwm5knmWR3Zpm448BSOmtW1EBHOgHaKY5EXlaDLBUaxCV_ZWD18xzvUmD8JLNfG_O4MNOe0R_sjs-60PXMWxAp6Cs1NLOZZaxBm_dtyYSd2MdnqGAK7MNANAvihOVnkn8EEC7q5R2LuapC21Iv1jKzQAF4N0WreTyKnUL9WaVYOY7-0IMGpwCr8T1H4ejAsxbrzHy1Wbzz92BJjIC17D9zVZmtTXbWnuPHB1IPfy4JIA2Pq2Zs227sNaxoqEJ0SMhEZ08x2Mfy3eq45jSWlONUYKcixQgArBrfgwjIaLUd-XMOqR0fmYQBfoZbcgiaFaTgHFNtyDkT4L4aRwjKwy4Wi_3J-mW8K4_jf-iWM-n-K-mcpq7_1D4KdSoBnFdrL7crk7QQI5YJd5sfN_UfO7mcN4zobLKN8mepzf0tNG9tyyPtQIPwlPiFguxTiM3dytIPJs1wX6PQHlKrz9VeOzPp9WcftLzBmGZ2nCk2vtNTW_wHUyQ33pDKHmLkunpS13n6pwwYbPO6v3Me5-8t8WDDsnDU-KZ8o_RrDGfyJyf94FgwPh35Fl64hIKO7E2Zrz53kgPqfhZ4ptJKeJNxRMZ87oIbQRTVmldZ-Rz1L6NqAXQeYv5YfbVaB8JiwA9DWGfCD2VEP1cotJDw5W6JwPf8D88J3QjFNjne1hSOJJcSRIHtvMtpdaVb6h-Lf9Pjxb9ybjVzenIykS0D0_DPr6rbFXoIpxuk-ff2glGiBMOV-F1y6GFajdLC9gj5UJ-X-ZJ1Vi8oGp7hkIjAhxrxA7WFoi5nFHeSVXI-mFjahOJ9tKryghpUznAXDd_SbZxU8IZvXnK5R6LXm79wDWpJXgQ940YHQzt8Lsuzv2k3dHclF7DfJShu5M41_pSYRaE6yFxrUNF3uW5xDH6X5vcwImXnXVE-CMtff8rYLFIoWN8YnQIn-mzcVNE2uz4IAmwY6x31nVb3wwLUzWnRPrZgj-5aoKFcQRgTEmPDRO9mIQrqzCbQO4OcyiyWAzBxoAT74TDIpjf-OCyOnqZA9M8uxGKPf_piK-GtkvM17Im1qRnqTHJlEADLhol-IxltwS6juKTf5YHbSHEnal2ZAKBRsrxtjVR61YR6PvXfe-RfyjL49SR0zHtRP-awEgcaYBfNIkLyUF6uhFHHFOO6XE_wq731jfcmLBX1GQdxIT5-llF2qD48xUFaz9-aemSIcm8XgQfogsEQ_KXfGgyKN6SRIU_xrd5_SLe8nVMh3eceOZuj7JDBfm87q41QLv5Y9uxuo67QdTpuo2nsbpou_UVodS7oH1ut-12Ddrj8RrY3n7ueRSuXn5G0Fr1TWUAECv3pSkZFopaUWz7Zr0UyYeyqFVOY7T40pZ2_Oi1x4lFd6hvjO5jnYMtIROZlxSn86s1WlSwwLAG6MoW2EieYH6TlBfgFZ_kOyqh2V-ECIlOF4VypDuehSb3bS0UoNYZheHAGtoEj4qx-uCGn1ub8KYi06p9t_SyUtYRhQx29V9-5l2tICHdaFotFeIYOFuS96JbTepKPvgGTyPL7xwZydFsA7haB5aC69QVApIJ95HlSjMnBfK_dc-_kyslxhniYU2pNTnB8VTQkt8B0IfuyS3vFg0s2kl3XXDL_Y4JA0zMOuLscO-lwJCE4g3yQv-M1Xxqdvjn5tRRz5gg8_EOwnFDlQMMHXK1ZSqkzdJKbjb6IepxgmCobhDBaSN0YqWIZ1hxkFsDjDr7tZAiGgr7TE1TC19jV_PitXxlDQuBE0sJQVgyVEGBggxyIIP2I5-R8FViu4yxivu0qox2O-stuKhy8Cnwp1qOS71TCFOQJxxjoWXCxtCqAXReKsKN9xiEoiXALkcsVHZuxdt-UIUE1K-DLkhR12NosB_o6QD-p7jK-bm95UAOMapPn7bToFZBVWd0fepXnGa-eBw9nBXtQrr&cid=CAASJORoXm2tJ01_c3Ipmdy_nv68U0YQvZ1kgob6MGDhtwHWO86jaw&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 07:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 07:43:15 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 50FB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CO3hj-eezYvK1IdiT7_UPls25kAjq4pjkarbKxLPKD9SEu_uaAhABIMbgi3lgu4aAgNAKoAHwg_bbA8gBCakCL-A93aqStD6oAwGqBMIBT9CnIhsI__xCA4S33q_9CrUgzNSYB9tDy8hOIEqFpsUWIzu-0mrXemtwdl3fqM9eXhw91BK2q8vAIqnbZhXNWMyNJ58-JfQZoPVjmYuTn8KhR4Zj4_Z90tsYH0u2Q1MbkKG7dQCY5_GFQkAj9ePYzvJX4-klTQ3yCwyG3RWjsrGrZqn1ASSVnrcNv_s7KL65u34i2zHfY0uWrfB7OW0jzfnSPXk-3WAwFRb6Jtvk-u7OORqNj-Btm1U4-6DnT1QiSqbABMepwcL4A5IFBAgEGAGSBQQIBRgEoAYugAf4-4kkqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4dsD0ggRCIDhgHAQARgfMgLrAjoCgECACgHICwGYDLqp84n8A7gTgwTYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItMzc1NTY2MjE5NzM4NjI2ORgA&sigh=r5vmzfL7S2I&vt=1&template_id=515&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1655957497&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655957497194&bpp=3&bdt=732&idt=247&shv=r20220616&mjsv=m202206160101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8034334843283&frm=20&pv=1&ga_vid=545246093.1655957497&ga_sid=1655957497&ga_hid=987638063&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31062931&oid=2&pvsid=3142203581033101&tmod=1245563928&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2xWq5tt5S8&p=https%3A//ivona.ua&dtd=252
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Thu, 23 Jun 2022 04:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 50FB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst4aDo9_jQXaWHuhTjliWv4efm7txKsqYfvMTUYYYrHFalevQbNREPrOPaZLQwA9-ejuX-CkWqM-FU_wfQ5Egc8y1TsiytIme_V3CuLxSPsCM0qq1GRkByb1dDAPaWxpjgTSalLCcxrCYTn2m-wQmDVSA_GjI2kWj1hboZpxW1UFv6JSpO-eg&sai=AMfl-YRAYGQrDjeTB01qhiZ00AWGHFJxRnrOrARn7BCHoVVDE-quEl0aPeWJN25uPzaurWz-jO289mZegKv0&sig=Cg0ArKJSzKJYyOPixsQ-EAE&id=lidar2&mcvt=1063&p=0,0,90,728&mtos=1063,1063,1063,1063,1063&tos=1063,0,0,0,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1474189199&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&pay=1&rst=1655957497446&rpt=706&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
google2waycm.netmng.com/cm/ Frame C7ED 		0
0
pixel
cm.g.doubleclick.net/ Frame C7ED
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_push=ARnp8GCa4dMTdVmNaohxrEbzEQtjqgwu_BLLhqvfeMZ5y-xEa3SpDGnng9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_push=ARnp8GCa4dMTdVmNaohxrEbzEQtjqgwu_BLLhqvfeMZ5y-xEa3SpDGnng9f8wAcSFUYIIk01mauSA-5dyxWFgkLkAAFCB7cbtchp
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1655957499.320703,VS0,VE77
x-served-by
cache-lcy19241-LCY
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_push=ARnp8GCa4dMTdVmNaohxrEbzEQtjqgwu_BLLhqvfeMZ5y-xEa3SpDGnng9f8wAcSFUYIIk01mauSA-5dyxWFgkLkAAFCB7cbtchp
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame C7ED
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEvzZQdE5OKX1fFzlI5ZAGY&google_cver=1&google_push=ARnp8GCwaQ_Y2tWLnv4Ilc_n5X_AD4KKcxFJdJreppuHAbXmtJ0__hWZVxOryl_TDl8D7MVWJOYPhbSfI4PIjUZJ-hWg0s4...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCwaQ_Y2tWLnv4Ilc_n5X_AD4KKcxFJdJreppuHAbXmtJ0__hWZVxOryl_TDl8D7MVWJOYPhbSfI4PIjUZJ-hWg0s4O29TynA&google_hm=Njg0NjQwMzk1NTg0OTgy...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCwaQ_Y2tWLnv4Ilc_n5X_AD4KKcxFJdJreppuHAbXmtJ0__hWZVxOryl_TDl8D7MVWJOYPhbSfI4PIjUZJ-hWg0s4O29TynA&google_hm=Njg0NjQwMzk1NTg0OTgyNzEzOQ%3D%3D
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Jun 2022 04:11:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCwaQ_Y2tWLnv4Ilc_n5X_AD4KKcxFJdJreppuHAbXmtJ0__hWZVxOryl_TDl8D7MVWJOYPhbSfI4PIjUZJ-hWg0s4O29TynA&google_hm=Njg0NjQwMzk1NTg0OTgyNzEzOQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame C7ED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtZmNutKb-W4gS6_QlrpJE&google_cver=1&google_push=ARnp8GD56OWUBuNmX4hXF8_Ye_K2SnytoWO7vaB9Tq1G-15C8tBWsXf05ZyXt3CjiWKrLsyCPXW...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4M1QtMTktTFYwQg==&google_push=ARnp8GD56OWUBuNmX4hXF8_Ye_K2SnytoWO7vaB9Tq1G-15C8tBWsXf05ZyXt3CjiWKrLsyCPXWyFMGGOuekidRbudhri4dD6t7yrA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4M1QtMTktTFYwQg==&google_push=ARnp8GD56OWUBuNmX4hXF8_Ye_K2SnytoWO7vaB9Tq1G-15C8tBWsXf05ZyXt3CjiWKrLsyCPXWyFMGGOuekidRbudhri4dD6t7yrA
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4M1QtMTktTFYwQg==&google_push=ARnp8GD56OWUBuNmX4hXF8_Ye_K2SnytoWO7vaB9Tq1G-15C8tBWsXf05ZyXt3CjiWKrLsyCPXWyFMGGOuekidRbudhri4dD6t7yrA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame C7ED
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELktczQSmbqWLwa4Qn5FNE4&google_cver=1&google_push=ARnp8GDd0BVShA5r_FLaKe7A17QCeBlZ3XZLBwjfNjkoXxZsAb2HGMWF4zcmflNbHVs2Mpr6scjKGKw7zf586tWp...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GDd0BVShA5r_FLaKe7A17QCeBlZ3XZLBwjfNjkoXxZsAb2HGMWF4zcmflNbHVs2Mpr6scjKGKw7zf586tWp94dwq5en3mbFFw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GDd0BVShA5r_FLaKe7A17QCeBlZ3XZLBwjfNjkoXxZsAb2HGMWF4zcmflNbHVs2Mpr6scjKGKw7zf586tWp94dwq5en3mbFFw
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Jun 2022 04:11:39 GMT
via
1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GDd0BVShA5r_FLaKe7A17QCeBlZ3XZLBwjfNjkoXxZsAb2HGMWF4zcmflNbHVs2Mpr6scjKGKw7zf586tWp94dwq5en3mbFFw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
zGS6E7WXaWp75OCnxGbW3C7J6lDwOiRdSLwjZfp5rxc9R8g85gpD4A==
pixel
cm.g.doubleclick.net/ Frame C7ED
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJt5ZV7Wo7-YtL3NCcv2LL4&google_cver=1&google_push=ARnp8GCtRxxGw0BX_41KepNWVcpSJa4yPK9KKIdknxJHR2TjA2D5ZE6V-IdDOEa1GX_Pu_xeuRUH8YZOVE-f...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCtRxxGw0BX_41KepNWVcpSJa4yPK9KKIdknxJHR2TjA2D5ZE6V-IdDOEa1GX_Pu_xeuRUH8YZOVE-fejPIbj892bsI_lidfw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCtRxxGw0BX_41KepNWVcpSJa4yPK9KKIdknxJHR2TjA2D5ZE6V-IdDOEa1GX_Pu_xeuRUH8YZOVE-fejPIbj892bsI_lidfw
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCtRxxGw0BX_41KepNWVcpSJa4yPK9KKIdknxJHR2TjA2D5ZE6V-IdDOEa1GX_Pu_xeuRUH8YZOVE-fejPIbj892bsI_lidfw
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
0.gif
id5-sync.com/i/495/ Frame C7ED
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEAqlR8PdNG83JbrOjaLmads&google_cver=1&google_push=ARnp8GDl_BuKf8ZH_evzhxsNIQGEVQ7mQn_8N-5kfjAvP_V8JIuINNbJsUJu2JNz3cLjuUHavoF2VODAMxnsVa9U50AYyaNYqSo3PA
  • https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DARnp8GDl_BuKf8ZH_evzhxsNIQGEVQ7mQn_8N-5kfjAvP_V8JIuINNbJsUJu2JNz3cLj...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DARnp8GDl_BuKf8ZH_evzhxsNIQGEVQ7mQn_8N-5kfjAvP_V8JIuINNbJsUJu2JNz3cLjuUHavoF2VODAMxnsVa9U50AYyaNYqSo3PA&gdpr_consent=&gdpr=
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
141.95.98.69 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216534.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"

Redirect headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
date
Thu, 23 Jun 2022 04:11:39 GMT
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DARnp8GDl_BuKf8ZH_evzhxsNIQGEVQ7mQn_8N-5kfjAvP_V8JIuINNbJsUJu2JNz3cLjuUHavoF2VODAMxnsVa9U50AYyaNYqSo3PA&gdpr_consent=&gdpr=
x-xss-protection
0
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept
content-length
273
x-content-type-options
nosniff
attr
cm.g.doubleclick.net/pixel/ Frame C7ED 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jn7Nthzztd5mAG2MphR1i2AuShMdGLmKkCBs4RjXJyB917fIhGCT5L-j3QLZLAuTMX8fG1hQ
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame CC44 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Origin
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 07:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Jun 2022 07:25:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/ Frame CC44 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuW-GfQi_yELlPxNxbaKEf1TmxtQ3fmkdX7I3Fvn4mgrz7bAiMXN48kfvrcArT5sDao3gmgAtPSFDvdDtLrpYShoXds_6fe5TM-_znmDZYq_g3GSpCeKGtiV7E6Y39q6D-4FHf82aoeaif1tZjSfqvRbuNJQ&dbm_d=AKAmf-DoNMIe_1EvdBh3HNsqCGAKgxB2q4ygUC2SudY0-19qk3AqfrIj4AEWePmJDXw-e8jap5W8yGOJ_IXh81PnAINVBQL1FiZvWZtT8u2WlyjnRwNu3JycZOzLJrTERrizhd7QDM3DevkhaPK4a-4DFubINk4vFde079E-8tiF3wnRmrbKn7p5PzNaJRyWYWobCoVzDeL33wFrtkMW0Z8adCgJ8HynIdWuTj0zwcG_58Mj96Eb4ngrgr90Tkvg7q8T4VHhXzSEwLxSlHbywexEv-Wc1mEEJRSTRHH6eWlt5WAQ26b99ozymzvyAXXOf4OKksugpvHHa9-hztUcga-bmE2emlOvrhGPLjLVQ8AZb3EwVx651ddNDgU6eWCMqUgiLr058wgI7jWcuvCr5qT2zgu7Rt-RnCYJ2F8CKrtUJ742WvEWwCLsOpUvkx02s5rfeBRxXKnN0KX_ICJI7FCzUxDjThuAF6VyoD7F5NA_Nd2q1JqXUbqel0jbH4xUDSvhwSKzjuENBTww62g9eS6kXJ-coHkWj-TtnJZAAXVOPVCnb3IAkDZm4kytZW8UXHBf8WuDOE8Kr6weB4Soqq6JVORJ-usihZKBp1NEZ8jUEPF90f3c-lw_UQ4ekB4S7yOudtxmAk_hdPWvRH1tCu27GYVjenZXsZeXDMaj3ebWo0zCx8VfM3yrtYo8X5gK65cN5Uv0-LoQwbVLR-CXVHwpqjeZYoHbyjGw10JuedxyXs0do5L_nm1uIixuOZ9JxEFm3Zn09g18eS8iKnuUzCH3E1sp2naa07hXk-OhsZrK7sVrUDqBbHf6dMfbsrOWmc2gT5QZKNidQBIv5V8AyLkqW_YKF45PyVofcJrzQ8ccCJIyaBzLBswad4lah-BeATSU2-geYfauwVzgxNNj-bew6MSnoqlPd4Ibcq0LdSNeK9hWXeSnZB1veYNIN2wz28OuyVTCEO2hRS_wU5bAnJFA2cze5vdFu5pk8FVdDYxs_UPOxPo5-dTJ-zFbnLWhJ2hd8u6isNfGw1JfPN_Rd4dgeXeDDpbZTHoNxPFm2PBs-n-PEkBQvImybuwCknVTh53QyTniB18Oa10noo5dHGp_tMGoHPAD7YJ4Kj3OYFvMtuBqZxVy_9NrsEhFuD9nMVU4LfZY44LqFUPEouTX6OjGbIj2x_MRSuiyHjaM1LV6HtCEltV6GQP3zehquh_gAZLbvdLfuk1J5vY1QggYW2v3z3Ko5gUOLictD3NSzk1RMtVTZtHq9xIctGr0End11QciqEgBTnruhKpXE_HbMdS4JadrwzyB4CxlCSn8UgNT7q5YMCyR_R_XJNGIZ5uwI5FSO-aL7lWHq-WaJ8zbkZfotNKHw2LldZNeWAZ0wvsXWaZ0Unh4d7Cy0Crm7odrcJyt3aoAKf2T81dP0aRKfHLpZ7F4b4zi3nDUAvkNtHpO1cFtg4ohEOWqdsyRIyOqoIsnMZxkCK1hu1ZNpqgeH5_vvqukpx_syAhL9nGqUEs9Oi4Sj3g6GMy6INPQlyyV6f7-N63BOnOySOsI2RfWbHjN9imcmXqIgVKf7PLHQRa-u1mgoviay6PceJDWtK1s-f_k1KtNmRXHtVY5fNL0xrp-aotZ7tNRrn7KLbfnmH8ttYEHhnftTfV1FdIG_3BWVhw3y21GNo93fdnOJMmVoqmT5dkNp5We-Bng9XDVPGcLwjnQfAaGqVFPxClc5uUnPB_t3vgKaby86uRm0-NhhAIe9Fu2gNVykhuitt_wlwknLz7ddVKYYGKUKDue-swZwX90g6XfhoQ4374qnsPsPtTgRoVZssmVao6p_YVon3kLx2B7gt8Re2gSCYgc1zCqo9ZAt8ybBdcpuldr0CgszBB1t0reVFI3-0pEwmB3nZNfJosiXM0AjKYmY2ErhCQya5AI-3MyhVAow0YfaGRFnofDK1h5Z2oCJaSv5lYOhS1W0RgpkQBN034t3iO9eGZKppp18pjfoMstR6AeO-FCvQaOc0mJBizITVCjj-MqLDqLmTLB2igf8uFfoHytThU_DEJWBqhgyHCsAp2j2pAmzC9lPt4EsUdQw1IQPwKSKEXOUYJQoHteSeqrI2KDOf_AlehgpYrohRw3TbS6FOyIi7mbsHPETLuqA0-JZmL35gBHl56JpkDb8q5degYwAj0BW74IqMHoEyaLzhVduT5Qytck5sQAml6R8YCr7iuuNzpRZjownRGu6P4ofXEJhSDlZA6ClERDQkcX6eCsZUnTLXNFO0QYI5mAJhqR5NaOJ-6RuID5FLepqXh8QRJXacYKCpFBE21Z9P4sh04dvb1s_PgHDy6GqI8SrlEeoZ2vlDDEThNbz7_8dpESKDIDMPuXgTz83r30CfSQSSUL3g66SqpTcAON5EIlbkBMCjZx9PTGVl859_SAA6BwwZ7XK4sc-10muKZpM0lttZhB091DkyfzozhDorut1N1bDlbKXJw2HlYcMqLNA6bWYaNwDC36rTlhJ8FB-ayj2mzRyAWBDuQViNpfEdEi9arkJXbiYfxhXKB4moC7WkpWcS0sEsT6N_7cAtxtKmsawTxEMx-cgVYirhg7xBj9jHtc6VA4RaBB0WywnYZKLYqCbpaRdi_iP9KqUJNVJ3HxVeQwtg4dycPTo5mjecbTLIxDGd1eFfxFVBSA_y9Aa16fG64RkCVvKKqKJvMe2jKJA1D9lSvvh18M9_J06OPLcNeB9gB0isVJwzF0ESxFMdTpPaRVvHI1wtVcA9RsGnPpyzFRxpmy1NroBsTJX5yyUdUpHH-KI8fFF0AQdlFzuwcVRNKB9w7P-a0t_yr4nuFba8nD4uCKBUMxjuBVtnbLCclhachVslfHMh6VjxJzARrq1AHV9WVt8MRfHBUGwsFsgSpVfVV8SrvhT2uexbDwX_rVhS84LObdxCDpUqWbu9-FPz0dD975CKjRlkRpaqk3pNts5kr3v3KsIBXPBKeT0JKxJB5rjm-Sp0c-cil_4cnTdi_DJZPAX6Ml7vdjyeCHqsrRESrEfnNbiHZSpJe0ubaoEuo0NduMa6HH9yu-2RuaUSnw7XO0Y0C4JEbxmx2IR8wTCZiHU8RyvMjlTq_SqVE_g_p801tKybdebS7AJvtNgH_iISKz6_E90cJcrFnaUDTUAa05Pq9cPA_poVAb-IbJ5Mgh89l-VCgSVoahbQrwHEXzPXw7wVCucpXyPrtFCD3UiIl5lRvX9-qRgKUakibYIWaKY5v97emvuIGGbQ9Fooh5GWkpJdBRPpOTUyBCn4V2S1FfF92-_eBYSaslH5ciPPQfGzcIE1xmVuoKxue_7qYbaMSqa481kEUZw9i-B6k1YILvfihnh8r_UdA08kvxHf_xWqGI-HP3BQu0IcTfu3DJtM-xa0VZ5LR5qiezdT8z6oHHhQZ8qMKeJa5SIchc_tYhmv10WcjpW3LgZ2He39RQ0dJW0bMKLclH3Wd-LW_w5OklqAhcUYEfPbKdpRHnRvySPYMZP6mM9IC3Ugjt6F1O068Y-gyqk5yTodj93oY3TmmY6Qn3Wm752xw28w&cid=CAASJORoY188lSbBWiGs1rEBiuA2Lw1qhLpuWOmYB2L8E7jU2LBrcw&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:58:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame CC44 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CuW-GfQi_yELlPxNxbaKEf1TmxtQ3fmkdX7I3Fvn4mgrz7bAiMXN48kfvrcArT5sDao3gmgAtPSFDvdDtLrpYShoXds_6fe5TM-_znmDZYq_g3GSpCeKGtiV7E6Y39q6D-4FHf82aoeaif1tZjSfqvRbuNJQ&dbm_d=AKAmf-DoNMIe_1EvdBh3HNsqCGAKgxB2q4ygUC2SudY0-19qk3AqfrIj4AEWePmJDXw-e8jap5W8yGOJ_IXh81PnAINVBQL1FiZvWZtT8u2WlyjnRwNu3JycZOzLJrTERrizhd7QDM3DevkhaPK4a-4DFubINk4vFde079E-8tiF3wnRmrbKn7p5PzNaJRyWYWobCoVzDeL33wFrtkMW0Z8adCgJ8HynIdWuTj0zwcG_58Mj96Eb4ngrgr90Tkvg7q8T4VHhXzSEwLxSlHbywexEv-Wc1mEEJRSTRHH6eWlt5WAQ26b99ozymzvyAXXOf4OKksugpvHHa9-hztUcga-bmE2emlOvrhGPLjLVQ8AZb3EwVx651ddNDgU6eWCMqUgiLr058wgI7jWcuvCr5qT2zgu7Rt-RnCYJ2F8CKrtUJ742WvEWwCLsOpUvkx02s5rfeBRxXKnN0KX_ICJI7FCzUxDjThuAF6VyoD7F5NA_Nd2q1JqXUbqel0jbH4xUDSvhwSKzjuENBTww62g9eS6kXJ-coHkWj-TtnJZAAXVOPVCnb3IAkDZm4kytZW8UXHBf8WuDOE8Kr6weB4Soqq6JVORJ-usihZKBp1NEZ8jUEPF90f3c-lw_UQ4ekB4S7yOudtxmAk_hdPWvRH1tCu27GYVjenZXsZeXDMaj3ebWo0zCx8VfM3yrtYo8X5gK65cN5Uv0-LoQwbVLR-CXVHwpqjeZYoHbyjGw10JuedxyXs0do5L_nm1uIixuOZ9JxEFm3Zn09g18eS8iKnuUzCH3E1sp2naa07hXk-OhsZrK7sVrUDqBbHf6dMfbsrOWmc2gT5QZKNidQBIv5V8AyLkqW_YKF45PyVofcJrzQ8ccCJIyaBzLBswad4lah-BeATSU2-geYfauwVzgxNNj-bew6MSnoqlPd4Ibcq0LdSNeK9hWXeSnZB1veYNIN2wz28OuyVTCEO2hRS_wU5bAnJFA2cze5vdFu5pk8FVdDYxs_UPOxPo5-dTJ-zFbnLWhJ2hd8u6isNfGw1JfPN_Rd4dgeXeDDpbZTHoNxPFm2PBs-n-PEkBQvImybuwCknVTh53QyTniB18Oa10noo5dHGp_tMGoHPAD7YJ4Kj3OYFvMtuBqZxVy_9NrsEhFuD9nMVU4LfZY44LqFUPEouTX6OjGbIj2x_MRSuiyHjaM1LV6HtCEltV6GQP3zehquh_gAZLbvdLfuk1J5vY1QggYW2v3z3Ko5gUOLictD3NSzk1RMtVTZtHq9xIctGr0End11QciqEgBTnruhKpXE_HbMdS4JadrwzyB4CxlCSn8UgNT7q5YMCyR_R_XJNGIZ5uwI5FSO-aL7lWHq-WaJ8zbkZfotNKHw2LldZNeWAZ0wvsXWaZ0Unh4d7Cy0Crm7odrcJyt3aoAKf2T81dP0aRKfHLpZ7F4b4zi3nDUAvkNtHpO1cFtg4ohEOWqdsyRIyOqoIsnMZxkCK1hu1ZNpqgeH5_vvqukpx_syAhL9nGqUEs9Oi4Sj3g6GMy6INPQlyyV6f7-N63BOnOySOsI2RfWbHjN9imcmXqIgVKf7PLHQRa-u1mgoviay6PceJDWtK1s-f_k1KtNmRXHtVY5fNL0xrp-aotZ7tNRrn7KLbfnmH8ttYEHhnftTfV1FdIG_3BWVhw3y21GNo93fdnOJMmVoqmT5dkNp5We-Bng9XDVPGcLwjnQfAaGqVFPxClc5uUnPB_t3vgKaby86uRm0-NhhAIe9Fu2gNVykhuitt_wlwknLz7ddVKYYGKUKDue-swZwX90g6XfhoQ4374qnsPsPtTgRoVZssmVao6p_YVon3kLx2B7gt8Re2gSCYgc1zCqo9ZAt8ybBdcpuldr0CgszBB1t0reVFI3-0pEwmB3nZNfJosiXM0AjKYmY2ErhCQya5AI-3MyhVAow0YfaGRFnofDK1h5Z2oCJaSv5lYOhS1W0RgpkQBN034t3iO9eGZKppp18pjfoMstR6AeO-FCvQaOc0mJBizITVCjj-MqLDqLmTLB2igf8uFfoHytThU_DEJWBqhgyHCsAp2j2pAmzC9lPt4EsUdQw1IQPwKSKEXOUYJQoHteSeqrI2KDOf_AlehgpYrohRw3TbS6FOyIi7mbsHPETLuqA0-JZmL35gBHl56JpkDb8q5degYwAj0BW74IqMHoEyaLzhVduT5Qytck5sQAml6R8YCr7iuuNzpRZjownRGu6P4ofXEJhSDlZA6ClERDQkcX6eCsZUnTLXNFO0QYI5mAJhqR5NaOJ-6RuID5FLepqXh8QRJXacYKCpFBE21Z9P4sh04dvb1s_PgHDy6GqI8SrlEeoZ2vlDDEThNbz7_8dpESKDIDMPuXgTz83r30CfSQSSUL3g66SqpTcAON5EIlbkBMCjZx9PTGVl859_SAA6BwwZ7XK4sc-10muKZpM0lttZhB091DkyfzozhDorut1N1bDlbKXJw2HlYcMqLNA6bWYaNwDC36rTlhJ8FB-ayj2mzRyAWBDuQViNpfEdEi9arkJXbiYfxhXKB4moC7WkpWcS0sEsT6N_7cAtxtKmsawTxEMx-cgVYirhg7xBj9jHtc6VA4RaBB0WywnYZKLYqCbpaRdi_iP9KqUJNVJ3HxVeQwtg4dycPTo5mjecbTLIxDGd1eFfxFVBSA_y9Aa16fG64RkCVvKKqKJvMe2jKJA1D9lSvvh18M9_J06OPLcNeB9gB0isVJwzF0ESxFMdTpPaRVvHI1wtVcA9RsGnPpyzFRxpmy1NroBsTJX5yyUdUpHH-KI8fFF0AQdlFzuwcVRNKB9w7P-a0t_yr4nuFba8nD4uCKBUMxjuBVtnbLCclhachVslfHMh6VjxJzARrq1AHV9WVt8MRfHBUGwsFsgSpVfVV8SrvhT2uexbDwX_rVhS84LObdxCDpUqWbu9-FPz0dD975CKjRlkRpaqk3pNts5kr3v3KsIBXPBKeT0JKxJB5rjm-Sp0c-cil_4cnTdi_DJZPAX6Ml7vdjyeCHqsrRESrEfnNbiHZSpJe0ubaoEuo0NduMa6HH9yu-2RuaUSnw7XO0Y0C4JEbxmx2IR8wTCZiHU8RyvMjlTq_SqVE_g_p801tKybdebS7AJvtNgH_iISKz6_E90cJcrFnaUDTUAa05Pq9cPA_poVAb-IbJ5Mgh89l-VCgSVoahbQrwHEXzPXw7wVCucpXyPrtFCD3UiIl5lRvX9-qRgKUakibYIWaKY5v97emvuIGGbQ9Fooh5GWkpJdBRPpOTUyBCn4V2S1FfF92-_eBYSaslH5ciPPQfGzcIE1xmVuoKxue_7qYbaMSqa481kEUZw9i-B6k1YILvfihnh8r_UdA08kvxHf_xWqGI-HP3BQu0IcTfu3DJtM-xa0VZ5LR5qiezdT8z6oHHhQZ8qMKeJa5SIchc_tYhmv10WcjpW3LgZ2He39RQ0dJW0bMKLclH3Wd-LW_w5OklqAhcUYEfPbKdpRHnRvySPYMZP6mM9IC3Ugjt6F1O068Y-gyqk5yTodj93oY3TmmY6Qn3Wm752xw28w&cid=CAASJORoY188lSbBWiGs1rEBiuA2Lw1qhLpuWOmYB2L8E7jU2LBrcw&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10546
x-xss-protection
0
server
cafe
etag
1672864604874404814
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:58:56 GMT
container.html
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EAC7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:38 GMT
expires
Fri, 23 Jun 2023 04:11:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=eWtWeVpFWUJIMG0rS0krbWxuZ1hvSkI5Um9iZG15Tjcvak96L2NTZFU1NEFxUWgwUHJtN2U5MkwzTmdueHdLOHR3ZWlzNzRlb2Ruc3haeEZMRk91bnZoUU44UTFRMm9RVUlmQmVhRStsUW0zVjFMT1ppcFpYNkk5WVpSVGVCZ3d4Rzh0cGlVU2gzRjU1dWxhQmJOaCsrT1cyZ3dsSmplNjNkNEh4SnRJWlJJbXJlQ2s4MXBMTDRKOXlUL0tjaEdpT1NCM0pyaitqL1RIOW5BaTkxNnlvMnhLUTU3eTJIY1FnU1VmSGN3V1ltVlB6bXhkYXFHSklYcDZOS3FmSzdlL2VSZEdMSEt3SXZoaGJkQ20xL3JjdFE9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F1D1 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
80275
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 23 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 439E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bd9cf43c6e0a4a530208c996f328ea18fd7803124ada09d39093e3714835b04a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
bsi.js
z.moatads.com/pbb847483933/ Frame F936 		51 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/pbb847483933/bsi.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f1f875833ddb7ecdb962369413465f1a6fff8a887398966d2d248e5a4d34e817

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
gzip
last-modified
Thu, 10 Mar 2022 18:39:25 GMT
server
AmazonS3
x-amz-request-id
66JCQTHFSEE3Q7T0
etag
"302acac31c108dadcd3aed706c8787a1"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=22621
accept-ranges
bytes
content-length
22862
x-amz-id-2
PYJaKYERr9d1HnSqIFmUvzQy+I7yKsUrtZnCZ08zkCAt0Dna1YxzP2INzOMyd6ib84PLD9uLV8g=
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E6C4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
73674
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 07:43:45 GMT
expires
Thu, 22 Jun 2023 07:43:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
google2waycm.netmng.com/cm/ Frame 20F4 		0
0
pixel
cm.g.doubleclick.net/ Frame 20F4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtZmNutKb-W4gS6_QlrpJE&google_cver=1&google_push=ARnp8GCnmlXoX8WTREPjz2Szi9tfnVHIDDPbVwKLKE5KCtHuxCPA_MgwP_4OyLxI1Dcg66I_f1B...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4NVktTC0yTjVK&google_push=ARnp8GCnmlXoX8WTREPjz2Szi9tfnVHIDDPbVwKLKE5KCtHuxCPA_MgwP_4OyLxI1Dcg66I_f1BLxFo165ukUSRxQTeEfuwHvjEZVg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4NVktTC0yTjVK&google_push=ARnp8GCnmlXoX8WTREPjz2Szi9tfnVHIDDPbVwKLKE5KCtHuxCPA_MgwP_4OyLxI1Dcg66I_f1BLxFo165ukUSRxQTeEfuwHvjEZVg
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4NVktTC0yTjVK&google_push=ARnp8GCnmlXoX8WTREPjz2Szi9tfnVHIDDPbVwKLKE5KCtHuxCPA_MgwP_4OyLxI1Dcg66I_f1BLxFo165ukUSRxQTeEfuwHvjEZVg
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 20F4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJt5ZV7Wo7-YtL3NCcv2LL4&google_cver=1&google_push=ARnp8GBKgvAIhUu7vGxtiWCT0XKPEJ_6mLR48Lqpbniq4mpRexXHPZQ0NAKqFCS00K_m17fa1VNbhoG-FyBa...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GBKgvAIhUu7vGxtiWCT0XKPEJ_6mLR48Lqpbniq4mpRexXHPZQ0NAKqFCS00K_m17fa1VNbhoG-FyBay5NMQtLM-zK_wPeLrg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GBKgvAIhUu7vGxtiWCT0XKPEJ_6mLR48Lqpbniq4mpRexXHPZQ0NAKqFCS00K_m17fa1VNbhoG-FyBay5NMQtLM-zK_wPeLrg
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GBKgvAIhUu7vGxtiWCT0XKPEJ_6mLR48Lqpbniq4mpRexXHPZQ0NAKqFCS00K_m17fa1VNbhoG-FyBay5NMQtLM-zK_wPeLrg
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 20F4
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEPGAmOgh0nNAN_OFBKA5JJM&google_cver=1&google_push=ARnp8GBXZYn0f7Ohh2FDBcF7U_UzrwL6XlJOfAbCkkTAU6mBoh4355TL9wB9_v4eo0MTd4VEqycZpqn66SWGs2dE65F_LE...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEPGAmOgh0nNAN_OFBKA5JJM&google_cver=1&google_push=ARnp8GBXZYn0f7Ohh2FDBcF7U_UzrwL6XlJOfAbCkkTAU6mBoh4355TL9wB9_v4eo0MTd4VEqycZpqn66SWGs2dE...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=r-Y38KLmRBCKKhVnD8f2pw&google_push=ARnp8GBXZYn0f7Ohh2FDBcF7U_UzrwL6XlJOfAbCkkTAU6mBoh4355TL9wB9_v4eo0MTd4VEqycZpqn66SWGs2d...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=r-Y38KLmRBCKKhVnD8f2pw&google_push=ARnp8GBXZYn0f7Ohh2FDBcF7U_UzrwL6XlJOfAbCkkTAU6mBoh4355TL9wB9_v4eo0MTd4VEqycZpqn66SWGs2dE65F_LEWbJZVrWQ
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=r-Y38KLmRBCKKhVnD8f2pw&google_push=ARnp8GBXZYn0f7Ohh2FDBcF7U_UzrwL6XlJOfAbCkkTAU6mBoh4355TL9wB9_v4eo0MTd4VEqycZpqn66SWGs2dE65F_LEWbJZVrWQ
date
Thu, 23 Jun 2022 04:11:39 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 20F4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ARnp8GD0sKZoYjOo4G8arfvfNDVoVCJzGxgDKq3vKu3V0S2NnboG3Q1y4GRFBwb7yhCHa9dPcFU0pCVjXOg62z2YcYiQEBiKWj9Z4A&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-97439b22-b303-4569-a96c-e607af58da39-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DARnp8GD0sKZoYjOo4G8arfvfN...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GD0sKZoYjOo4G8arfvfNDVoVCJzGxgDKq3vKu3V0S2NnboG3Q1y4GRFBwb7yhCHa9dPcFU0pCVjXOg62z2YcYiQEBiKWj9Z4A&google_hm=A5dDmyKzA0VpqWzmB69Y2jk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GD0sKZoYjOo4G8arfvfNDVoVCJzGxgDKq3vKu3V0S2NnboG3Q1y4GRFBwb7yhCHa9dPcFU0pCVjXOg62z2YcYiQEBiKWj9Z4A&google_hm=A5dDmyKzA0VpqWzmB69Y2jk
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GD0sKZoYjOo4G8arfvfNDVoVCJzGxgDKq3vKu3V0S2NnboG3Q1y4GRFBwb7yhCHa9dPcFU0pCVjXOg62z2YcYiQEBiKWj9Z4A&google_hm=A5dDmyKzA0VpqWzmB69Y2jk
date
Thu, 23 Jun 2022 04:11:39 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX97439b22b3034569a96ce607af58da39003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 20F4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAVlLq7OpMpxV_FRu2zamgs&google_cver=1&google_push=ARnp8GDoVWnX_x6RAvVZNa_K2giRqWSb_sN54U3u1wUmH_JFnbZDUbZOY9G_x2IhGyfF8uS3KDnauN32CgADIiUeo94uz1zrtE...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GDoVWnX_x6RAvVZNa_K2giRqWSb_sN54U3u1wUmH_JFnbZDUbZOY9G_x2IhGyfF8uS3KDnauN32CgADIiUeo94uz1zrtEZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQyMDk0MDEwNTk4NDU4MDA2MDE1NA%3D%3D&google_push=ARnp8GDoVWnX_x6RAvVZNa_K2giRqWSb_sN54U3u1wUmH_JFnbZDUbZO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQyMDk0MDEwNTk4NDU4MDA2MDE1NA%3D%3D&google_push=ARnp8GDoVWnX_x6RAvVZNa_K2giRqWSb_sN54U3u1wUmH_JFnbZDUbZOY9G_x2IhGyfF8uS3KDnauN32CgADIiUeo94uz1zrtEZHYA
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQyMDk0MDEwNTk4NDU4MDA2MDE1NA%3D%3D&google_push=ARnp8GDoVWnX_x6RAvVZNa_K2giRqWSb_sN54U3u1wUmH_JFnbZDUbZOY9G_x2IhGyfF8uS3KDnauN32CgADIiUeo94uz1zrtEZHYA
date
Thu, 23 Jun 2022 04:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 20F4 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEPI1JfxQ-Ih46vWLVNpULo8&google_cver=1&google_push=ARnp8GAsBxB3QfBuI2wf0ofNFTOBgT9o2UErF9Xp9od5dcTjFY_JNaudm1b98mVbL23ED6YYaz9duggoqDUHvvZSRNhvi-SJi98MOA
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.108 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 20F4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IA3v2kH405M4aUzE9DmjutboQ9_V7O96QmKgZydESSyu40QsawunJDXS6eaeyxuvrctSYS
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
pagead2.googlesyndication.com/bg/ Frame 0BDF 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b282508d53045b3f805b6697d9c106215798fa6a836e52efb5bb664b72b2342e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
30564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13867
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 19:42:15 GMT
pixel
cm.g.doubleclick.net/ Frame 489A
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBMBxmizM_pyrHw-XhF_c8I&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBMBxmizM_pyrHw-XhF_c8I&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RWRONXZGTUwxTzRlYlY1&google_gid=CAESEBMBxmizM_pyrHw-XhF_c8I&google_cver=1&google_push=ARnp8GBY9LFPNtuL7T3qKdIVmanQBewyZk4jvT2pLyHWcI6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RWRONXZGTUwxTzRlYlY1&google_gid=CAESEBMBxmizM_pyrHw-XhF_c8I&google_cver=1&google_push=ARnp8GBY9LFPNtuL7T3qKdIVmanQBewyZk4jvT2pLyHWcI6U47cepAwx5nWE1eGHXFEprwIva3IZkSr6k14iPtEIdgtII-wgELnn
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Jun 2022 04:11:40 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0fe2fa5347d6fafbd@us-west-2b@dxedge-app-us-west-2-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=RWRONXZGTUwxTzRlYlY1&google_gid=CAESEBMBxmizM_pyrHw-XhF_c8I&google_cver=1&google_push=ARnp8GBY9LFPNtuL7T3qKdIVmanQBewyZk4jvT2pLyHWcI6U47cepAwx5nWE1eGHXFEprwIva3IZkSr6k14iPtEIdgtII-wgELnn
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 489A 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE1JBVez9DVygm3ejAyG3jU&google_cver=1&google_push=ARnp8GCDT3Fi_KG4YF2ljWrGC9C4Xc-gmUt6_o_m-c6j3o_Pu6lDVGXsqLeb10pcp7KXvT0KaPzlwZjq4qTAX-HH-Nd7lP2uSEA
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 489A
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEvzZQdE5OKX1fFzlI5ZAGY&google_cver=1&google_push=ARnp8GCeYGqPcK3W-2InSlh6icb29_o8KzhYSOzN671RFt59-BAFhYJUjR_ZensajV8JV0IS2ZpikIPNz0Pym3EuFxjOXJw...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCeYGqPcK3W-2InSlh6icb29_o8KzhYSOzN671RFt59-BAFhYJUjR_ZensajV8JV0IS2ZpikIPNz0Pym3EuFxjOXJwoxuDu&google_hm=ODA4NDA0Njc2MDU4MDIwMz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCeYGqPcK3W-2InSlh6icb29_o8KzhYSOzN671RFt59-BAFhYJUjR_ZensajV8JV0IS2ZpikIPNz0Pym3EuFxjOXJwoxuDu&google_hm=ODA4NDA0Njc2MDU4MDIwMzIwNg%3D%3D
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Jun 2022 04:11:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GCeYGqPcK3W-2InSlh6icb29_o8KzhYSOzN671RFt59-BAFhYJUjR_ZensajV8JV0IS2ZpikIPNz0Pym3EuFxjOXJwoxuDu&google_hm=ODA4NDA0Njc2MDU4MDIwMzIwNg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
dds
rtb.openx.net/sync/ Frame 489A 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEA1wfaMFn-HYJ9kazZ0tj-4&google_cver=1&google_push=ARnp8GAzZzBiTc4ItRxQrAZEGRs_tit_Mfk_NIVs-tIDZJGHJ0u2kUnIXlqhU1qY_tt8DL4CEw19mDs4lK2QuykWMiXvoY6UbrJW
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:38 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
cj9pq6ji6qv8ubdl6rrag9ml3a1ugjrv
pixel
cm.g.doubleclick.net/ Frame 489A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEF6L2uk-7hr09fl_2mnpME&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrPn-zYD76snqHG8qQUiXQAAAscAAAIB&google_push=ARnp8GB0xN2Jy5mssD-SLYTnzkHITIsBTNAYUDodT73GRsmglV09CRXw04movRqp40nIamvke5-Y-JO7xOhpQWn7ji...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrPn-zYD76snqHG8qQUiXQAAAscAAAIB&google_push=ARnp8GB0xN2Jy5mssD-SLYTnzkHITIsBTNAYUDodT73GRsmglV09CRXw04movRqp40nIamvke5-Y-JO7xOhpQWn7jif4FLpkLMI&google_gid=CAESEEF6L2uk-7hr09fl_2mnpME&google_cver=1
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Jun 2022 04:11:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrPn-zYD76snqHG8qQUiXQAAAscAAAIB&google_push=ARnp8GB0xN2Jy5mssD-SLYTnzkHITIsBTNAYUDodT73GRsmglV09CRXw04movRqp40nIamvke5-Y-JO7xOhpQWn7jif4FLpkLMI&google_gid=CAESEEF6L2uk-7hr09fl_2mnpME&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
459
Expires
Thu, 23 Jun 2022 04:11:39 GMT
pixel
cm.g.doubleclick.net/ Frame 489A
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESELktczQSmbqWLwa4Qn5FNE4&google_cver=1&google_push=ARnp8GCGi3evUUm8v0bP8meoPZPBOmyaAHMxj--urkub194SL3iYxCLFiaCqNiBuGX13wvuqg-10zE6QOHIC0ESP...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GCGi3evUUm8v0bP8meoPZPBOmyaAHMxj--urkub194SL3iYxCLFiaCqNiBuGX13wvuqg-10zE6QOHIC0ESPSutylHUwfiD0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GCGi3evUUm8v0bP8meoPZPBOmyaAHMxj--urkub194SL3iYxCLFiaCqNiBuGX13wvuqg-10zE6QOHIC0ESPSutylHUwfiD0
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Jun 2022 04:11:39 GMT
via
1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GCGi3evUUm8v0bP8meoPZPBOmyaAHMxj--urkub194SL3iYxCLFiaCqNiBuGX13wvuqg-10zE6QOHIC0ESPSutylHUwfiD0
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
d0IawDt7QmrJ4cAm5HZIcu6QsuvpP--E1y6yUPFC8cUlgAWW_yMhUg==
pixel
cm.g.doubleclick.net/ Frame 489A
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJt5ZV7Wo7-YtL3NCcv2LL4&google_cver=1&google_push=ARnp8GA0mi2CFHCMJqib0sjwwTwZyN4XRBlhwLyzYb1_RjHJ9yUZxu4WRAS4DoQLtarf6_dEanAyvBSP0fgi...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GA0mi2CFHCMJqib0sjwwTwZyN4XRBlhwLyzYb1_RjHJ9yUZxu4WRAS4DoQLtarf6_dEanAyvBSP0fgi6bxtpZdnmoOaPUAE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GA0mi2CFHCMJqib0sjwwTwZyN4XRBlhwLyzYb1_RjHJ9yUZxu4WRAS4DoQLtarf6_dEanAyvBSP0fgi6bxtpZdnmoOaPUAE
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GA0mi2CFHCMJqib0sjwwTwZyN4XRBlhwLyzYb1_RjHJ9yUZxu4WRAS4DoQLtarf6_dEanAyvBSP0fgi6bxtpZdnmoOaPUAE
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
attr
cm.g.doubleclick.net/pixel/ Frame 489A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IkQARWSLBXgNxsRUG5pDFl2C8kgYJEOviblPSEm6dqGhjT01niMIo_sEWy_yawIApATZBQ
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
102370.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		144 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/102370.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d6babea0ece2c83d3f48544adedeb793677c6ea20343cd6971b608bc8cab571f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 17:06:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212680
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Jun 2023 17:06:59 GMT
12827.jpg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/12827.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5dcf4aad520bb2b3a08a85bdeff452b1550ccd9bd297c578607019f895b38ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:00:40 GMT
x-content-type-options
nosniff
age
659
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8896
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Jun 2023 04:00:40 GMT
I12827348103.png
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		329 KB
329 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348103.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a3d696dffca48ce8b54b1750ba72045e9f1f6221a634356409491c66d6943a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:00:40 GMT
x-content-type-options
nosniff
age
659
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
336446
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 23 Jun 2023 04:00:40 GMT
I12827469767.png
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		182 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827469767.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bae5fdebbf3eb7ff15fdf90b283afc0b345d3cd37df9fa0e3e0e3166de34180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 14:23:43 GMT
x-content-type-options
nosniff
age
222476
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
186453
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Jun 2023 14:23:43 GMT
I12827349206.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		171 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827349206.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6266084a52a1a323e230f023c52a34dec272620f00f2468ace6ef10a090948a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 17:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
161
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Jun 2023 17:07:00 GMT
I12827348105.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		25 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348105.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbc09799090373dabd4bdd3cfb8470dae9424795d12d6936eabbc23039a7328b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 17:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4731
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Jun 2023 17:07:00 GMT
I12827348106.png
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348106.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b9d866b7fa495bfba4c09b8a73dd7b0253c04d739a810bc557fb6b3d051ed2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 14:23:43 GMT
x-content-type-options
nosniff
age
222476
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28738
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Jun 2023 14:23:43 GMT
I12827348108.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348108.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c473141dc73a49904c72500d32938b78834be5772b6dc7ac5a65f48bcc809f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 17:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1677
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Jun 2023 17:07:00 GMT
I12827348109.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348109.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78471dab945b59d358db49aaa00518f843820e961dd291e7d3ce7127265134e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 17:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2345
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Jun 2023 17:07:00 GMT
I12827348110.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348110.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
36eb0e0d0a38e5fb99dbf3b081d4b9ea8aa5822b846047c6dc524fa014788418
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 05:22:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82143
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1198
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Jun 2023 05:22:36 GMT
I12827348113.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I12827348113.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67f26bc9668b3122c7e7c8c75e3748597ab4a9623036eaf3a8b60e53afef276a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 17:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1693
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Jun 2023 17:07:00 GMT
I134613022.jpg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		86 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I134613022.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b7451606fdcda3eb923c2e26b7f46f2ae959ea6b035204660d1c7714cad9cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 14:23:44 GMT
x-content-type-options
nosniff
age
222475
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
88418
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Jun 2023 14:23:44 GMT
I134613023.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I134613023.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c2e38fc1eb07a52ed9511df418fa514b7ebf4c6a426dbd8a661472572e1d07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 17:07:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1854
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Jun 2023 17:07:00 GMT
I13461302139.svg
s0.2mdn.net/sadbundle/14714734884117237288/images/ Frame 1D90 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/14714734884117237288/images/I13461302139.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b5d91e83633543543de8c95bfd761fecca7d2d05dcdf7eef526e75a8139a93b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/14714734884117237288/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 17:07:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
212678
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1265
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:52:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 20 Jun 2023 17:07:01 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E928 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv0cfzB0fNYTD-z9s7_A8MlGPKopuXESmRxAxl8JwlVqnBQ092GxsdIaACnnzXVpdnDZTDJvAW6b4G7QulPjT8w3Br25QxvX6SIWMbF-7Vvmp5otCPLM5Owcv75D39-M1vO3kmgLmJeBQY7x-1k-TaYuVyYrdV_VAdKfgyK4NEiL5jfsgjRq8UkM7ovpG7dfnauxwmFtEobFErs1BIy4DN_Q7zY-5pqjD_6RTwWf0WPGRf0Rj2CLzeZFT_-07Dp36obolyyLkf5h6RAh-mj6rafFHWoQRaCG3BIa05MI-Gz5AxRrGHctgi-oRKkmmkPiB7jmYqhqJDO3xPM5Tfbr_jabAIVxcn0jlKIl8zXx3kellMpr8SgLF7wHSEQXW1A0CFiO1XNvep3AX29nKIWu2ktoEGBB2IAUsbrsO0hODX4-8kcSzzF60FAK9ng654XPVFnWV0qD3_wFm8KVmPimJ2lMtQWNROfkHZ7esRKqXE6LnUMbnYbn8qn_S-OEwW70-Nbhx-rID5e0kxI0Jll412SpFiAx4c7r_ptvimQMgvYkRABxudHw0r4pBHHF1orDtcMLfQRGc4UpFFtvjiH3myFb_W6kGrxHa__Y8a_2kF5a5hQtfbgEbPDVil0pQigVUSpvO2Es8n0xpbkJplcEoMuY8ZbNQhN0YzixxQKw34ddRD-7-V36IzJsY6mwXJxSEoJGjWXMAHers2qdwlbHxOyBOPWcyZtkxHeSE28gcGEZhUHZ7ts_MKIs0Ge4GU_Pd16QFQAt62N5t2iOb-0rsP3JxSir6PgTXbcxaVRrTAjpUJ327CjfOkumEV21xmNIz8N4rZECoJmLztVEPdAGx3Xuy-8V1OpC0a0nCbkvc-cp9gPccF98WLWm-F0H4DQCONf-W41WgpZENKl3f9tgh26DDlWI-3Q9XOvmdk7GfxNpS7zVyE6HpLDuF8laoxKmo-_dOYnVMM7tKDpTlc4fd4EXhPCxkjWgTtlOTM3sDnwxcq_NYWBigoFBZXgxRKdER3JKsSXS8o6ZYWHus6tCw-cT-rspQ4Sj_Bvfx8CH4N_IXGG2V04lNI2p2sfkXKFV7CtioswuRam79ggg4M-BsSaWOx5VuNu0YE_gW9uKEJcx_9-jY5KPfYKVPHwVxqZ6vjnlrha4TEQdYS_49LKdv1F2Vr3L92hYIClE_h2IDHmnq9zDWmD&sai=AMfl-YQyTBA0PmtAHVBwOMaPxvlRpg21hHQR3cHltm6rLU5I_jXDvqVPzQAQPG2OEe_0t1wN-nQxlScDVZz-RMpENbMj2eJtrgWsJD0tp9KLatgNsisLsFTWGwS-biCX_YkEjprBC_CPChctpxP0P61YfmXngOhdkKen-fM-kPqQmHeAYZMd0CtOo4l1H9wuaLiuWcmJq7wpNPzYdKi6wPYCsi70HdmlqynL5Y-csBAQaN3s2fikhf5i0e1f94s8K9qyKzTRshQ8g_fKLObJDiczXnzy0svzDLWKNDIvipw&sig=Cg0ArKJSzFtH1qkxF00SEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=365&vt=11&dtpt=364&dett=2&cstd=0&cisv=r20220616.90963&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 04:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
css
fonts.googleapis.com/ Frame 2E04 		6 KB
667 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500,700,regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 23 Jun 2022 04:11:39 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Jun 2022 04:11:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Jun 2022 04:11:39 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 2E04 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 07:55:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Jun 2022 07:55:02 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0213 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
80275
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 23 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame ABAD 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5f10e66c0a7242876553b02d04b33e53790fabcb4e9d8fe8775e49401bc6d669

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame ABAD 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssBcuT8BNv70-UpCQpidurzSEEQ-eF9D20JwTVsyzQ1W0-XZXC5cttUq1S1vjfL1LOmqagK8zwuaDH6lCF-8B8FqZ8DywtvtVgF6XTcc8XN9IdadGoYhlKtq2CTySBIxkf2UghBapVGlNqutn2AEp3yT19psrJTzpDvQhmYa4X1Z2PvtQ05oSo5e6FQfqMP9HFz3IKsObTHcO_X34Uoo8HG2BDxcmtB6DYauQQUy2lRqnAPgdj1ulC7XcpiP9Dltay2W4vgKJEePI23bGThOl-cm8E6pDEQMxfYy2s63UhsPL95KujoIdT0X-O4HJXKDQ93dM4OeXNnAdHn2yKEH1lcdcvT4PRf0dZFzlkSwf_LaH7CvlIUBK4r2RBKWl3qLiNwEjSgJopQ02rEudpwA_IABKl8RhJ8v8Vp9rjSv_c7tDht7_1KBbSjbg_TYR9jt252K0aO6b14_WK5kXXEZh2sM5TVjK_tmVPT0DirsUhrO1dodLXhJQUAUCbOb8vTc5bK5GSROU_K9XhZZuvzE_lb8FN8t_mUWJTeF3h9uK0NiUruFIUP5lGScgMiJoDD4mgysN_1jpEcN5q_RlMu4vxuBQMSSdzcaTrkZ7TTQhGJRMGBWD_f3xm8qwIpiI_u3XvplRrarZ4QxtUzMxiKx08y2wtjPsXbWoYCQxGgESpT_BZDQfL_WlPpOUFil-fjsCJfAzMN4czRVxVpeT_l5hJBWiwbOVJZU24ELNWtE-tZCL1790S1BjXktSmP38iljm6uIgzEbgSIGM4XiqvKecxGTLmDFKTS4RIj7oz2BitoE_cJ8rb-xoXFH3RtjSbZct1fr8NpPYMd0CkU1FqVS5RznRUP-vfApDdj0kynOL0OCxjPDZNbq7MTAo4lMLuYE7jKZtzsxb5kliIkejxKl2QT_UkscdJmM0FP1ktNA8hJhvRpf-9JyMShSQTKdc5zR_JlVmwn1CHfkgVjRTexIRYCRkIRN3_gC5s-32kJvcWe1QDXd0s6avmJbK9gFkJCZhnMmTPvwFmq4EqRtLiySV8J8Pz16jv7aSTk7J4B4fb4w_HOerdTK4mkxhRST-WX87ii_nFBDovVcsW92TV9eeZwOr46a4ALrM0XxMuuzvoREpLxhZd_LrYo4qNe0FCx7KzysBSkWm6HhPMCHbamV505F_Y&sai=AMfl-YQrybVzvYOCTX2DWJJyC47D4N23VrGgjWETI9pTsVUaMEZQ_Wgxb4iy3-r_zSWE8CyPZ3pBkQDXCIw37bYUUWFT0kY6nfJyvBGTxcltv4h0JaExMZa1M0I6D42UuCE4Z56g7UyPqE1RTO-J1lJ14MExt0lsj0-Y_r7DedusuyJzKTl9RaYPMfsW5YdN-rx2Oq1e-XygqPskEh8aZMV-kg&sig=Cg0ArKJSzEBHsltJOpYHEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=220&vt=11&dtpt=219&dett=2&cstd=0&cisv=r20220616.00462&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9FZxHlzhbx1ANcimr7igpFGFpSu43Ga6HSLNJuQOKzuFHCGouktpZGG1L1bFeFZmZ_Bb1droal1pTtM55IovyA8eQ1pjLoGQqTWkcLstqQscitO2yR71nwzixVlFj8HYFxhtrh2nrT-Ykx0SzRK__1v7SWA&dbm_d=AKAmf-CdV8CrCcdUvr9wEnF9LoGgV71z03Q4XhTXzukSviRkB3qeMb7xdTdZ20oOa7LitIBkPtm6Ixwz2znxHr2sD3OngJDZ9AUKMACIdv1L-gL9hdXsW7Ljv96eBUuB1IB2BHj6QmwgoTF_jko5LmlLOirS08B8CfQCGNYMGtNSFxpEL9Le9Ku6IQbQnCpKaj9e5XeXRP1tbShTa2D2EeKz-ZEvZ2F9Y0o213hLfqaO3XvgooWHLrPwoZTDzDlVfxscIlbEMC1n7sbzstfPoOX21jbxdueRe-3txWJI8opMh7Ed6fcWzjrnvNT9fO37otg-D4HRoKHeZekWkJb1Xj1YDBu3lSF0-y6Fu2zavqPZlgx7Q4W5qOCzzaCus5nZpFlhopvEg8vfnMJXXexCQY3cJC1uBJkGQ3DWkTKETLIeYJVshI4ruKJyNIueCfB55CEGkvHCFwArXOfu4FJcjuJOe_l-vw65a3MFhRMyFyp6vtPcNJLl3KDxWE2V5o8Yiz4VfxnOz492u1CUgJk5lzCez2Zr5Ip_V6i3nWJCTCWu9h-WoAsdmuFKWD4kv7rJPS3BAcSrr9frf--G_KIumNDPfNtvMOF8Raw7iAYHqAHvrhkQdcj5eb_kDJ1kRhoyFlqvfLhJBfUzbv3dhS6u-TU1IPyC1am26NjvKtjFldtjlimDDyse2IfpTojLKoAYRtUQbr62mMFUZSOf9X648yMRgXSNxV1-8qKzw6eVi2hlpsc5hqvc8hPl4o6xBle2bxRIaRyP_lTFL8H5mkzQqn0IQLviLuFE53GKdSKoi-xz10c6L1LPLOUWj7vRrg_10mHVIdt36nRq3EG-VWUqQLr7_108W1zrWDQ0KniDqA8nvKNMmm1I0_oZdULSDeE-Rf5BLy1qpVs3TwXZTGhL41k2k-hh1ZvuLf__E8nHfURpm94rLMFkwnzadO3uluEFZrgxD-y4-BP8r5oU8yTKCLduJGCDc3kjjtOuJvMpfJjNVGw-DB1GuN9RKmG_XE13ZmIoUn7thWNaDvnnOr0y4DWcAw2piY60-8xyj-Y_8l2jrXxoKAuufAGCpKyRWNN5Q_tWlJAsWAlrgi8fVcSBiUhIxqgYPjOw9Ih-9G9FCIpjif8WDugMp1cFqvK05JvMFroCIlJ7_LBvb-1bvu_zDer4Pfi_PDbMnkoEAF7bc62BpF0aq_FKuDtF8aS7GuyttuZfQIODrpy6dQTaorRfjEipk5nnSct2KNri_JmTcTsfd_VExOIAZIOpaAtweoWnOoDFNHeRUG8BBW9DsFR4qZUEmuteOMHl31lgEiU-ovom2fOtMGKkYIvaotEGFaWprp4hcMEpT5_302cmSwRilI9bTw8MzExNNQHwIfJcKtUXfhNIPZeu-TMp0NNMm8uynRrFNa4nPkpIP4gwmq2JRcm_gWNrmpsBaKiJkMF6Gp-8noJAgaK9dsUk0-9REjCSjMLDM7J8waJOpoRcjLcCH5rQInK9buy8Oci7AF8fSj6w5VdTlJ7f__scas_iWVL-eR07O7T16KcQNN19TBScaS8M28INwOQ2jJzEY9dR5lRamaKedJPzH2Ffk57Cb-iAfoXcnPQGCgzJ2FS4QRtU8TZLMxCEzQ49FZq-XzFOUjpF3iCqz2CtQdOkdS4xgYkItckSD3xA397Fo3I_37W9GQCE1qBqkMPdkm36e2MK_Fo6NZ1lY6BltDKuiNhrnI2aWeYJ_onKq9Qo47jRzv3E-lsGy-Apw6Yz2uwjHVbrIe4u31wfQFOj-aBm08t_vTCO5lHLj5tFLckw_a7cxniaLogUSVNnAy-KStQ48C2TfIcvrbsyPKuJrLCBHBw_dMEfKG6nZKUxep9vPbQj1kKPifE5Wkr3joauNJcSmhFqiZ24Wy_VyELFeJfVx6tcVJW-CYVVeSE5ZgCDNlGg0fuUZbOt3HEUHPdMDz0oGY-Off3jqqJW6qFyYI-1K8XtjeUmIU--gDPFo91TKsjW0cRnzSPtHgKyyHQyKTB7uV_o4b21xB2atg1kwTF-RMTG4tri4tj6WwG_tGTlQ0UhVxgvwZgrJdSNajgiK-K6mw0sO-nu0-KgyY6qPG99FVZO_HNu5PeUZeb7rAIUD53gHrtoys2wxSXBECVyAvVPx23q_TGdHAp0eQzpnOKfk2-0xq3KIrl2zFjs912UJSMfOrSQb6NPwZ1PGf8gqRdMLp2nevPovtUUHqDihjWQbzRR0spuZpGojreq8qnWmrQXI2Gub1H3dsWj0ixMC3T3d2NVVluNsldomlVk2afbb4bVxkR_Kwrkz0aBTzazROeAhAHxagy6MWqPXxKt2ZeLej44uAVVVBh9QWC7W-Ks7b-FTIp-OSGZJV0Lng74-Ek7ytJYwWKWKBTlkQTlWTud0qyTxCYRR_jycWExHCOcY2-d15J4V7WFVsXsCI_iUcCiDwsMvmBch1oeFiirOXkAySmcnvwgazNcErepNfEK8ai6lGbmmAaU0BwGDMYIiQNu08MmIGctFPkHsT-j2MQKGoxkjtO-jEQ0ue8dyJ9P1KhuITPzXaqzUC0VHxmZiBM_PkF9rbjvs0bBsfX-Ntz4mkuKo3BjqU3yaP9juPJPk_oYKTSLc189qUJOPnb3HZ2aTOq8Q1RIkiNrK5Zn6zSJimx1KtfwoaJYS_GqLs7VjgkkQHSfdD-zF3WqLN27JyIFew8GSDqEQrnAdUWOJv8TV0PvvXLeHxa2qT6333dhMSVN1ToUfn80xfQCul29bXvMRg4OC1_-AJ8pRyUykI-P_lRcvpLAO7JhOz_nni0eKhTc7N9ViwteedmEcgPIuA35tfYUoeNnr0UHNDA5FZIJ5WqdH8T8oLZlVVe8APtCM37Jg7VT5WJGTEgnWdkvSO7QwC3DdFf_yCfRdMdngllDXlClseUHeLZnLBNjV4L67-_AwpmkwwzFkbX1mTfDilUICdulFP3eqT-N3pwsjcsY6MDFsASGwzWiH37OGfNEDoiqBjWbnOdYCmNzDKRaaWGfrSpSZZCGT_7pAyMsHTtDKV55sFM7J6QuGK1NlzMCbYXElN-hO1QG3uCRewX-s4Nk6XUI1Y0CPeWZvBeiOW1OID8CB4xrN3vF3XaSee-1EMBV4vyISiLtxL5xu2ZgjEgJi21hkan5N3Gcr9oIiW3Zaip-jHOsFiYpCt6ZgeF6NCLvaFLNCa3S-ybpgivYn0qOsSK9__ns6nd_y-RvyLi4K_cwaYZn1QNW89lRNNGyhx_G6RSI0VVMJeIwQOJnXZpcivYxqSo572H-VzX2VY0FqLjL0xedpvViAa-sNyOgyB4n85pRU0-WZ9z0AJzIAP5d-ZTyghXF47YebGlgo3GPnprHvBxo0-drvNdjlucRo0TbuNgTFhOD6NNV6Lvguhu3abmuNM49Xd_xIk5bsuGlSaFypTkpAdk2tCQ0RVKTTWYjjZPV5BJk1fi9AZTi_gScKFW2P7KtNDhjTzgzm97xAxfmHTHOA1XjdRj5PPFqlngcXRZ63TWtbKC86JmJl6xU5DkWXR3fkau12pt8sQ&cid=CAASJORop1xjPDgOwfBoLrhYwgAoorzAZWPbYVQkH33J9G9S-shAWA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 04:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0CCE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
73674
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 07:43:45 GMT
expires
Thu, 22 Jun 2023 07:43:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
lyGYsCueE8yR8XoODOo68FbDrX_I63nUiBydxCfKiqk.js
pagead2.googlesyndication.com/bg/ Frame 3699 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/lyGYsCueE8yR8XoODOo68FbDrX_I63nUiBydxCfKiqk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
972198b02b9e13cc91f17a0e0cea3af056c3ad7fc8eb79d4881c9dc427ca8aa9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 16:35:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
41770
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13789
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 16:35:29 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5280 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj46dzEATAB&v=APEucNW0EduStkKUmOF6Fc3QJPNgIJmQqOmq0jcVGt7omQIsA64p-_4RTTMj1pWF6JXQHWFFSuk8K_rkQhAAf_8cpIbUofFIGkcu5N0wxVVIBC4U65BZ1sfG7YqHU2KW-q6IfRUhIyYC7ElmS8Y_8pibVD8bmfUbtZWTvD7ynm_vv2Pn1g8Zeio
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Jun 2022 04:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame EAC7 		77 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ay2KE6f6MPTNZvDvwq0ZJQ6j0To9Q43oQakeX2TRt-8oRWBDWxAZuoyPS5RkHTedPHSctMX1aVZO3vjWJmXCZ5kcNs0w&cry=1&dbm_d=AKAmf-BDR_5rLCVtLzhNUJrMt40IXoyisPhom4yUOmBxby2tylMHTzSVmLQY-19IAcZsWVgsTjIPz4Ei8hzmCScPr2Jqd1Z2YcJnfNzVqvwiv9jpv1y7IxZ_80xZXjSFcOvuwMVfc_9aX1SNxdFerjnQorkXjtKrgnzp5J_UJ1-PP5fvvLUZhU_upVft-FUoKS-9QuCDFa2JLWpD892gUVosti0LPhbd7cLYMVUe9BOwG-BElgiwiME16ewr88sT7KAruX6jyijO2kZxihhKW50fpn_v7G65Cdhz29CDUk-sCMsSYAS9ggFNozA72GpwJQb0nl1bNIbhsIpguZ6qTLicQC-7tGbCOF8XVwL7h3pnZIoHwlD2HK3xcpIV2idXXo0v7NVTCNyrLRO2WHt5R846e80-PWVS9g7TXnLJHhjLfuv0mYymCqR32uOHkKM5iuXP15px8M69CTzFva6_tYtz_dPk6bx5P3nCwvXnY-7zhCj9IlTHEC0UWKSXc2F1yABVm5tYT1dv053qt5-_YTFBxQWA-WShE6hcQR9edh-81cPkoqQtnvocUu4Q4vO2bgXjTXWeJC15vOpgLHzUF4JtbfxyByGMC7JL4O_Weul0Q2UJLa6MY7s2ZEkb4RBANeZdW4B_OTAiZEBVet5zj0S46OyAgJBgZatWH59B6fPvWPhZhcbK4IDWMnxaqOt_5y04N1IKqjxlIvPRK6pSNEFm-dlmGGH4Q2dCYFNFCUmrr0Chj0oODN1gwldNIeSlXMLB4WSyrFvgIXaCbKZTwtHiKTGLIR-Cpz339bdTxKLw-qzfu9nGgI7oFMqInYKcr4cxMlrye5erHCDtdI0ZRYGw34MaX-FbX6uWgrlnzO_Znd1Bx39iS9EQWLSxGtvxvImBTbySTUbcEb9wuS_T_RrRTDC6Ba0MHdzocqUb1sMcGVJhRaWn_yluxYcUT9YIO8jxxH85wQiMDHVnygmHSdslpqrWg3M7pxVnzOgER4Yn1lIQryus2JsP-Wq23qvHQn1NeFAEBY0jLqYt0leYT7DY41VYrJl_Gsbjxo5kDS0PCq0g-7fBAsd_Hg-fFqJLOVpjSFNp58SNZlq-xfugcqZug5PSpyiNS0EfpTKMVtxMWAXeP-A24qdeSWKxXrT1u_LzGgsME6AqVv8yUdjnK-36ZZLh3khb9gJtoEF8gXqrc_qQmoUybkBfSOT6Z3NUGD-_NSrOpnHYCjHBd4pWBoUGlWn8jB8cCND6UQxNeyjODK5Y9D3EEXXVC8a0BR0RvFLuBysxzsZdhJ88XsCDjU1HPehmsb-tKPDkgJzUKVy5OerTw_NS0HDG1Wx-A0k8bARoTscMeMOM5g_S-_IsNzyJ1XUD2yXkuJ1x6rcrfupF63MQEDh3yUv4q7eab4ox-STeNs2Ssh7BR9NQt-gK98jQoSEn4OSPS2OYGpQmlbdMRi-U9DaZYOGVwvjnG7KTe2EFbuUYsM15KR6LOvIUqTQhqx3fR1Um_X0fbLUtBmANe3t3zFMuel1u-hP3z-9w76D9LPWZXc30UYeiLBIXSuHtb6L57hu1BnVYYPFzb8JGNhPzpbeAU-4bVOhUPNhEe1X8O-b2XiuHftZitxQCJP6-e-8ODTjCj9iQ4XDJQTY1JnogrJrjU07JK9sxbJQqjpP_fJ-OgBA6RnNKxGNwKULocJX7neFejVZh_qv_M0iU7A7ekA3Ly6LGLJk16DSjfogYzICsWlhZx9YgINVzcFifMvZu9sNxVF4k2cDxXlnRNhpdu-rdG__9nt7kzuGS-AI6rZuF__4xB7-DnG0_U3Tgaa70TNrDnPhWgJhWst2TPq5ZZa8k7TBiz1CmJ0XKJ5TNXcEzoLrzXiC8XQTta9VDNdiSYz3I0OPYZa9mxa7kiWHFDk-__LZ6ssuiYiypShxxpggyxpAT0dn-a9h2OhPrGTaO-sdfB_s9XWwR25weKkYG0-7IjTkN6FC59mPh7fkMpKBeNQ_rDD7nYITc3Af-LoirqGLV-W7AKdweAnkg9g9pvo9QV764pt40W_Qhi2ge6CaBduwbj3Q3mJu_NibD767HudA3D-1_YwIEgtI4WFmqdJl3OIG-wDBxzPy4fvXTjfy_2Z42Ai-7rSTuFH5DqtHCNWp-bMNkTK4Sj-Mt-Y8XsHqOrJkukD_0vxxXDKRJNTsbeLgyDSwUIx2igH9nUS_jq15C84V_6uIE0Kq563_uP34uOUmNZS9U3saEUMtD6ZSBO2W-RwS8uSkv3mFQivEDuT1PiRROcLW2hCtjkQ-MnXOtYbNKtlee-vFRfTd-4I7OKfBUSj-5eTPcu7qLDSneBPITQgbxlSusLzUPaRSYVelYjEKEIrl8Wm-XaQSZNSgSH17ldoZwhrTVMNjZc6DX7-8uChBCfwswqvXqvCqukrLHkz6X74-F-EfP7LDKZLS7gsiQ_E1y7r8FU1D8dKBuZT7NMAPJg0uDqz_chi_irMzySPiIMe_KXGiOpmHCabqhwRIpafXBhLlFoVxA5Z5GCVBhyfWeREBES0NCzmZQJgOuL2nUNmsEG6o7Xu-DEgdG69BQa9cZAcskX7d9pCyd7ALHjBMDQMVDWEzEjfiV31AxPT4ZjJ7tb-e7CqiXUE6EpH2tMwfUZY46Xj3-k4bcOrgRZWtv90TtRAIuTvJjmi7JaGBm6YB8N61-UlSOMPx_eQiRCB3WHFKY1i2JidPNOXtzfrFwMihGTurptoExzsG236V3hkdiY5UfY5pPKvcQlro826tsWULjBylsCrlxBOZ1brMaeSF64Q8xE6XTQthk_8uq2TWfj_XXrTTvsCqNGZUKikxLdIsvymEzm7TbZxiWfNqGamJdo44J4qImyqYuJpKiY06AA2ALTLVg2PRZF-z1MPHZDZv7WQtoKoIf_aqYZbWBGbajxCgjY2swjHxWXUQpmf4E1CKQXNKSri4WhDoAcKkhJn3sFKLcrwcPBYfiviib0iMjelgJOzyl3qma1lcxgWSA-ssC8SfOT0Pzct1kKCZLewOpmz78K4KYn_pW9arvz5iVVCdy5x_n_5pKXos&cid=CAASJORoqlHBWygzLMJ1o0b-aC6CHKlZ7SRmVx0ESyLSlzAYc3WdAA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1786f3910652e222bc486993158c2ce6bf25b8cf4a3ba112eadbe7a89c3244f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33184
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EAC7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cbgabvp9vgiApOiivbyBPqiG6b_J50vpQm7U9TrXSAXWmx-lEMWnIvYtveB7lvTiZWeVYldG0ows8waA_CA5XCa8YMO-OTSrFazjKY8mTqBB8oqys
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame EAC7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/window_focus_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:57:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
856
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:57:23 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EAC7 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43182
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1655318790223595"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Jun 2022 04:11:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/ Frame EAC7 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220616/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:55:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:55:05 GMT
l
www.google.com/ads/measurement/ Frame EAC7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSncp5Cx7FtV4vPLGKtyC7gly8C7i2mLLM61luYULGkLHuLCSbLCK2VAr8RLLnrPX1aGZjLJGq951zUqFpDUztjU1OzaA
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E93F 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
73674
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 07:43:45 GMT
expires
Thu, 22 Jun 2023 07:43:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
a.js
mb.moatads.com/ Frame F936 		341 B
514 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/a.js?callback=MoatHandleJsonpResponse_28042259&url=https%3A%2F%2Fivona.ua%2F&id=0&level1=25927350&level2=6688358&level3=303889082&level4=154638429&pcode=crystalskiukftdisplaybs363091935889&tv=359f21c1e97-clean&ol=273284308&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-fsgvPbh4hhkj2QMKvovmHE5i7dy8ZWS4aztFOewYCG7c8eOm5Kk0%2FX%2FtDJ5WspFf7egP&rs=1-Cs1uNxErYklCYg%3D%3D&sc=1&os=1-Zg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&slicer1=ivona.ua&slicer2=ivona.ua&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatJS=3%3A-
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/pbb847483933/bsi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.170.21.34 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-170-21-34.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
1bc85fdb62f0ab589d407b8bd394bb2d6f202e553e8fbac2be95cf9e9d776de7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"42bb7bb89b34b20e1ff2e8a519e75830a95e89cf"
content-length
341
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame F936 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&i=PBB_HC&d=crystalskiukftdisplaybs363091935889%3A25927350%3ADBM%20TUI%20UK%201494559211-CSKI_UK_DIS%3A303889082&gw=crystalskiukftdisplaybs363091935889&bq=0&de=3889024&t=1655957499398&ac=1&ar=6337827-clean&version=v0.5&oi=4&ob=1&na=310514265&cs=0
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:39 GMT
soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
pagead2.googlesyndication.com/bg/ Frame B4DC 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b282508d53045b3f805b6697d9c106215798fa6a836e52efb5bb664b72b2342e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
30564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13867
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 19:42:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5EE6 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
80275
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 23 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame F1D1
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GBkcDxPq0ZyXbxjVHhFRiZYWsLgIY-XERoLX61...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJQbl93QUszdEV3cXdBag&google_push=ARnp8GBkcDxPq0ZyXbxjVHhFRiZYWsLgIY-XERoLX61LZFFlmsX9ZGHk4SU_Wzn1sgM-QdvgxCw3XD2V5-JaUBburGr4IRSRxQl6
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJQbl93QUszdEV3cXdBag&google_push=ARnp8GBkcDxPq0ZyXbxjVHhFRiZYWsLgIY-XERoLX61LZFFlmsX9ZGHk4SU_Wzn1sgM-QdvgxCw3XD2V5-JaUBburGr4IRSRxQl6
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJQbl93QUszdEV3cXdBag&google_push=ARnp8GBkcDxPq0ZyXbxjVHhFRiZYWsLgIY-XERoLX61LZFFlmsX9ZGHk4SU_Wzn1sgM-QdvgxCw3XD2V5-JaUBburGr4IRSRxQl6
Date
Thu, 23 Jun 2022 04:11:39 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame F1D1
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAuVjDrC0l9KSUHdHeassOo&google_cver=1&google_push=ARnp8GAK_oB5QzFNT273XIWcT9wOWJTQSlG5Ee8uFqN8jyhzVzwPKzymLHv4HZySXaazQjFeo4TUSSBL_sPd-b6x1GPrygq84pw
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C5AEE89E4AE84CBE9FA110A9CE5FC1D0&google_push=ARnp8GAK_oB5QzFNT273XIWcT9wOWJTQSlG5Ee8uFqN8jyhzVzwPKzymLHv4HZySXaazQjFeo4TUSSBL_sPd-b6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C5AEE89E4AE84CBE9FA110A9CE5FC1D0&google_push=ARnp8GAK_oB5QzFNT273XIWcT9wOWJTQSlG5Ee8uFqN8jyhzVzwPKzymLHv4HZySXaazQjFeo4TUSSBL_sPd-b6x1GPrygq84pw
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Jun 2022 04:11:39 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C5AEE89E4AE84CBE9FA110A9CE5FC1D0&google_push=ARnp8GAK_oB5QzFNT273XIWcT9wOWJTQSlG5Ee8uFqN8jyhzVzwPKzymLHv4HZySXaazQjFeo4TUSSBL_sPd-b6x1GPrygq84pw
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 22 Jun 2022 04:11:39 GMT
google
match.adsrvr.org/track/cmf/ Frame F1D1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEE1JBVez9DVygm3ejAyG3jU&google_cver=1&google_push=ARnp8GCeZDD0Q8zDwKhHN2m8REh51SMYa1sXpM3SnbbC5T4WpDX6fpGZKd4BOf4deanUvjxaK12D-_BZ34PwuokzMTIzt9Ey933z
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame F1D1
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEDIHgJWA84DSUXMqfg-M_eg&google_cver=1&google_push=ARnp8GA9EMKT0AtfoqTIWdVc61M6frgu0vnYmW7G7yzQxeTGinLa1hGu5cbtoMN-QhAL7S_FlA2CJgGDUjye1Lxk...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0m3vn-pfR0-293OwCwfBSg2&google_push=ARnp8GA9EMKT0AtfoqTIWdVc61M6frgu0vnYmW7G7yzQxeTGinLa1hGu5cbtoMN-QhAL7S_FlA2CJgGDUjye1LxkUaamLfMwFTyT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0m3vn-pfR0-293OwCwfBSg2&google_push=ARnp8GA9EMKT0AtfoqTIWdVc61M6frgu0vnYmW7G7yzQxeTGinLa1hGu5cbtoMN-QhAL7S_FlA2CJgGDUjye1LxkUaamLfMwFTyT
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Jun 2022 04:11:39 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0m3vn-pfR0-293OwCwfBSg2&google_push=ARnp8GA9EMKT0AtfoqTIWdVc61M6frgu0vnYmW7G7yzQxeTGinLa1hGu5cbtoMN-QhAL7S_FlA2CJgGDUjye1LxkUaamLfMwFTyT
x-host
tde-deliveryengine-production-b5685d8cb-dj2pf
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame F1D1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEvzZQdE5OKX1fFzlI5ZAGY&google_cver=1&google_push=ARnp8GAIOarddbz5zySV7zgeJNBRpy2JKEuFMzmGCiAMQ8o_rLBPV21hD64pv2QXrCsUZ2jZWMa63hvQ4g_6s_HxcaDkBjd...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GAIOarddbz5zySV7zgeJNBRpy2JKEuFMzmGCiAMQ8o_rLBPV21hD64pv2QXrCsUZ2jZWMa63hvQ4g_6s_HxcaDkBjdmIG6Y&google_hm=Njg0NjQwMzk1NTg0OTgyNz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GAIOarddbz5zySV7zgeJNBRpy2JKEuFMzmGCiAMQ8o_rLBPV21hD64pv2QXrCsUZ2jZWMa63hvQ4g_6s_HxcaDkBjdmIG6Y&google_hm=Njg0NjQwMzk1NTg0OTgyNzEzOQ%3D%3D
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Jun 2022 04:11:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GAIOarddbz5zySV7zgeJNBRpy2JKEuFMzmGCiAMQ8o_rLBPV21hD64pv2QXrCsUZ2jZWMa63hvQ4g_6s_HxcaDkBjdmIG6Y&google_hm=Njg0NjQwMzk1NTg0OTgyNzEzOQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame F1D1
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJt5ZV7Wo7-YtL3NCcv2LL4&google_cver=1&google_push=ARnp8GCLZQwRxhQQ_SU80foIcfiI3E6ScdOUz6JcTTSjkID_P_n0PcduAG7X2-Kczton0NWoUaJ32Q9NecrY...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCLZQwRxhQQ_SU80foIcfiI3E6ScdOUz6JcTTSjkID_P_n0PcduAG7X2-Kczton0NWoUaJ32Q9NecrYOc--IAW7f6uMoOU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCLZQwRxhQQ_SU80foIcfiI3E6ScdOUz6JcTTSjkID_P_n0PcduAG7X2-Kczton0NWoUaJ32Q9NecrYOc--IAW7f6uMoOU
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCLZQwRxhQQ_SU80foIcfiI3E6ScdOUz6JcTTSjkID_P_n0PcduAG7X2-Kczton0NWoUaJ32Q9NecrYOc--IAW7f6uMoOU
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame F1D1
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEJ...
  • https://sync.targeting.unrulymedia.com/csync/RX-97439b22-b303-4569-a96c-e607af58da39-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DARnp8GCG7Fs6D0ewA2HReWAUl...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GCG7Fs6D0ewA2HReWAUllzBi6DGHubaChDGVXUQ_y-ZknISXwgFtdct-LCvxS46lQnALguhNFVWAH8EIMSvJsHvYYxq1EVJ&google_hm=A5dDmyKzA0VpqWzmB69Y2jk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GCG7Fs6D0ewA2HReWAUllzBi6DGHubaChDGVXUQ_y-ZknISXwgFtdct-LCvxS46lQnALguhNFVWAH8EIMSvJsHvYYxq1EVJ&google_hm=A5dDmyKzA0VpqWzmB69Y2jk
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ARnp8GCG7Fs6D0ewA2HReWAUllzBi6DGHubaChDGVXUQ_y-ZknISXwgFtdct-LCvxS46lQnALguhNFVWAH8EIMSvJsHvYYxq1EVJ&google_hm=A5dDmyKzA0VpqWzmB69Y2jk
date
Thu, 23 Jun 2022 04:11:39 GMT
server
Tengine
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX97439b22b3034569a96ce607af58da39003
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame F1D1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlUeeCl7CSQOhDcyWCKIXY2J0ezI5GKLyrp8BmBhjflUQM2LDS2HGzG8uGt4GpE8oJzKRh
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CC44 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 07:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 07:43:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 100D 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
80275
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 23 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ad.js
z.moatads.com/fallback/ Frame 97A1 		200 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/fallback/ad.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/pbb847483933/bsi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a917f4179203230547c3fcb75808e5360c61fd052e072a851863f574cdcbd7b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
last-modified
Mon, 11 Feb 2019 21:49:15 GMT
server
AmazonS3
x-amz-request-id
8FAB8DB9E5929BC2
etag
"91b3c96c3750422ec5dd1d7c37bc9c00"
content-type
application/x-javascript
cache-control
max-age=22601
accept-ranges
bytes
content-length
200
x-amz-id-2
x/W1uaB3kPSlKurYiyXCZ9l5MmK+gIbwab+TrfNusE3WZ+itPUfURX7fPk7r7CuulEGg7jtKnZY=
moatad.js
z.moatads.com/tuiukftdisplaybs288007166418/ Frame 439E 		304 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/tuiukftdisplaybs288007166418/moatad.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/pbb847483933/bsi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
41b143198b7072ca80f1ee00c8651c25d2dff69284bb5f06c14236783c1b5983

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
gzip
last-modified
Tue, 21 Jun 2022 16:49:49 GMT
server
AmazonS3
x-amz-request-id
M5K9NGK3MC9BXJF7
etag
"57a7146afea2acdee9e1d993c275ac7b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=22681
accept-ranges
bytes
content-length
105571
x-amz-id-2
aulzKq2n/PU6Iz7V71k8oVeUPVI8r1PTvgDn7E0TnI01PxxyssT/ws/fkLpBQaoXQFuylhySTxY=
pixel.gif
px.moatads.com/ Frame 439E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=MEDIACOM_UK_TUI_DCM_DISPLAY1&d=24425061%3A6909169%3A303945196%3ABLOCKED&gw=mediacomuktuidcmdisplay770428044891&bq=0&de=35567245&t=1655957499491&ac=1&ar=6337827-clean&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatJS=3%3A-&zMoatADV=10150206&bo=ivona.ua&bd=ivona.ua&zMoatLT=%7B%22t0%22%3A1655957498909%2C%22ta%22%3A1655957499179%2C%22t1%22%3A1655957499207%2C%22t2%22%3A1655957499490%2C%22t3%22%3A1655957499490%7D&oj=283&gq=23&zMoatDTYPE=0&ob=1&oc=1&oi=4&zMoatGSTS=0.0029022693634033203&hw=0&gv=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&zGSRC=1&na=1609905139&cs=0
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:39 GMT
index.html
s0.2mdn.net/sadbundle/7951278495677948162/ Frame 5F79 		17 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f365285d7ca876a421c8d6a32d198e5113708c31a98004accfb5639f8a28d6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
149818
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3484
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Jun 2022 10:34:41 GMT
expires
Wed, 21 Jun 2023 10:34:41 GMT
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame CC44 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8C02gOUpujzYLsvrNr_l88ld7-TWGUjG1z9ddI-0dTx5S19Cb35oim1jtATnWszYauUKRAsdd2s77si7MO661BAffg0p2w2DNhokd8FWj43eEnj1S48LS1eKAstFBv5w6yVD6k2_DNOjUIo8zXKw-dTEiyRmULlOzPqoc6JbTmOo_vf7V13RyJP1eyi60HOyAuN4uCrgsYsWtOYsKuyKDWRNdeyCz0-oqPRXRG0WLttVTZQ6IkzIAnQM3NZs585uDIT8vBe0Kt7QfQOR-m6Qfvj_KOsuePV72IEONwAhajNDGbrpTBSM46MKa_7pmsChDXDJl9Sy2loqib7-EiG23pciAY2WI1V85yHAWI3Fe-teOh58fZxAJJhuYXLdsQFT-F0ZfAabvp6BqYdDb1eDyKICMvxsYQlEuNdvxHkc4SLHveLjUMv4nuse20Bv-XlVK3oZX0IRu7xcVCcWfH1LzFI8L5nEJbd8yyIr3j1jvzujnXv4D8vC0wotn5n-tKZAu9nc5tFB75QcFD-IBwl7lS1DyUMZluo0hR1NIGeqlSvu-iTJk9qVVD1y6o-2TCDsg3YYmGOxFcRwh62wZvIvnJNavlBanZkKXeFRM-SosdJPacNqKU7a1HqnT6joFQD51_EA7phxDeWvobVnPcC7JyB7RJ43j-7Uy6D8jG51LiEjY9UbjqUVCl1JW6CDnJ8VkdgMFk3ro_tRHJICO7e8jF_qE9djHr2iDxkHZIxSoHKlgvp4nlU2JbTIQygqGP1orNBGRxcq3i4vdeu0t0P3PdoKR4517YC9H7dio2HZ59H1RC2ltoLzKYHs0RoBVnm5fOMnmk9fnZFfic26q49s8e1zRZVMmTy_17cZhiJbjGAVEJd4i8tQuXOMkaVQ7X12gjpDcZuGnSQw09DZn_g66hh8QSd-WlmzJ2tqk7fo2b8xfcDs96NlMsEOMXu8il_vZ8qoQxfk3DeqVa_j7Ilxze0JdrrhwBzgRkIjTsVZtx4XfWJR0mi15ua9ZdkamztAkxDjCG7f55Tmf9vfuCrixAPtB8x7TbeBaI-tHCKyAIkAFl2M-MUij2vwwvfIeSa8Aoz98a9HSmhKgudjHBEZVJ2-fy57PliKU8riXjE7hQ033trre2kljD_Q-c0FuU4tkkNMekgk_XqI_U4-WEK5KH3HGeqoRXHsnMKZUG6bW0l8nZSc_O2iCphxF0C4zVnB7XApD50nOcWRcWQSOoek&sai=AMfl-YSPjTSqFtDiUsCXdlRATKu5KFK0xtka-8BWT4z64-5dJOdawnef77KNdlnw0bJCSGdOIbKBROwHQtujPgWwLy9XWphFC3-ad52OM_KVsOohcKST3OAp4iPk_vdk29KyfjxLBrTxXL2E7I1ZYhVhBeQ6KD12i9WthBdYv0WrpzlihRksjAPzzNvCVhYHck7mNOjZqgHymz5UmKFAY6Z87I9C1f4Y_4Ki7N1IY8spuvfP_ZM&sig=Cg0ArKJSzF0tXysJGNAcEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=268&cbvp=1&cstd=264&cisv=r20220616.57177&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 23 Jun 2022 04:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
truncated
/ Frame F936 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10dab755d7717cee514327d926c500ba2e4eea51abccaced04d37ffdc61986f1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame CC44 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9acfedb43d16247bcd4849fb4999032d2b08733b53a4c8436296f505da626f2f

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
view
googleads4.g.doubleclick.net/pcs/ Frame A546 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsspSD7buffhCkLjRRC7jSvtjiuGhdzCcoj772xsLtoMxYzvEoXVFxjDJeALcDZlzf-l5TITEjL9oGgXClRAMyZvs0AW75o7oTWpX_dNUqAKNRkQxUsXVrcLx7jVqgFEIV2zw1bmZoPrI0kAdpbBbe1WzkSF7xliqHA0QHrECVllU8vgSec7jLNhD0jqqy4-1wbxri-4rQkGMBuIIEHgkELShyu_dCXGsBaZ18SL98AfcPSbFbPyd8cYPttJB9Pqtfa8BcDBiAumHbPH5VgMOaOEE4wAip5vIUP5OCJPfFdGHjitGwFCPmUl3cRSBCx1FS7Hgb6-pBUcVmRThhmZWkLQBiCj-RR-Zj9Y6y7ezSEpIGtGlA54Y74P8k-TAkxKvQ8Sk25Y0FH09rQZ4vsZGOd-lkUMlLspnw1rEa5dwF1Obt1NdOueggJvUtSLsWa6aHl3GGN-v8T9oDOzHc-9LGg3NXOA8LrvZ2P10JHuNkTCOPhk_i6n_dL5prJus16pEq21cHqosl3futZlt_-BRrIuRJNGhYh2rsvMnrXT4Ipfs0jF0zPGnPVYb7eIB1lWakLRRhTMEoiZC9mi2n8ERXSNF2hGN8MP05h9nNdJXTqqbV0w0xwyPBx4fVM3uc8FJnlxBCO6G_dG0JzSzIM6Z7meYTYgleInJPzkh9-Xj4DKYTPY12BsTDNs_pEvc0c--b60iauHU8LtGR5adCiMDxmiIdYZjTb-Ar8U5Xb_LEaw5ra9tfT0qpfj0VkW7y4xW1Gfq2rI0xnFyMuCKeozh8vzPMW0SUyEV4SsF_8qIvBJZUTNp3zsgp0CVR2qYRIx6Cp-C-HRRd3iNQSkRcyb478JcS_4_hei0zxZ6tw2RCbTbQJys542EAixuIMnyyQq6KBULFB1mLUZPBaau_v7oEjpnLJoUghED6gaxUTU1434e4gxx0UGZxdWuSWqfgRGuGse-_Cy973fRKgoLfD8961hPaGsp9yP7iDIGQ0psEn0f02QD3GD515LwNkBuaDY0CkMgki-urIwBOf5cuEai9G2h3_mrXAPc7WCSqHmHlwGl2eRDU4d4Sc8OfB9NH9rDDY6TNI37mAhtcwkc0pKN4oreiMbmbzlGpzIkimaBfB9QPjC0VezO-lMteB_DHGMMoi2KYNEvROYb2CZeZb4ztHQiTAFD9krUvmSZumc1Dwxvt8Y1Y4v3NNQxz-Yg54DUXG1kWkgID2d3k9KUGt9JRAjinV9xv9IqOr2QVM&sai=AMfl-YSdQCUc086T2Cfsetr2v2wKLM2OdFrXryPGqXcwWNsvbGWSqvs7z89oASc1eFHHDxS4VmKxz4rLys-bO_68zWBhNXucENiU-dnYmfgZ1W0UvyCWUxV_0KuSook7Ng3isSTJzh5lFLcNXDf-3MW1-AXs9BIPGxVsgVkXvjeXB4r4CbqQULFNG8PtX5PzcpDIlLx_0otveVI7pRo9vBmhhkS2N7cx-y7MQDGMyAD3bWXBFlg&sig=Cg0ArKJSzCsoyTsjwRC1EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=651&vt=11&dtpt=430&dett=3&cstd=219&cisv=r20220616.24523&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 04:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
pagead2.googlesyndication.com/bg/ Frame E6C4 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b282508d53045b3f805b6697d9c106215798fa6a836e52efb5bb664b72b2342e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
30564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13867
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 19:42:15 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame EAC7 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Origin
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 07:25:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74789
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Jun 2022 07:25:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/ Frame EAC7 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ay2KE6f6MPTNZvDvwq0ZJQ6j0To9Q43oQakeX2TRt-8oRWBDWxAZuoyPS5RkHTedPHSctMX1aVZO3vjWJmXCZ5kcNs0w&cry=1&dbm_d=AKAmf-BDR_5rLCVtLzhNUJrMt40IXoyisPhom4yUOmBxby2tylMHTzSVmLQY-19IAcZsWVgsTjIPz4Ei8hzmCScPr2Jqd1Z2YcJnfNzVqvwiv9jpv1y7IxZ_80xZXjSFcOvuwMVfc_9aX1SNxdFerjnQorkXjtKrgnzp5J_UJ1-PP5fvvLUZhU_upVft-FUoKS-9QuCDFa2JLWpD892gUVosti0LPhbd7cLYMVUe9BOwG-BElgiwiME16ewr88sT7KAruX6jyijO2kZxihhKW50fpn_v7G65Cdhz29CDUk-sCMsSYAS9ggFNozA72GpwJQb0nl1bNIbhsIpguZ6qTLicQC-7tGbCOF8XVwL7h3pnZIoHwlD2HK3xcpIV2idXXo0v7NVTCNyrLRO2WHt5R846e80-PWVS9g7TXnLJHhjLfuv0mYymCqR32uOHkKM5iuXP15px8M69CTzFva6_tYtz_dPk6bx5P3nCwvXnY-7zhCj9IlTHEC0UWKSXc2F1yABVm5tYT1dv053qt5-_YTFBxQWA-WShE6hcQR9edh-81cPkoqQtnvocUu4Q4vO2bgXjTXWeJC15vOpgLHzUF4JtbfxyByGMC7JL4O_Weul0Q2UJLa6MY7s2ZEkb4RBANeZdW4B_OTAiZEBVet5zj0S46OyAgJBgZatWH59B6fPvWPhZhcbK4IDWMnxaqOt_5y04N1IKqjxlIvPRK6pSNEFm-dlmGGH4Q2dCYFNFCUmrr0Chj0oODN1gwldNIeSlXMLB4WSyrFvgIXaCbKZTwtHiKTGLIR-Cpz339bdTxKLw-qzfu9nGgI7oFMqInYKcr4cxMlrye5erHCDtdI0ZRYGw34MaX-FbX6uWgrlnzO_Znd1Bx39iS9EQWLSxGtvxvImBTbySTUbcEb9wuS_T_RrRTDC6Ba0MHdzocqUb1sMcGVJhRaWn_yluxYcUT9YIO8jxxH85wQiMDHVnygmHSdslpqrWg3M7pxVnzOgER4Yn1lIQryus2JsP-Wq23qvHQn1NeFAEBY0jLqYt0leYT7DY41VYrJl_Gsbjxo5kDS0PCq0g-7fBAsd_Hg-fFqJLOVpjSFNp58SNZlq-xfugcqZug5PSpyiNS0EfpTKMVtxMWAXeP-A24qdeSWKxXrT1u_LzGgsME6AqVv8yUdjnK-36ZZLh3khb9gJtoEF8gXqrc_qQmoUybkBfSOT6Z3NUGD-_NSrOpnHYCjHBd4pWBoUGlWn8jB8cCND6UQxNeyjODK5Y9D3EEXXVC8a0BR0RvFLuBysxzsZdhJ88XsCDjU1HPehmsb-tKPDkgJzUKVy5OerTw_NS0HDG1Wx-A0k8bARoTscMeMOM5g_S-_IsNzyJ1XUD2yXkuJ1x6rcrfupF63MQEDh3yUv4q7eab4ox-STeNs2Ssh7BR9NQt-gK98jQoSEn4OSPS2OYGpQmlbdMRi-U9DaZYOGVwvjnG7KTe2EFbuUYsM15KR6LOvIUqTQhqx3fR1Um_X0fbLUtBmANe3t3zFMuel1u-hP3z-9w76D9LPWZXc30UYeiLBIXSuHtb6L57hu1BnVYYPFzb8JGNhPzpbeAU-4bVOhUPNhEe1X8O-b2XiuHftZitxQCJP6-e-8ODTjCj9iQ4XDJQTY1JnogrJrjU07JK9sxbJQqjpP_fJ-OgBA6RnNKxGNwKULocJX7neFejVZh_qv_M0iU7A7ekA3Ly6LGLJk16DSjfogYzICsWlhZx9YgINVzcFifMvZu9sNxVF4k2cDxXlnRNhpdu-rdG__9nt7kzuGS-AI6rZuF__4xB7-DnG0_U3Tgaa70TNrDnPhWgJhWst2TPq5ZZa8k7TBiz1CmJ0XKJ5TNXcEzoLrzXiC8XQTta9VDNdiSYz3I0OPYZa9mxa7kiWHFDk-__LZ6ssuiYiypShxxpggyxpAT0dn-a9h2OhPrGTaO-sdfB_s9XWwR25weKkYG0-7IjTkN6FC59mPh7fkMpKBeNQ_rDD7nYITc3Af-LoirqGLV-W7AKdweAnkg9g9pvo9QV764pt40W_Qhi2ge6CaBduwbj3Q3mJu_NibD767HudA3D-1_YwIEgtI4WFmqdJl3OIG-wDBxzPy4fvXTjfy_2Z42Ai-7rSTuFH5DqtHCNWp-bMNkTK4Sj-Mt-Y8XsHqOrJkukD_0vxxXDKRJNTsbeLgyDSwUIx2igH9nUS_jq15C84V_6uIE0Kq563_uP34uOUmNZS9U3saEUMtD6ZSBO2W-RwS8uSkv3mFQivEDuT1PiRROcLW2hCtjkQ-MnXOtYbNKtlee-vFRfTd-4I7OKfBUSj-5eTPcu7qLDSneBPITQgbxlSusLzUPaRSYVelYjEKEIrl8Wm-XaQSZNSgSH17ldoZwhrTVMNjZc6DX7-8uChBCfwswqvXqvCqukrLHkz6X74-F-EfP7LDKZLS7gsiQ_E1y7r8FU1D8dKBuZT7NMAPJg0uDqz_chi_irMzySPiIMe_KXGiOpmHCabqhwRIpafXBhLlFoVxA5Z5GCVBhyfWeREBES0NCzmZQJgOuL2nUNmsEG6o7Xu-DEgdG69BQa9cZAcskX7d9pCyd7ALHjBMDQMVDWEzEjfiV31AxPT4ZjJ7tb-e7CqiXUE6EpH2tMwfUZY46Xj3-k4bcOrgRZWtv90TtRAIuTvJjmi7JaGBm6YB8N61-UlSOMPx_eQiRCB3WHFKY1i2JidPNOXtzfrFwMihGTurptoExzsG236V3hkdiY5UfY5pPKvcQlro826tsWULjBylsCrlxBOZ1brMaeSF64Q8xE6XTQthk_8uq2TWfj_XXrTTvsCqNGZUKikxLdIsvymEzm7TbZxiWfNqGamJdo44J4qImyqYuJpKiY06AA2ALTLVg2PRZF-z1MPHZDZv7WQtoKoIf_aqYZbWBGbajxCgjY2swjHxWXUQpmf4E1CKQXNKSri4WhDoAcKkhJn3sFKLcrwcPBYfiviib0iMjelgJOzyl3qma1lcxgWSA-ssC8SfOT0Pzct1kKCZLewOpmz78K4KYn_pW9arvz5iVVCdy5x_n_5pKXos&cid=CAASJORoqlHBWygzLMJ1o0b-aC6CHKlZ7SRmVx0ESyLSlzAYc3WdAA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:58:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
794
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:58:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/ Frame EAC7 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220616/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ay2KE6f6MPTNZvDvwq0ZJQ6j0To9Q43oQakeX2TRt-8oRWBDWxAZuoyPS5RkHTedPHSctMX1aVZO3vjWJmXCZ5kcNs0w&cry=1&dbm_d=AKAmf-BDR_5rLCVtLzhNUJrMt40IXoyisPhom4yUOmBxby2tylMHTzSVmLQY-19IAcZsWVgsTjIPz4Ei8hzmCScPr2Jqd1Z2YcJnfNzVqvwiv9jpv1y7IxZ_80xZXjSFcOvuwMVfc_9aX1SNxdFerjnQorkXjtKrgnzp5J_UJ1-PP5fvvLUZhU_upVft-FUoKS-9QuCDFa2JLWpD892gUVosti0LPhbd7cLYMVUe9BOwG-BElgiwiME16ewr88sT7KAruX6jyijO2kZxihhKW50fpn_v7G65Cdhz29CDUk-sCMsSYAS9ggFNozA72GpwJQb0nl1bNIbhsIpguZ6qTLicQC-7tGbCOF8XVwL7h3pnZIoHwlD2HK3xcpIV2idXXo0v7NVTCNyrLRO2WHt5R846e80-PWVS9g7TXnLJHhjLfuv0mYymCqR32uOHkKM5iuXP15px8M69CTzFva6_tYtz_dPk6bx5P3nCwvXnY-7zhCj9IlTHEC0UWKSXc2F1yABVm5tYT1dv053qt5-_YTFBxQWA-WShE6hcQR9edh-81cPkoqQtnvocUu4Q4vO2bgXjTXWeJC15vOpgLHzUF4JtbfxyByGMC7JL4O_Weul0Q2UJLa6MY7s2ZEkb4RBANeZdW4B_OTAiZEBVet5zj0S46OyAgJBgZatWH59B6fPvWPhZhcbK4IDWMnxaqOt_5y04N1IKqjxlIvPRK6pSNEFm-dlmGGH4Q2dCYFNFCUmrr0Chj0oODN1gwldNIeSlXMLB4WSyrFvgIXaCbKZTwtHiKTGLIR-Cpz339bdTxKLw-qzfu9nGgI7oFMqInYKcr4cxMlrye5erHCDtdI0ZRYGw34MaX-FbX6uWgrlnzO_Znd1Bx39iS9EQWLSxGtvxvImBTbySTUbcEb9wuS_T_RrRTDC6Ba0MHdzocqUb1sMcGVJhRaWn_yluxYcUT9YIO8jxxH85wQiMDHVnygmHSdslpqrWg3M7pxVnzOgER4Yn1lIQryus2JsP-Wq23qvHQn1NeFAEBY0jLqYt0leYT7DY41VYrJl_Gsbjxo5kDS0PCq0g-7fBAsd_Hg-fFqJLOVpjSFNp58SNZlq-xfugcqZug5PSpyiNS0EfpTKMVtxMWAXeP-A24qdeSWKxXrT1u_LzGgsME6AqVv8yUdjnK-36ZZLh3khb9gJtoEF8gXqrc_qQmoUybkBfSOT6Z3NUGD-_NSrOpnHYCjHBd4pWBoUGlWn8jB8cCND6UQxNeyjODK5Y9D3EEXXVC8a0BR0RvFLuBysxzsZdhJ88XsCDjU1HPehmsb-tKPDkgJzUKVy5OerTw_NS0HDG1Wx-A0k8bARoTscMeMOM5g_S-_IsNzyJ1XUD2yXkuJ1x6rcrfupF63MQEDh3yUv4q7eab4ox-STeNs2Ssh7BR9NQt-gK98jQoSEn4OSPS2OYGpQmlbdMRi-U9DaZYOGVwvjnG7KTe2EFbuUYsM15KR6LOvIUqTQhqx3fR1Um_X0fbLUtBmANe3t3zFMuel1u-hP3z-9w76D9LPWZXc30UYeiLBIXSuHtb6L57hu1BnVYYPFzb8JGNhPzpbeAU-4bVOhUPNhEe1X8O-b2XiuHftZitxQCJP6-e-8ODTjCj9iQ4XDJQTY1JnogrJrjU07JK9sxbJQqjpP_fJ-OgBA6RnNKxGNwKULocJX7neFejVZh_qv_M0iU7A7ekA3Ly6LGLJk16DSjfogYzICsWlhZx9YgINVzcFifMvZu9sNxVF4k2cDxXlnRNhpdu-rdG__9nt7kzuGS-AI6rZuF__4xB7-DnG0_U3Tgaa70TNrDnPhWgJhWst2TPq5ZZa8k7TBiz1CmJ0XKJ5TNXcEzoLrzXiC8XQTta9VDNdiSYz3I0OPYZa9mxa7kiWHFDk-__LZ6ssuiYiypShxxpggyxpAT0dn-a9h2OhPrGTaO-sdfB_s9XWwR25weKkYG0-7IjTkN6FC59mPh7fkMpKBeNQ_rDD7nYITc3Af-LoirqGLV-W7AKdweAnkg9g9pvo9QV764pt40W_Qhi2ge6CaBduwbj3Q3mJu_NibD767HudA3D-1_YwIEgtI4WFmqdJl3OIG-wDBxzPy4fvXTjfy_2Z42Ai-7rSTuFH5DqtHCNWp-bMNkTK4Sj-Mt-Y8XsHqOrJkukD_0vxxXDKRJNTsbeLgyDSwUIx2igH9nUS_jq15C84V_6uIE0Kq563_uP34uOUmNZS9U3saEUMtD6ZSBO2W-RwS8uSkv3mFQivEDuT1PiRROcLW2hCtjkQ-MnXOtYbNKtlee-vFRfTd-4I7OKfBUSj-5eTPcu7qLDSneBPITQgbxlSusLzUPaRSYVelYjEKEIrl8Wm-XaQSZNSgSH17ldoZwhrTVMNjZc6DX7-8uChBCfwswqvXqvCqukrLHkz6X74-F-EfP7LDKZLS7gsiQ_E1y7r8FU1D8dKBuZT7NMAPJg0uDqz_chi_irMzySPiIMe_KXGiOpmHCabqhwRIpafXBhLlFoVxA5Z5GCVBhyfWeREBES0NCzmZQJgOuL2nUNmsEG6o7Xu-DEgdG69BQa9cZAcskX7d9pCyd7ALHjBMDQMVDWEzEjfiV31AxPT4ZjJ7tb-e7CqiXUE6EpH2tMwfUZY46Xj3-k4bcOrgRZWtv90TtRAIuTvJjmi7JaGBm6YB8N61-UlSOMPx_eQiRCB3WHFKY1i2JidPNOXtzfrFwMihGTurptoExzsG236V3hkdiY5UfY5pPKvcQlro826tsWULjBylsCrlxBOZ1brMaeSF64Q8xE6XTQthk_8uq2TWfj_XXrTTvsCqNGZUKikxLdIsvymEzm7TbZxiWfNqGamJdo44J4qImyqYuJpKiY06AA2ALTLVg2PRZF-z1MPHZDZv7WQtoKoIf_aqYZbWBGbajxCgjY2swjHxWXUQpmf4E1CKQXNKSri4WhDoAcKkhJn3sFKLcrwcPBYfiviib0iMjelgJOzyl3qma1lcxgWSA-ssC8SfOT0Pzct1kKCZLewOpmz78K4KYn_pW9arvz5iVVCdy5x_n_5pKXos&cid=CAASJORoqlHBWygzLMJ1o0b-aC6CHKlZ7SRmVx0ESyLSlzAYc3WdAA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 03:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
763
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10546
x-xss-protection
0
server
cafe
etag
1672864604874404814
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 07 Jul 2022 03:58:56 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E04 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 08:45:42 GMT
x-content-type-options
nosniff
age
156357
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Jun 2023 08:45:42 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 2E04 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500,700,regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Jun 2022 12:56:05 GMT
x-content-type-options
nosniff
age
227734
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 20 Jun 2023 12:56:05 GMT
dpixel
cms.quantserve.com/ Frame 0213 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECcqpsUI4tgwZbnRIwqpdGw&google_cver=1&google_push=ARnp8GDQhwQ0plCKasKbFRr5f9pQAUmWCovwTOqnCsXhDP7wCHvbmPQuF5mGqM8aKerDqsjAGf2zxyZ_zbXkKUGOFglRnfJxwT4
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0213
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DARnp8GB76rlMhgyVKCOP7kwZiTWKCvy6Nppx5yGY1pxwtTkNyZPmTJ7e6ut0I017cO1xaZX1gHDMetrcMh81Wac9ce844qN6HW4&google_gid=CAESEBQj0EwKeP1UjoIYnrhJFLY&goog...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPvPz5UGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BUm5wOEdCNzZybE1oZ3lWS0NPUDdrd1ppVFdLQ3Z5Nk5wcHg1eUdZMXB4d3RUa055WlBtVEo3ZTZ1dDBJMDE3Y08xeGFaWDFnSERNZXRyY01oODFXYW...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSUttdkFGcnVoc0tmdUJxUHlQYkJDYnVaU01ESVRWMngtcWdqVFpNUXlUNA==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSUttdkFGcnVoc0tmdUJxUHlQYkJDYnVaU01ESVRWMngtcWdqVFpNUXlUNA==&google_push
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Jun 2022 04:11:39 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwSUttdkFGcnVoc0tmdUJxUHlQYkJDYnVaU01ESVRWMngtcWdqVFpNUXlUNA==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 0213
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDLAcXZ...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDLAcXZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjMwNDExNDAwMDA3NzI0NzY4Mjk0Mg%3D%3D&google_push=ARnp8GDLAcXZJF8WFbxc5IJ7XOEHcgy8kgW1FVQNlDW8sNfiqxjpqfUfqT_TbtIToNQROL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjMwNDExNDAwMDA3NzI0NzY4Mjk0Mg%3D%3D&google_push=ARnp8GDLAcXZJF8WFbxc5IJ7XOEHcgy8kgW1FVQNlDW8sNfiqxjpqfUfqT_TbtIToNQROL6gl0FnppZROQuyQ02tdvPtZTsPkA
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjMwNDExNDAwMDA3NzI0NzY4Mjk0Mg%3D%3D&google_push=ARnp8GDLAcXZJF8WFbxc5IJ7XOEHcgy8kgW1FVQNlDW8sNfiqxjpqfUfqT_TbtIToNQROL6gl0FnppZROQuyQ02tdvPtZTsPkA
pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 23 Jun 2022 04:11:40 GMT
dds
rtb.openx.net/sync/ Frame 0213 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEA1wfaMFn-HYJ9kazZ0tj-4&google_cver=1&google_push=ARnp8GCKAO4DFY4IDwYAUJyAgxsamFZweZfSOlNSH9tEpvXuESrhZJnTSUxnfIIIIEKAwLhPHG4QHO_S5XJC_ZVX2_9EiW40Y20
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
8iice2g1b1ar37914b4ht1nh307t3k1c
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 0213 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGMW-EQ-u28VJtYiyj2eRnY&google_cver=1&google_push=ARnp8GABjocwHdZD2Em3S8ySW8_X2wO_9V2rITdUGOVYihpebmWH4oOZrzwZltcOLQhYorN-8aPl1aJLIrFEog9RWnqACLjFqw
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0213
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtZmNutKb-W4gS6_QlrpJE&google_cver=1&google_push=ARnp8GBvq5xUq1gfxz5GIW62WQEFMJib5lw605MO6Drh0NM2hSXAn7hpC_9LKSqQDYM-i7NsC4e...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4QlEtWi1LTTBS&google_push=ARnp8GBvq5xUq1gfxz5GIW62WQEFMJib5lw605MO6Drh0NM2hSXAn7hpC_9LKSqQDYM-i7NsC4e11tFd_SRxpZcLsRc6sjV3dQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4QlEtWi1LTTBS&google_push=ARnp8GBvq5xUq1gfxz5GIW62WQEFMJib5lw605MO6Drh0NM2hSXAn7hpC_9LKSqQDYM-i7NsC4e11tFd_SRxpZcLsRc6sjV3dQ
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4QlEtWi1LTTBS&google_push=ARnp8GBvq5xUq1gfxz5GIW62WQEFMJib5lw605MO6Drh0NM2hSXAn7hpC_9LKSqQDYM-i7NsC4e11tFd_SRxpZcLsRc6sjV3dQ
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 0213
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEF6L2uk-7hr09fl_2mnpME&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrPn-zYD76snqHG8qQUiXQAAAscAAAIB&google_push=ARnp8GAuvHCCvjOZxuuLCyM-_zrh-Ag_4rOeh4L8LWTF6vVVr8iILpNymNOjziQ-1bpQbq5e3t78mETvzAFQbYlYnZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrPn-zYD76snqHG8qQUiXQAAAscAAAIB&google_push=ARnp8GAuvHCCvjOZxuuLCyM-_zrh-Ag_4rOeh4L8LWTF6vVVr8iILpNymNOjziQ-1bpQbq5e3t78mETvzAFQbYlYnZrH3L_8qHA&google_gid=CAESEEF6L2uk-7hr09fl_2mnpME&google_cver=1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 23 Jun 2022 04:11:39 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YrPn-zYD76snqHG8qQUiXQAAAscAAAIB&google_push=ARnp8GAuvHCCvjOZxuuLCyM-_zrh-Ag_4rOeh4L8LWTF6vVVr8iILpNymNOjziQ-1bpQbq5e3t78mETvzAFQbYlYnZrH3L_8qHA&google_gid=CAESEEF6L2uk-7hr09fl_2mnpME&google_cver=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
459
Expires
Thu, 23 Jun 2022 04:11:39 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 0213 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KEb1JabYu5PLgOvwl45johvcwkm3oIJJND0b88NoMFU-PMor6m41WIdobK6v25naGD6hin
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ad.js
z.moatads.com/fallback/ Frame BB2A 		200 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/fallback/ad.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/pbb847483933/bsi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a917f4179203230547c3fcb75808e5360c61fd052e072a851863f574cdcbd7b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
last-modified
Mon, 11 Feb 2019 21:49:15 GMT
server
AmazonS3
x-amz-request-id
8FAB8DB9E5929BC2
etag
"91b3c96c3750422ec5dd1d7c37bc9c00"
content-type
application/x-javascript
cache-control
max-age=22601
accept-ranges
bytes
content-length
200
x-amz-id-2
x/W1uaB3kPSlKurYiyXCZ9l5MmK+gIbwab+TrfNusE3WZ+itPUfURX7fPk7r7CuulEGg7jtKnZY=
moatad.js
z.moatads.com/crystalskiukftdisplaybs363091935889/ Frame F936 		304 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/crystalskiukftdisplaybs363091935889/moatad.js
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/pbb847483933/bsi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a0f0d92f3d2edbc22e0fbe4eb122845f619ddcd2abbfe53034be65e617570a00

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
content-encoding
gzip
last-modified
Tue, 21 Jun 2022 16:41:38 GMT
server
AmazonS3
x-amz-request-id
A9DBFBSVDTWT1DEB
etag
"bc02d3e138b1c907166fbe78a7e7044a"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=22664
accept-ranges
bytes
content-length
105604
x-amz-id-2
PP3GtEwtf8Y8Y7tNGDeFe76ELJQtEs6lLaN0lp3Q9L+BGi5IMiyqlSslGwFDD+MQc8u4JtKJLpo=
pixel.gif
px.moatads.com/ Frame F936 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CRYSTALSKI_UK_FT_DISPLAY1&d=25927350%3A6688358%3A303889082%3ABLOCKED&gw=crystalskiukftdisplay187263321212&bq=0&de=53210845&t=1655957499664&ac=1&ar=6337827-clean&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatJS=3%3A-&bo=ivona.ua&bd=ivona.ua&zMoatLT=%7B%22t0%22%3A1655957499274%2C%22ta%22%3A1655957499398%2C%22t1%22%3A1655957499420%2C%22t2%22%3A1655957499664%2C%22t3%22%3A1655957499664%7D&oj=244&gq=23&zMoatDTYPE=0&ob=1&oc=1&oi=4&zMoatGSTS=0&hw=1&gv=gs_entertain_celeb%2Cgs_fashion%2Cmoat_unsafe%2Cgs_food_misc%2Cgb_measurable%2Cgs_food%2Cgs_entertain%2Cdomain_unsafe%2Cgv_death_injury%2Cgs_health_misc&zGSRC=1&na=926507033&cs=0
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:39 GMT
102366.svg
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		144 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/102366.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50e23b6922bfc1a4a313388c0f26aa3f9cca1b0aa71366aa567c27a3aa49a150
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
12725.jpg
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/12725.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84c1e0b9acb193a79d93bfb095a1f9409f75481769859f3fc47c446bdd1cfb01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11127
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
I12725348129.png
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		251 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/I12725348129.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3df1ba1019126bd7e98f361e315b3a90912c3a539da9df068123a76a8cf35d9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256589
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
I12725418631.png
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		172 KB
172 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/I12725418631.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce3329743f0318989c6695b27752956f78375556fbd33df44837d21d941fb267
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
176157
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
I12725348132.png
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/I12725348132.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d0e378112eb9ce29b5f4365f4cdd61e74ac809ce7f4f87b66a166592d290ac3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58139
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
I12725348133.svg
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		171 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/I12725348133.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
231a63566544b4a49d77b375f1a097b31469524b4977bb2ef2efd033ae6d880f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
160
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
I12725348134.svg
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/I12725348134.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e90d2af27bf6a4dce3419e2c7a105f66420b69023fc9ad342a5e5ce6eece3c47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1742
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
I12725348135.svg
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		8 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/I12725348135.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c790ba2e36e289a98f70237f00f4c866b1dd09a946043ba32d43995c5eb17043
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2665
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
I12725348136.svg
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/I12725348136.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c51d005840fbad17212f540468b5d3e6dd1554fdae81e00243d9989af2c3ceb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1143
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
I12725348139.svg
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/I12725348139.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a72a2bf47a224321128e64e4928bbd9b821245e1e6eaad914b783af0462e18b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1812
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
I12725480697.svg
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		29 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/I12725480697.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cebc7ad5d9305d463059d8e0e83fb6cf7a48e6b9717aadade6b668fcd0755e98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6980
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
I13467302177.jpg
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		116 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/I13467302177.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d5a4882576715344e60650c52d640def2b0324ad9718411f3b36803be8cf8af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118417
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
I13467302178.svg
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/I13467302178.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
371abee8c875c67efc84e3283d1dd68af4b64e2187d7bbb227ad41bde39ed78a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1873
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
I13467302179.svg
s0.2mdn.net/sadbundle/7951278495677948162/images/ Frame 5F79 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7951278495677948162/images/I13467302179.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffecdc3bd659f2a36dee20d520ed817e3d070aaaa61733ec82e322d985ffa44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7951278495677948162/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 10:34:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
149812
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1155
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 13:51:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Jun 2023 10:34:47 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame DE39 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
73674
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 07:43:45 GMT
expires
Thu, 22 Jun 2023 07:43:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ad.png
z.moatads.com/fallback/ Frame 97A1 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z.moatads.com/fallback/ad.png
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef1f342a3e85285f6192a4b04d741a3018a8be6e882da7d9180a869dac3823f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
last-modified
Mon, 11 Feb 2019 20:23:54 GMT
server
AmazonS3
x-amz-request-id
49D31C1D0D873285
etag
"52ebe64201143a9c37ce86939fdc09e8"
content-type
image/png
accept-ranges
bytes
content-length
3937
x-amz-id-2
dAbrrL7VAH/ZEGcAu/BQ6XP5+G0ezSIfjiRDK6wOgJR472IymXY3N5B9Qbl2mauJaJ6Iiek2iJ4=
pixel.gif
px.moatads.com/ Frame 439E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TUI_UK_FT_DISPLAY_BS2&zMoatUrl=https%3A%2F%2Fivona.ua%2F&zMoatBSWFFID=_moatApi84230861&zMoatJPCN=MoatHandleJsonpResponse_385191&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=24425061&zMoatL2=6909169&zMoatL3=303945196&zMoatL4=151351638&zMoatJS=3%3A-&zMoatADV=10150206&zMoatBo=ivona.ua&zMoatBd=ivona.ua&zMoatAISJS=1&zMoatCURL=ivona.ua&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0.0029022693634033203&zMoatLT=%7Bt0%3A1655957498909%2Ct1%3A1655957499207%2Ct2%3A1655957499490%2Ct3%3A1655957499490%2Cta%3A1655957499179%7D&zMoatNL=135&zMoatPRTJ=%7BconnectEnd%3A755%2CconnectStart%3A684%2CdecodedBodySize%3A351%2CdomainLookupEnd%3A684%2CdomainLookupStart%3A656%2Cduration%3A148%2CencodedBodySize%3A351%2CfetchStart%3A656%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A756%2CresponseEnd%3A804%2CresponseStart%3A803%2CsecureConnectionStart%3A718%2CstartTime%3A656%2CtransferSize%3A651%2CworkerStart%3A0%7D&zMoatDUR=283&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&zMoatINS=4&zMoatGSCACHE=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fivona.ua&lp=https%3A%2F%2Fivona.ua&t=1655957499719&de=637881802323&m=0&ar=0a763c40972-clean&iw=618855a&q=2&cb=0&ym=0&cu=1655957499719&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=24425061%3ADBM%20TUI%20UK%20189882466-FC_UK_DIS_DR%3A303945196%3A-&zGSRC=1&gv=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&hw=0&zMoatGSE=1&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&bo=undefined&bd=ivona.ua&gq=23&zMoatDTYPE=0&oj=283&gw=tuiukftdisplaybs288007166418&fd=1&ac=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A761&fs=198942&na=540608342&cs=0
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:39 GMT
pixel
cm.g.doubleclick.net/ Frame 5EE6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJrDeSHQmxpPkPbYv7yf-z8&google_cver=1&google_push=ARnp8GBxTbnMvKnu-jnWY-5eyR7CjtK_aGcosLCfyLOon66Nn-m5wGEXArZfM5BF-5unjMQDtEa9gu-vn8TOH-lM...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=_Otis-f5QACyXvUTi1-eDA&google_push=ARnp8GBxTbnMvKnu-jnWY-5eyR7CjtK_aGcosLCfyLOon66Nn-m5wGEXArZfM5BF-5unjMQDtEa9gu-vn8TOH-lM4tkDQuvu0Kc
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=_Otis-f5QACyXvUTi1-eDA&google_push=ARnp8GBxTbnMvKnu-jnWY-5eyR7CjtK_aGcosLCfyLOon66Nn-m5wGEXArZfM5BF-5unjMQDtEa9gu-vn8TOH-lM4tkDQuvu0Kc
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Thu, 23 Jun 2022 04:11:39 GMT
Server
MT3 4475 c1dc35a master zrh-pixel-x15 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=_Otis-f5QACyXvUTi1-eDA&google_push=ARnp8GBxTbnMvKnu-jnWY-5eyR7CjtK_aGcosLCfyLOon66Nn-m5wGEXArZfM5BF-5unjMQDtEa9gu-vn8TOH-lM4tkDQuvu0Kc
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 23 Jun 2022 04:11:38 GMT
pixel
cm.g.doubleclick.net/ Frame 5EE6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXJQbl93QUszdEV3cXdBag==&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_cver=1&google_push=ARnp8GAdC8DfZayrMizel-ayxqOJD2D6SE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXJQbl93QUszdEV3cXdBag==&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_cver=1&google_push=ARnp8GAdC8DfZayrMizel-ayxqOJD2D6SEG9Ubn93-l6yo6aWBYV4TefhNNDpJz2a7-y6uuDiG9KBJRdEC-AlgYXgVjuRfBCKd9r
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1655957500.804988,VS0,VE0
x-served-by
cache-lcy19241-LCY
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXJQbl93QUszdEV3cXdBag==&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_cver=1&google_push=ARnp8GAdC8DfZayrMizel-ayxqOJD2D6SEG9Ubn93-l6yo6aWBYV4TefhNNDpJz2a7-y6uuDiG9KBJRdEC-AlgYXgVjuRfBCKd9r
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 5EE6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFEYaDmwyjHO4X63t76-Ycg&google_cver=1&google_push=ARnp8GATJ10WDqEu1ehv2B6ogTosc3w4Maccq9Nf8irIVR4D301KjkI7R6Gvd77qBT_5PD92b4TfccyaextW4t2N9KLj...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GATJ10WDqEu1ehv2B6ogTosc3w4Maccq9Nf8irIVR4D301KjkI7R6Gvd77qBT_5PD92b4TfccyaextW4t2N9KLjEZveL_Y&google_hm=ifqJASrEQXm5sy7YW0iEqA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GATJ10WDqEu1ehv2B6ogTosc3w4Maccq9Nf8irIVR4D301KjkI7R6Gvd77qBT_5PD92b4TfccyaextW4t2N9KLjEZveL_Y&google_hm=ifqJASrEQXm5sy7YW0iEqA==
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GATJ10WDqEu1ehv2B6ogTosc3w4Maccq9Nf8irIVR4D301KjkI7R6Gvd77qBT_5PD92b4TfccyaextW4t2N9KLjEZveL_Y&google_hm=ifqJASrEQXm5sy7YW0iEqA==
Date
Thu, 23 Jun 2022 04:11:39 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 5EE6
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEvzZQdE5OKX1fFzlI5ZAGY&google_cver=1&google_push=ARnp8GDiPoMg6n9RWsujHLhklF9RsNr19G1hb1fI1m6HbnsUq45Bijux8Y6uHGxpFJki_jfVrtEAdy98wIyYaJKkirDFzDD...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDiPoMg6n9RWsujHLhklF9RsNr19G1hb1fI1m6HbnsUq45Bijux8Y6uHGxpFJki_jfVrtEAdy98wIyYaJKkirDFzDDm1nXe&google_hm=Njg0NjQwMzk1NTg0OTgyNz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDiPoMg6n9RWsujHLhklF9RsNr19G1hb1fI1m6HbnsUq45Bijux8Y6uHGxpFJki_jfVrtEAdy98wIyYaJKkirDFzDDm1nXe&google_hm=Njg0NjQwMzk1NTg0OTgyNzEzOQ%3D%3D
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Jun 2022 04:11:39 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GDiPoMg6n9RWsujHLhklF9RsNr19G1hb1fI1m6HbnsUq45Bijux8Y6uHGxpFJki_jfVrtEAdy98wIyYaJKkirDFzDDm1nXe&google_hm=Njg0NjQwMzk1NTg0OTgyNzEzOQ%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5EE6 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGMW-EQ-u28VJtYiyj2eRnY&google_cver=1&google_push=ARnp8GAoNnLvhG04Z1FOR83nLNdl_OzVWRh06Oy3x43mbViX9fq4VRy3J36yxjfe_ACR28KSs75DmYbtbJYVlOuRXOZytZIBygXC
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:37 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 5EE6
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEPGAmOgh0nNAN_OFBKA5JJM&google_cver=1&google_push=ARnp8GDHvigA6ttMXfX9uu9Ts5wgtN2G-cI1i3_0O7jdnPSqy71H4Xos8zJ8ePbdosPGXwwE92wsxYhhPv28Y2zsoHxS7A...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=r-Y38KLmRBCKKhVnD8f2pw&google_push=ARnp8GDHvigA6ttMXfX9uu9Ts5wgtN2G-cI1i3_0O7jdnPSqy71H4Xos8zJ8ePbdosPGXwwE92wsxYhhPv28Y2z...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=r-Y38KLmRBCKKhVnD8f2pw&google_push=ARnp8GDHvigA6ttMXfX9uu9Ts5wgtN2G-cI1i3_0O7jdnPSqy71H4Xos8zJ8ePbdosPGXwwE92wsxYhhPv28Y2zsoHxS7AAD05g
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=r-Y38KLmRBCKKhVnD8f2pw&google_push=ARnp8GDHvigA6ttMXfX9uu9Ts5wgtN2G-cI1i3_0O7jdnPSqy71H4Xos8zJ8ePbdosPGXwwE92wsxYhhPv28Y2zsoHxS7AAD05g
date
Thu, 23 Jun 2022 04:11:39 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 5EE6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIorDYP1uR-tQlbbJadCW4M&google_cver=1&google_push=ARnp8GBfFrUq5NiqfO0gzILxpZ5iI0j4S6f0mW077aQx1Ek4NvpNYqvFz9QXjbiqb-ddKk61JB...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kTE1IcGVGRTJ1SEVlQW1QYzNuX2czcGtETm9ZMmtja35B&google_push=ARnp8GBfFrUq5NiqfO0gzILxpZ5iI0j4S6f0mW077aQx1Ek4NvpNYqvFz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kTE1IcGVGRTJ1SEVlQW1QYzNuX2czcGtETm9ZMmtja35B&google_push=ARnp8GBfFrUq5NiqfO0gzILxpZ5iI0j4S6f0mW077aQx1Ek4NvpNYqvFz9QXjbiqb-ddKk61JB8u8W1Tl1EAMI1cHmfoYt9q6vQrow
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1kTE1IcGVGRTJ1SEVlQW1QYzNuX2czcGtETm9ZMmtja35B&google_push=ARnp8GBfFrUq5NiqfO0gzILxpZ5iI0j4S6f0mW077aQx1Ek4NvpNYqvFz9QXjbiqb-ddKk61JB8u8W1Tl1EAMI1cHmfoYt9q6vQrow
date
Thu, 23 Jun 2022 04:11:39 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 5EE6 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4yA2QQHorxzcPPUPQHn3nGMoJJsxPQQSM9L3uZ6WYmYEJO-A80KwOUPWjOWOKa4WF2bbkZQ
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
pagead2.googlesyndication.com/bg/ Frame 0CCE 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b282508d53045b3f805b6697d9c106215798fa6a836e52efb5bb664b72b2342e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
30564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13867
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 19:42:15 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 6C2E 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstnsQ74UuhhhocI_Sm3xSp24n-8lZ6FweEYa6gdn2FZzNUqcbHfp91rwsuVxRDs66eIog1bkdBwhVooG690xJacCM_PlMBnF-pkuKnQyDqgZIhLanSZYcpLF7XUYp0BA7iK4_fl2Fz_1a8H5LtTGXl0lOnvIWpgVcT7JlIY6_R_RnwKUStABi7YHd6Z4Y5IyvZLInTU0vZZVDxlcD3v5aJ0dB6oRa-vttykuKjy5FJTBNCpC87QmXK6ESjhNd2MlStZUoQFPoDgq4XyPDQfKejr-6jxFO8cELer7xP8WjhHzXSxr94v2JbmOKN6s1iHlVcR4yNhpsvRb9y7miYqbVjhs8nH3lz6-z9rCKqDjmYsv-ow-gXAyiXlhvsQdwvmOCadSiFHkGjxQ0vH5EJ9BQ749PbJBYL5ygCxQuJTs8DFBiTPNVrLDUAjYlH2RHIyazcKF_EUfCUQCNkv7MGj-O3C5ygnQn9bIeJpLlOSyjGTtQsIfpZhb0_7Z5eFvW6wR_FU8kxF5C6QxzJXImy-W8IQxxBYNod4mSllt20Gn4p3tqgsIZTphSl04iIr_tmWmccq6w3LA2ST70hLkMAuFyLO83S3gr4tGxgRjb5fbLEez7-SHeW85V8ZkWh-hsGmpxJIlfZIrW0CMfyMmn1xirlD9L3LHED-HhjGh_-5osG04Cyk_XtXRKNysl_k18onyuRZlD-94sY3_BH7e99QxrjLE6Q_E6Q-jPEdrQzHCtDr37ILLeNXV4a7nYiImUcGSnM-NTwUDKenADm6ffTNazEktAEkwnaXRKRPWH7448qNGvEArCXuB3p1_gnvRnEpUUhQzdcV3Dd8ci-iCDlsIUjAlF2VQpIBj2HvfwTZu-yglUO0omy4So68xQ6wq4I2K5kwjsCJIUIkZmsOslErK12m1spC8tlwGnO5pM1bU9Jumx8cZVjeknYR3U95bGPCq_NYV3dFhbOTLMv8yehNnNIguvtYNz5ZW6bznB0ZG3lGgFisSJtnACFqOmqSvCWUZuq-PFk06_wM5Gb9BHCPYyjAwwfiWIX4hq2dl65sZjzuq---KRMLkCsUKpMh39t2e-j2_uuefLo1LJN4_1kaX8hNfpUmlF1_uWRhejdQqxYtpZ_8Jxjdl8OSQ0dxubOKXoOnFSwWyqIhCGgomGHjlE3zgCLX&sai=AMfl-YQlFBOpB9XNj8HcGm_XtBgDi9eJIIWD9Yj_EKNlBXZ8OZbIEdFusAjvy5G0wAguZdodEqRemK5tlXAdryk56Pk7JUIRTJQXxXhIY7E0dK2c9EKa5dQwjAcgF_peuLD6qe0Yofou1kkYVCVSQ-PXdXX_8umueISwOoQLPpsypKrjDnp6mKdIylvW-gT6Ednin3cAlUM_0Z2j51b9_vcUahtGHCSr9IP820fSg0-skBc4&sig=Cg0ArKJSzE314FMR6GqSEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=977&vt=11&dtpt=700&dett=3&cstd=274&cisv=r20220616.50271&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 04:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
pagead2.googlesyndication.com/bg/ Frame E93F 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b282508d53045b3f805b6697d9c106215798fa6a836e52efb5bb664b72b2342e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
30564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13867
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 19:42:15 GMT
/
google2waycm.netmng.com/cm/ Frame 100D 		0
0
i.match
s.tribalfusion.com/z/ Frame 100D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEN_fxP7BsmuFX9hLCNVTqxo&google_cver=1&google_push=ARnp8GDdmvw4jev0R5sNfERzG6skduPfp58yy6Nr2nqYpmZfMKctbSPfyEZIniXJLHwVkaEOuvEhXtBIS0buWHSxhc-XwsjcZocsc...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEN_fxP7BsmuFX9hLCNVTqxo&google_cver=1&google_push=ARnp8GDdmvw4jev0R5sNfERzG6skduPfp58yy6Nr2nqYpmZfMKctbSPfyEZIniXJLHwVkaEOuvEhXtBIS0buWHSxhc-XwsjcZoc...
43 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEN_fxP7BsmuFX9hLCNVTqxo&google_cver=1&google_push=ARnp8GDdmvw4jev0R5sNfERzG6skduPfp58yy6Nr2nqYpmZfMKctbSPfyEZIniXJLHwVkaEOuvEhXtBIS0buWHSxhc-XwsjcZocscQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GDdmvw4jev0R5sNfERzG6skduPfp58yy6Nr2nqYpmZfMKctbSPfyEZIniXJLHwVkaEOuvEhXtBIS0buWHSxhc-XwsjcZocscQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
71fa61889dafcc4e-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
368
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
71fa6186bc8dcc4e-ZRH
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEN_fxP7BsmuFX9hLCNVTqxo&google_cver=1&google_push=ARnp8GDdmvw4jev0R5sNfERzG6skduPfp58yy6Nr2nqYpmZfMKctbSPfyEZIniXJLHwVkaEOuvEhXtBIS0buWHSxhc-XwsjcZocscQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DARnp8GDdmvw4jev0R5sNfERzG6skduPfp58yy6Nr2nqYpmZfMKctbSPfyEZIniXJLHwVkaEOuvEhXtBIS0buWHSxhc-XwsjcZocscQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 100D
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXJQbl93QUszdEV3cXdBag==&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_cver=1&google_push=ARnp8GA78MKmuVB0k8cBC4jT8YJ8Yp4VME...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXJQbl93QUszdEV3cXdBag==&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_cver=1&google_push=ARnp8GA78MKmuVB0k8cBC4jT8YJ8Yp4VMEiMcoD3si1f70S4MwOklTmSnXQzGiSVif70L7C7lGhXumfoCzqVl72WhDwLJtBJtdl8Rg
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
via
1.1 varnish
server
Varnish
x-timer
S1655957500.829586,VS0,VE0
x-served-by
cache-lcy19241-LCY
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WXJQbl93QUszdEV3cXdBag==&google_gid=CAESEGYKhVLuCCQ-I7cyeT9Zud8&google_cver=1&google_push=ARnp8GA78MKmuVB0k8cBC4jT8YJ8Yp4VMEiMcoD3si1f70S4MwOklTmSnXQzGiSVif70L7C7lGhXumfoCzqVl72WhDwLJtBJtdl8Rg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 100D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEAuVjDrC0l9KSUHdHeassOo&google_cver=1&google_push=ARnp8GBKz1ig3rz5wwHcI0_NPToXTnt4dVstu6kXBP_KBOAR4-KGHbEq9-SG5UXHcTvrUcMQyam9iSzt3b1a8Zli70s0CNv6dc45
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C5AEE89E4AE84CBE9FA110A9CE5FC1D0&google_push=ARnp8GBKz1ig3rz5wwHcI0_NPToXTnt4dVstu6kXBP_KBOAR4-KGHbEq9-SG5UXHcTvrUcMQyam9iSzt3b1a8Zl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C5AEE89E4AE84CBE9FA110A9CE5FC1D0&google_push=ARnp8GBKz1ig3rz5wwHcI0_NPToXTnt4dVstu6kXBP_KBOAR4-KGHbEq9-SG5UXHcTvrUcMQyam9iSzt3b1a8Zli70s0CNv6dc45
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 23 Jun 2022 04:11:39 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=C5AEE89E4AE84CBE9FA110A9CE5FC1D0&google_push=ARnp8GBKz1ig3rz5wwHcI0_NPToXTnt4dVstu6kXBP_KBOAR4-KGHbEq9-SG5UXHcTvrUcMQyam9iSzt3b1a8Zli70s0CNv6dc45
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Wed, 22 Jun 2022 04:11:39 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 100D 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESENByWoQarzjbTWNcoTJ9pMU&google_cver=1&google_push=ARnp8GCCVRbdT5ErPKfes1sctHVpOcLNRY008W9BsEXze5o-hkzfuc6dTh4-ue2D0JK4diqM6scartPFqn-OpWF1uGEfM-cL4ikTqg
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 100D
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtZmNutKb-W4gS6_QlrpJE&google_cver=1&google_push=ARnp8GALBxPlTfqX1SPbAVa0VpvAxchsjqEs14ZiMSKB_5k8Q-IbmeSHByTNpIN-K0XkNc6IQGz...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4RlotVy1DUUVC&google_push=ARnp8GALBxPlTfqX1SPbAVa0VpvAxchsjqEs14ZiMSKB_5k8Q-IbmeSHByTNpIN-K0XkNc6IQGzEvwX2LTGaltD_BnEiHuLvj7p98w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4RlotVy1DUUVC&google_push=ARnp8GALBxPlTfqX1SPbAVa0VpvAxchsjqEs14ZiMSKB_5k8Q-IbmeSHByTNpIN-K0XkNc6IQGzEvwX2LTGaltD_BnEiHuLvj7p98w
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4RlotVy1DUUVC&google_push=ARnp8GALBxPlTfqX1SPbAVa0VpvAxchsjqEs14ZiMSKB_5k8Q-IbmeSHByTNpIN-K0XkNc6IQGzEvwX2LTGaltD_BnEiHuLvj7p98w
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
pixel
cm.g.doubleclick.net/ Frame 100D
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEAVlLq7OpMpxV_FRu2zamgs&google_cver=1&google_push=ARnp8GDg3Ws-ee97ptiVIasPfnYj8RclL8u5_Pn8gNqDnBUgeIdC5Aeg_6BDuBz67mjMayiAvMW2VJNLGklIETC48JV3w5udZJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQyMDk0MDEwNTk4NDU4MDA2MDE1NA%3D%3D&google_push=ARnp8GDg3Ws-ee97ptiVIasPfnYj8RclL8u5_Pn8gNqDnBUgeIdC5Aeg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQyMDk0MDEwNTk4NDU4MDA2MDE1NA%3D%3D&google_push=ARnp8GDg3Ws-ee97ptiVIasPfnYj8RclL8u5_Pn8gNqDnBUgeIdC5Aeg_6BDuBz67mjMayiAvMW2VJNLGklIETC48JV3w5udZJtWYw
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQyMDk0MDEwNTk4NDU4MDA2MDE1NA%3D%3D&google_push=ARnp8GDg3Ws-ee97ptiVIasPfnYj8RclL8u5_Pn8gNqDnBUgeIdC5Aeg_6BDuBz67mjMayiAvMW2VJNLGklIETC48JV3w5udZJtWYw
date
Thu, 23 Jun 2022 04:11:39 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 100D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lmg4V1JM1CFncpj_4aMTuML9BfAfxqU0pM9njOf3pf-2Ec0uoEycfFi9DxveucsStgJk25
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
index.html
s0.2mdn.net/sadbundle/2472196587167945595/ Frame C622 		108 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2472196587167945595/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
93eef65f3ca83652f1f21f8c616c1469bbf099fac22f214138d7ca67ac991e92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
482350
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
27730
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Jun 2022 14:12:29 GMT
expires
Sat, 17 Jun 2023 14:12:29 GMT
last-modified
Thu, 10 Mar 2022 16:36:12 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame EAC7 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrJD6BFN3uRU1yxd4UhGZNVkTHaYxmTngoUtZV6TLxK5Tfp98U5yHfXbt7B9XaxN8-UXA1uldFqGCSS8Zi0aqk-mf1k9zqFXxthFoiN6nQpHqtG_-819P1cTmMR2oV9LcehM4FL8_kTr8g2vGhrVLc1HHiL3kbQrrGNc3wtBjSS9sbOw1w_8d5SyxkOF4VSQy4lDiORy6kiXBbJFg_GXIX-iuqKMx-tO48OIVgtu67zfWCkhNZg7kKU9-_uI-qJv18PICt0AX90SC5ak3FXu6QYgRiBf_sYEguiCgbFlkEB5EattO1zn7T6Y_XzqAboDVRnvF70kwt2Tzmnmckcfgcqj5GQ-qopkacydKAs3Uj7tDc8mHcuYd47axMuS9Ut3GHnGTCb5wTmFrQw0R9CwukG7p_y69jYcoDFv6IfHFaT7PiBvg1JmxUk8Uy3-ei00vE3_fpnUD-hR0I7E0RrKvSkWs6Pmj12OaeoWBzeRKTqpjNIEnl_CbaTvkCm5MvkDxdtpsKTeQG5nmQGj5g4K0dqU6QwUimijvVrNG_Mspiqs5o3J5COl38DgDBwo3F9OO0_l30FmLskw85ZgxLQBXlIzpDzuD_xqlX29L46iuOId0LCnfyKzwEISegsUDITD6MuLNIyE9RSu3lxf8nrv23PC-LpalCSPTqJUTzFldzJnu0fIr5-SGs2oYox_L1-pPpEjSisaYcn8VPJlEiKDl3fD4c27pmrhaCfqu7Yl4kmPp99xqteOqKlU8jJvDNjM48M7v9-1e1UuQfpxPTEtqL7pKNl8OpcX84iHnuJBQXWtAH9tN7J1iHr1fDSMvmsNjUT-Itmvc7uTUdEfRk7SIK2fOoxWhDcp9oTjsJRKIX5GAoOgOaDDFpXQiAXGupommFwf5pOQY2yOsc1USjpC2zu3dZ8kLkh8_fjQgDVyGogAxEcntOFFlxBBtsjWObVMDDFH1haBoUEAkYwHPsnkpXXxRvmRC5gzjkie1hbvmCw2IVC2ISytH--djyCiw3aJOUXmdi1ny1tNQPK4llgVTY7m4SjjGmgMtsTK-Rwb4YG3bKhaTKYmiS6QGeEuvy6uplkkK7wdZSFprWST_tY-D0BjLR5ED9Oe67XSWdGxJfQT5lb-z8jJdUsw&sai=AMfl-YTkF4hzLT7EQt_UkkVmbWE1wtYlB6NzpwiafNYZ7CkEEXNybOek23LVkGg6kuXpGjq7Gp6TYKhPpfiQCG9G6OaLSCGI8LRMQrqXG4FxTkj0_ONQtwDwmmPg9Amap3q9t_MKsbVlJlbaVlTZ2VFZ22XKfkXSp53g9pGFmNxBumCOAGYarAOrIe-NBRK50Bsofptz42LKA1rWpUQO6ZG2bA&sig=Cg0ArKJSzPo6GLSfONxHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=275&cbvp=1&cstd=272&cisv=r20220616.98373&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Thu, 23 Jun 2022 04:11:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
TS-Online-EN.png
s0.2mdn.net/sadbundle/12702559889867613319/ Frame 2E04 		628 KB
629 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12702559889867613319/TS-Online-EN.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 11:55:05 GMT
x-content-type-options
nosniff
age
576994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
643563
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 14:13:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 11:55:05 GMT
BitdefenderLogo_white-_2_.png
s0.2mdn.net/sadbundle/12702559889867613319/ Frame 2E04 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12702559889867613319/BitdefenderLogo_white-_2_.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 11:55:05 GMT
x-content-type-options
nosniff
age
576994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28426
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 14:13:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 11:55:05 GMT
OP_20Ans_Ban_300x250_Vec.jpg
s0.2mdn.net/sadbundle/12702559889867613319/ Frame 2E04 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12702559889867613319/OP_20Ans_Ban_300x250_Vec.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
948e0d491c3ed599c53000e9fc76ba69d80e4664b032f1a2c24b97a3cefb2a12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 11:55:05 GMT
x-content-type-options
nosniff
age
576994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16284
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 14:13:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 11:55:05 GMT
OP_20Ans_Ban_300x250_Vec_F3.jpg
s0.2mdn.net/sadbundle/12702559889867613319/ Frame 2E04 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/12702559889867613319/OP_20Ans_Ban_300x250_Vec_F3.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
332128bf7a7e69712b8ddb874d77735abbf071e1bfa47695102025080fd04762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/12702559889867613319/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 11:55:05 GMT
x-content-type-options
nosniff
age
576994
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10125
x-xss-protection
0
last-modified
Wed, 08 Dec 2021 14:13:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 16 Jun 2023 11:55:05 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CC44 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu8C02gOUpujzYLsvrNr_l88ld7-TWGUjG1z9ddI-0dTx5S19Cb35oim1jtATnWszYauUKRAsdd2s77si7MO661BAffg0p2w2DNhokd8FWj43eEnj1S48LS1eKAstFBv5w6yVD6k2_DNOjUIo8zXKw-dTEiyRmULlOzPqoc6JbTmOo_vf7V13RyJP1eyi60HOyAuN4uCrgsYsWtOYsKuyKDWRNdeyCz0-oqPRXRG0WLttVTZQ6IkzIAnQM3NZs585uDIT8vBe0Kt7QfQOR-m6Qfvj_KOsuePV72IEONwAhajNDGbrpTBSM46MKa_7pmsChDXDJl9Sy2loqib7-EiG23pciAY2WI1V85yHAWI3Fe-teOh58fZxAJJhuYXLdsQFT-F0ZfAabvp6BqYdDb1eDyKICMvxsYQlEuNdvxHkc4SLHveLjUMv4nuse20Bv-XlVK3oZX0IRu7xcVCcWfH1LzFI8L5nEJbd8yyIr3j1jvzujnXv4D8vC0wotn5n-tKZAu9nc5tFB75QcFD-IBwl7lS1DyUMZluo0hR1NIGeqlSvu-iTJk9qVVD1y6o-2TCDsg3YYmGOxFcRwh62wZvIvnJNavlBanZkKXeFRM-SosdJPacNqKU7a1HqnT6joFQD51_EA7phxDeWvobVnPcC7JyB7RJ43j-7Uy6D8jG51LiEjY9UbjqUVCl1JW6CDnJ8VkdgMFk3ro_tRHJICO7e8jF_qE9djHr2iDxkHZIxSoHKlgvp4nlU2JbTIQygqGP1orNBGRxcq3i4vdeu0t0P3PdoKR4517YC9H7dio2HZ59H1RC2ltoLzKYHs0RoBVnm5fOMnmk9fnZFfic26q49s8e1zRZVMmTy_17cZhiJbjGAVEJd4i8tQuXOMkaVQ7X12gjpDcZuGnSQw09DZn_g66hh8QSd-WlmzJ2tqk7fo2b8xfcDs96NlMsEOMXu8il_vZ8qoQxfk3DeqVa_j7Ilxze0JdrrhwBzgRkIjTsVZtx4XfWJR0mi15ua9ZdkamztAkxDjCG7f55Tmf9vfuCrixAPtB8x7TbeBaI-tHCKyAIkAFl2M-MUij2vwwvfIeSa8Aoz98a9HSmhKgudjHBEZVJ2-fy57PliKU8riXjE7hQ033trre2kljD_Q-c0FuU4tkkNMekgk_XqI_U4-WEK5KH3HGeqoRXHsnMKZUG6bW0l8nZSc_O2iCphxF0C4zVnB7XApD50nOcWRcWQSOoek&sai=AMfl-YSPjTSqFtDiUsCXdlRATKu5KFK0xtka-8BWT4z64-5dJOdawnef77KNdlnw0bJCSGdOIbKBROwHQtujPgWwLy9XWphFC3-ad52OM_KVsOohcKST3OAp4iPk_vdk29KyfjxLBrTxXL2E7I1ZYhVhBeQ6KD12i9WthBdYv0WrpzlihRksjAPzzNvCVhYHck7mNOjZqgHymz5UmKFAY6Z87I9C1f4Y_4Ki7N1IY8spuvfP_ZM&sig=Cg0ArKJSzF0tXysJGNAcEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=673&vt=11&dtpt=405&dett=3&cstd=264&cisv=r20220616.57177&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 04:11:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EAC7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 07:43:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73704
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 22 Jun 2023 07:43:15 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8BA7 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
80275
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 05:53:44 GMT
etag
48472445140208031
expires
Thu, 23 Jun 2022 05:53:44 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ad.png
z.moatads.com/fallback/ Frame BB2A 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z.moatads.com/fallback/ad.png
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ef1f342a3e85285f6192a4b04d741a3018a8be6e882da7d9180a869dac3823f8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:39 GMT
last-modified
Mon, 11 Feb 2019 20:23:54 GMT
server
AmazonS3
x-amz-request-id
49D31C1D0D873285
etag
"52ebe64201143a9c37ce86939fdc09e8"
content-type
image/png
accept-ranges
bytes
content-length
3937
x-amz-id-2
dAbrrL7VAH/ZEGcAu/BQ6XP5+G0ezSIfjiRDK6wOgJR472IymXY3N5B9Qbl2mauJaJ6Iiek2iJ4=
pixel.gif
px.moatads.com/ Frame F936 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CRYSTALSKI_UK_FT_DISPLAY_BS2&zMoatUrl=https%3A%2F%2Fivona.ua%2F&zMoatBSWFFID=_moatApi36872821&zMoatJPCN=MoatHandleJsonpResponse_28042259&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=25927350&zMoatL2=6688358&zMoatL3=303889082&zMoatL4=154638429&zMoatJS=3%3A-&zMoatBo=ivona.ua&zMoatBd=ivona.ua&zMoatAISJS=1&zMoatCURL=ivona.ua&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0&zMoatLT=%7Bt0%3A1655957499274%2Ct1%3A1655957499420%2Ct2%3A1655957499664%2Ct3%3A1655957499664%2Cta%3A1655957499398%7D&zMoatNL=202&zMoatPRTJ=%7BconnectEnd%3A552%2CconnectStart%3A552%2CdecodedBodySize%3A341%2CdomainLookupEnd%3A552%2CdomainLookupStart%3A552%2Cduration%3A42%2CencodedBodySize%3A341%2CfetchStart%3A552%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A553%2CresponseEnd%3A594%2CresponseStart%3A594%2CsecureConnectionStart%3A552%2CstartTime%3A552%2CtransferSize%3A641%2CworkerStart%3A0%7D&zMoatDUR=244&zMoatF3D9Z4=b&zMoatCHNLS=gs_entertain_celeb%2Cgs_fashion%2Cmoat_unsafe%2Cgs_food_misc%2Cgb_measurable%2Cgs_food%2Cgs_entertain%2Cdomain_unsafe%2Cgv_death_injury%2Cgs_health_misc&zMoatINS=4&zMoatGSCACHE=1&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fivona.ua&lp=https%3A%2F%2Fivona.ua&t=1655957499946&de=376581290781&m=0&ar=0a763c40972-clean&iw=28c08b4&q=2&cb=0&ym=0&cu=1655957499946&ll=2&lm=1&ln=1&r=0&em=0&en=0&d=25927350%3ADBM%20TUI%20UK%201494559211-CSKI_UK_DIS%3A303889082%3A-&zMoatDTYPE=0&zMoatGSE=1&zMoatPRTM=-&zMoatF3D9Z3=-&zMoatPTNS=-&zGSRC=1&gv=gs_entertain_celeb%2Cgs_fashion%2Cmoat_unsafe%2Cgs_food_misc%2Cgb_measurable%2Cgs_food%2Cgs_entertain%2Cdomain_unsafe%2Cgv_death_injury%2Cgs_health_misc&hw=1&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&bo=undefined&bd=ivona.ua&gq=23&oj=244&gw=crystalskiukftdisplaybs363091935889&fd=1&ac=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A682&fs=198942&na=1602035253&cs=0
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:40 GMT
truncated
/ Frame EAC7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2736f2b2b23040c880a0b4c682213c739a0598b048272e7dade16ea806cb6d18

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
px.moatads.com/ Frame 439E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&zMoatUrl=https%3A%2F%2Fivona.ua%2F&zMoatBSWFFID=_moatApi84230861&zMoatJPCN=MoatHandleJsonpResponse_385191&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=24425061&zMoatL2=6909169&zMoatL3=303945196&zMoatL4=151351638&zMoatJS=3%3A-&zMoatADV=10150206&zMoatBo=ivona.ua&zMoatBd=ivona.ua&zMoatAISJS=1&zMoatCURL=ivona.ua&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0.0029022693634033203&zMoatLT=%7Bt0%3A1655957498909%2Ct1%3A1655957499207%2Ct2%3A1655957499490%2Ct3%3A1655957499490%2Cta%3A1655957499179%7D&zMoatNL=135&zMoatPRTJ=%7BconnectEnd%3A755%2CconnectStart%3A684%2CdecodedBodySize%3A351%2CdomainLookupEnd%3A684%2CdomainLookupStart%3A656%2Cduration%3A148%2CencodedBodySize%3A351%2CfetchStart%3A656%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A756%2CresponseEnd%3A804%2CresponseStart%3A803%2CsecureConnectionStart%3A718%2CstartTime%3A656%2CtransferSize%3A651%2CworkerStart%3A0%7D&zMoatDUR=283&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&zMoatINS=4&zMoatGSCACHE=0&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A130%2CencodedBodySize%3A0%2CfetchStart%3A942%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A1072%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A942%2CtransferSize%3A0%2CworkerStart%3A0%7D&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fc4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com%2F%2Fsafeframe%2F1-0-38%2Fhtml%2FIFRAME&i=TUI_UK_FT_DISPLAY_BS2&ol=273284308&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-zka3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkQAhdO0GQrpmAccYWT5mZs%3D&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-IA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gv=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&hw=0&zMoatGSE=1&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fivona.ua&lp=https%3A%2F%2Fivona.ua&t=1655957499719&de=637881802323&cu=1655957499719&m=NaN&ar=0a763c40972-clean&iw=618855a&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A761&im=0&in=0&pd=0&em=0&en=0&bu=0&cd=0&ah=0&am=0&rf=0&re=1&cl=0&at=0&d=24425061%3ADBM%20TUI%20UK%20189882466-FC_UK_DIS_DR%3A303945196%3A-&bo=undefined&bd=ivona.ua&gq=23&zMoatDTYPE=0&oj=283&gw=tuiukftdisplaybs288007166418&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&ti=0&ih=2&tc=0&fs=198942&na=1667956880&cs=0
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:40 GMT
gsap_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C622 		63 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2472196587167945595/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2472196587167945595/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25329
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Jun 2022 04:11:40 GMT
customease_3.9.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame C622 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/customease_3.9.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2472196587167945595/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03f848430009dfc2116b88af857bb44ef073aca257eb71ff8575e8f0f1fc0f3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2472196587167945595/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3697
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 19:08:48 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 23 Jun 2022 04:11:40 GMT
soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
pagead2.googlesyndication.com/bg/ Frame DE39 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b282508d53045b3f805b6697d9c106215798fa6a836e52efb5bb664b72b2342e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
30565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13867
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 19:42:15 GMT
pic1.jpg
s0.2mdn.net/sadbundle/2472196587167945595/ Frame C622 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2472196587167945595/pic1.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2472196587167945595/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3ae51ffdbcab9ba72045b701d3d6b4c9832c7d9ff46f45affdea9e8f2bc4293
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2472196587167945595/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 14:12:29 GMT
x-content-type-options
nosniff
age
482351
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31230
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 16:36:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 14:12:29 GMT
dialog_shadow.png
s0.2mdn.net/sadbundle/2472196587167945595/ Frame C622 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2472196587167945595/dialog_shadow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2472196587167945595/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
03418c354cee4b4204d83630572a048be353e3f26c293c869191a0d9a0494e1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2472196587167945595/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 17 Jun 2022 14:12:29 GMT
x-content-type-options
nosniff
age
482351
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2489
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 16:36:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 17 Jun 2023 14:12:29 GMT
cursor_shadow.png
s0.2mdn.net/sadbundle/2472196587167945595/ Frame C622 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2472196587167945595/cursor_shadow.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2472196587167945595/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
479ab423a43aecf5d5e8a5b1de4235c848f17e321c38663f21f18cc8cfe23fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2472196587167945595/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 08:46:55 GMT
x-content-type-options
nosniff
age
69885
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2678
x-xss-protection
0
last-modified
Thu, 10 Mar 2022 16:36:12 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 22 Jun 2023 08:46:55 GMT
pixel.gif
px.moatads.com/ Frame F936 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&zMoatUrl=https%3A%2F%2Fivona.ua%2F&zMoatBSWFFID=_moatApi36872821&zMoatJPCN=MoatHandleJsonpResponse_28042259&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=25927350&zMoatL2=6688358&zMoatL3=303889082&zMoatL4=154638429&zMoatJS=3%3A-&zMoatBo=ivona.ua&zMoatBd=ivona.ua&zMoatAISJS=1&zMoatCURL=ivona.ua&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0&zMoatLT=%7Bt0%3A1655957499274%2Ct1%3A1655957499420%2Ct2%3A1655957499664%2Ct3%3A1655957499664%2Cta%3A1655957499398%7D&zMoatNL=202&zMoatPRTJ=%7BconnectEnd%3A552%2CconnectStart%3A552%2CdecodedBodySize%3A341%2CdomainLookupEnd%3A552%2CdomainLookupStart%3A552%2Cduration%3A42%2CencodedBodySize%3A341%2CfetchStart%3A552%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A553%2CresponseEnd%3A594%2CresponseStart%3A594%2CsecureConnectionStart%3A552%2CstartTime%3A552%2CtransferSize%3A641%2CworkerStart%3A0%7D&zMoatDUR=244&zMoatF3D9Z4=b&zMoatCHNLS=gs_entertain_celeb%2Cgs_fashion%2Cmoat_unsafe%2Cgs_food_misc%2Cgb_measurable%2Cgs_food%2Cgs_entertain%2Cdomain_unsafe%2Cgv_death_injury%2Cgs_health_misc&zMoatINS=4&zMoatGSCACHE=1&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A70%2CencodedBodySize%3A0%2CfetchStart%3A798%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A867%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A798%2CtransferSize%3A0%2CworkerStart%3A0%7D&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fc4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com%2F%2Fsafeframe%2F1-0-38%2Fhtml%2FIFRAME&i=CRYSTALSKI_UK_FT_DISPLAY_BS2&ol=273284308&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-iwO8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-0BJLasQST%2BDrDg%3D%3D&sc=1&os=1-Aw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gv=gs_entertain_celeb%2Cgs_fashion%2Cmoat_unsafe%2Cgs_food_misc%2Cgb_measurable%2Cgs_food%2Cgs_entertain%2Cdomain_unsafe%2Cgv_death_injury%2Cgs_health_misc&hw=1&zMoatGSE=1&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fivona.ua&lp=https%3A%2F%2Fivona.ua&t=1655957499946&de=376581290781&cu=1655957499946&m=NaN&ar=0a763c40972-clean&iw=28c08b4&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=604&le=1&gm=1&io=1&ch=0&vv=0&vw=0%3A0%3A0&vp=undefined&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A682&im=0&in=0&pd=0&em=0&en=0&bu=0&cd=0&ah=0&am=0&rf=0&re=1&cl=0&at=0&d=25927350%3ADBM%20TUI%20UK%201494559211-CSKI_UK_DIS%3A303889082%3A-&bo=undefined&bd=ivona.ua&gq=23&zMoatDTYPE=0&oj=244&gw=crystalskiukftdisplaybs363091935889&zMoatF3D9Z3=-&zMoatPTNS=-&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=null&it=500&oq=0&ot=0&ti=0&ih=2&tc=0&fs=198942&na=828412369&cs=0
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:40 GMT
pixel.gif
px.moatads.com/ Frame 439E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&zMoatUrl=https%3A%2F%2Fivona.ua%2F&zMoatBSWFFID=_moatApi84230861&zMoatJPCN=MoatHandleJsonpResponse_385191&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=24425061&zMoatL2=6909169&zMoatL3=303945196&zMoatL4=151351638&zMoatJS=3%3A-&zMoatADV=10150206&zMoatBo=ivona.ua&zMoatBd=ivona.ua&zMoatAISJS=1&zMoatCURL=ivona.ua&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0.0029022693634033203&zMoatLT=%7Bt0%3A1655957498909%2Ct1%3A1655957499207%2Ct2%3A1655957499490%2Ct3%3A1655957499490%2Cta%3A1655957499179%7D&zMoatNL=135&zMoatPRTJ=%7BconnectEnd%3A755%2CconnectStart%3A684%2CdecodedBodySize%3A351%2CdomainLookupEnd%3A684%2CdomainLookupStart%3A656%2Cduration%3A148%2CencodedBodySize%3A351%2CfetchStart%3A656%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A756%2CresponseEnd%3A804%2CresponseStart%3A803%2CsecureConnectionStart%3A718%2CstartTime%3A656%2CtransferSize%3A651%2CworkerStart%3A0%7D&zMoatDUR=283&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&zMoatINS=4&zMoatGSCACHE=0&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A130%2CencodedBodySize%3A0%2CfetchStart%3A942%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A1072%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A942%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1655957498551&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TUI_UK_FT_DISPLAY_BS2&ol=273284308&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-zka3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkQAhdO0GQrpmAccYWT5mZs%3D&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-IA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gv=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&hw=0&zMoatGSE=1&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fivona.ua&lp=https%3A%2F%2Fivona.ua&t=1655957499719&de=637881802323&cu=1655957499719&m=64&ar=0a763c40972-clean&iw=618855a&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A761&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=54&cd=0&ah=54&am=0&rf=0&re=1&wb=1&cl=0&at=0&d=24425061%3ADBM%20TUI%20UK%20189882466-FC_UK_DIS_DR%3A303945196%3A-&bo=undefined&bd=ivona.ua&gq=23&zMoatDTYPE=0&oj=283&gw=tuiukftdisplaybs288007166418&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=2&tc=0&fs=198942&na=587816734&cs=0
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:40 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7B5C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
73675
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Jun 2022 07:43:45 GMT
expires
Thu, 22 Jun 2023 07:43:45 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 8BA7
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECcqpsUI4tgwZbnRIwqpdGw&google_cver=1&google_push=ARnp8GAthiMp9A0BUhIafZnkVlq5aqfBMrLU81ba-KWVqronUrkCYssvjs...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAthiMp9A0BUhIafZnkVlq5aqfBMrLU81ba-KWVqronUrkCYssvjs7ht744OQESgxUUVeg9z76-bbuvesPxyRoA-mzrqt0&google_hm=CRW_utaOTzEs_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAthiMp9A0BUhIafZnkVlq5aqfBMrLU81ba-KWVqronUrkCYssvjs7ht744OQESgxUUVeg9z76-bbuvesPxyRoA-mzrqt0&google_hm=CRW_utaOTzEs_RadLm2YsA
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ARnp8GAthiMp9A0BUhIafZnkVlq5aqfBMrLU81ba-KWVqronUrkCYssvjs7ht744OQESgxUUVeg9z76-bbuvesPxyRoA-mzrqt0&google_hm=CRW_utaOTzEs_RadLm2YsA
pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8BA7
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DARnp8GBTiVC-zC455peHj7GFGBxliHIACPt8gRH0hBH...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJQbl93QUszdEV3cXdBag&google_push=ARnp8GBTiVC-zC455peHj7GFGBxliHIACPt8gRH0hBHewAXgnYGarM3URo-kT04qGW-XW8uWezR6B2ukomRDL6hy6tXuCayD0kQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJQbl93QUszdEV3cXdBag&google_push=ARnp8GBTiVC-zC455peHj7GFGBxliHIACPt8gRH0hBHewAXgnYGarM3URo-kT04qGW-XW8uWezR6B2ukomRDL6hy6tXuCayD0kQ
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXJQbl93QUszdEV3cXdBag&google_push=ARnp8GBTiVC-zC455peHj7GFGBxliHIACPt8gRH0hBHewAXgnYGarM3URo-kT04qGW-XW8uWezR6B2ukomRDL6hy6tXuCayD0kQ
Date
Thu, 23 Jun 2022 04:11:40 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame 8BA7
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DARnp8GDtxegs...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjMwNDExNDAwMDA3NzI0NzY4Mjk0Mg%3D%3D&google_push=ARnp8GDtxegs2s7VwX3_sGDbyFhZiIG9wE17Onb_mgxpAEpWq4g_BvV524xCBdOJRd7KPr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjMwNDExNDAwMDA3NzI0NzY4Mjk0Mg%3D%3D&google_push=ARnp8GDtxegs2s7VwX3_sGDbyFhZiIG9wE17Onb_mgxpAEpWq4g_BvV524xCBdOJRd7KPrWG7ut_6zKuo3vnqwOkg1XhwHpR8TM
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA2MjMwNDExNDAwMDA3NzI0NzY4Mjk0Mg%3D%3D&google_push=ARnp8GDtxegs2s7VwX3_sGDbyFhZiIG9wE17Onb_mgxpAEpWq4g_BvV524xCBdOJRd7KPrWG7ut_6zKuo3vnqwOkg1XhwHpR8TM
pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Thu, 23 Jun 2022 04:11:40 GMT
dds
rtb.openx.net/sync/ Frame 8BA7 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEA1wfaMFn-HYJ9kazZ0tj-4&google_cver=1&google_push=ARnp8GBOvji-UHiBOpjY3PZFIbV1Z7SQGwKmwLUVfSbYdJjfPgbiPXbdxywDdufMzOOk5aZBWJdwOGO4HgWIslpOJW236LchFQ
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
oc1a8cr6ji3hblajg38uk9qk5vmt3q0n
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 8BA7 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGMW-EQ-u28VJtYiyj2eRnY&google_cver=1&google_push=ARnp8GAkSpaPhKtOMnWSbXKn8prGEznI-9sRxwEfKwmPrRhdk6R7vvJMn5Y-VOTcjWRdN91raAzkypIXHpvBMN9_Abun2zrHrns
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8BA7
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDtZmNutKb-W4gS6_QlrpJE&google_cver=1&google_push=ARnp8GCq0f0ZXjA1SqnQf4JgjPdL2EFQ8Lh_o0wH8w43AqAj1PNWfli0Jtf8sCrTte7OpNdQIww...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4VUYtMVQtQ1cwMg==&google_push=ARnp8GCq0f0ZXjA1SqnQf4JgjPdL2EFQ8Lh_o0wH8w43AqAj1PNWfli0Jtf8sCrTte7OpNdQIwwvoKBFAV2RDR4i9YBzyfuY5K4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4VUYtMVQtQ1cwMg==&google_push=ARnp8GCq0f0ZXjA1SqnQf4JgjPdL2EFQ8Lh_o0wH8w43AqAj1PNWfli0Jtf8sCrTte7OpNdQIwwvoKBFAV2RDR4i9YBzyfuY5K4
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRRSUM4VUYtMVQtQ1cwMg==&google_push=ARnp8GCq0f0ZXjA1SqnQf4JgjPdL2EFQ8Lh_o0wH8w43AqAj1PNWfli0Jtf8sCrTte7OpNdQIwwvoKBFAV2RDR4i9YBzyfuY5K4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 8BA7 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 8BA7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JUEXfpZjlef1uA5JLEnygWO8uf6JmUC5FpCANb5SNjb4obqish9HVjF_qAIHuwXFj9XE8fpg
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 23 Jun 2022 04:11:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel.gif
px.moatads.com/ Frame F936 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&zMoatUrl=https%3A%2F%2Fivona.ua%2F&zMoatBSWFFID=_moatApi36872821&zMoatJPCN=MoatHandleJsonpResponse_28042259&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=25927350&zMoatL2=6688358&zMoatL3=303889082&zMoatL4=154638429&zMoatJS=3%3A-&zMoatBo=ivona.ua&zMoatBd=ivona.ua&zMoatAISJS=1&zMoatCURL=ivona.ua&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0&zMoatLT=%7Bt0%3A1655957499274%2Ct1%3A1655957499420%2Ct2%3A1655957499664%2Ct3%3A1655957499664%2Cta%3A1655957499398%7D&zMoatNL=202&zMoatPRTJ=%7BconnectEnd%3A552%2CconnectStart%3A552%2CdecodedBodySize%3A341%2CdomainLookupEnd%3A552%2CdomainLookupStart%3A552%2Cduration%3A42%2CencodedBodySize%3A341%2CfetchStart%3A552%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A553%2CresponseEnd%3A594%2CresponseStart%3A594%2CsecureConnectionStart%3A552%2CstartTime%3A552%2CtransferSize%3A641%2CworkerStart%3A0%7D&zMoatDUR=244&zMoatF3D9Z4=b&zMoatCHNLS=gs_entertain_celeb%2Cgs_fashion%2Cmoat_unsafe%2Cgs_food_misc%2Cgb_measurable%2Cgs_food%2Cgs_entertain%2Cdomain_unsafe%2Cgv_death_injury%2Cgs_health_misc&zMoatINS=4&zMoatGSCACHE=1&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A70%2CencodedBodySize%3A0%2CfetchStart%3A798%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A867%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A798%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1655957498868&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=CRYSTALSKI_UK_FT_DISPLAY_BS2&ol=273284308&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-iwO8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-0BJLasQST%2BDrDg%3D%3D&sc=1&os=1-Aw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gv=gs_entertain_celeb%2Cgs_fashion%2Cmoat_unsafe%2Cgs_food_misc%2Cgb_measurable%2Cgs_food%2Cgs_entertain%2Cdomain_unsafe%2Cgv_death_injury%2Cgs_health_misc&hw=1&zMoatGSE=1&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fivona.ua&lp=https%3A%2F%2Fivona.ua&t=1655957499946&de=376581290781&cu=1655957499946&m=111&ar=0a763c40972-clean&iw=28c08b4&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=604&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A682&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=99&cd=0&ah=99&am=0&rf=0&re=1&wb=1&cl=0&at=0&d=25927350%3ADBM%20TUI%20UK%201494559211-CSKI_UK_DIS%3A303889082%3A-&bo=undefined&bd=ivona.ua&gq=23&zMoatDTYPE=0&oj=244&gw=crystalskiukftdisplaybs363091935889&zMoatF3D9Z3=-&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=2&tc=0&fs=198942&na=483086961&cs=0
Requested by
Host: c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
URL: https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0BDF 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BccCL-uezYq-5L_qx7_UPmNqb-A8AAAAAOAHgBAI&bg=!1tWl1ZHNAAZlcKWdRXA7ACkAdvg8WuvH8fdXX3k_MLJzLwoS1SQBnNsuTmt2EcH-FoRSF9GiPPVcMgIAAAL9UgAAAAJoAQeZAuWkact3er9B0K8F-S857-RSTkywLKz2xrCOPvtU1AbKidSpkiVD_33LpmvEx1BLD5xWkfKpNAFNCFO--2HxmdEIPRBOdmz7WFQr0Bh90ZkaeSePt2MhcoilTKWOq32JikETJP0PCMvFvjdtYSEGJeR2khM0PAHh6q3xmu2bxOQYShv_TP9_PCNyQTYxPN3SDoexZ_delgExvcZ5HtiQcXhC8wfGn97opOMu0MNpqP4Gc2uypPihWxxNq2O4gkyFwrOYVCBOfseeavotsa12hRl7L_PxgVyx9k5bZYYRShksfZBClOhCygCBallgaBrvevA1MJ680rKBSjiEUBSFQKDmp32WS3qtYQwsPC7NrjHHzOcmGHvbNjD14IQTkEzj9xXbeTkyNfxUQgzF5E4Qrz_lM2_41kczwi5GOewJog0ndREuWpq8LI8cIPCyICW7ysEdFiFTTnIqdSEdUrfHFovFbFpKnmeVIhvFoR75vFc55hBZrr1uBVJ23hASABTDrsztlAk50uoxhAZ8dTHtu1FFm3IcMIFqrzsrlMK1w4Yqj0q65tQzNEvoZWlKRNX75pKRXYXmzWv1kqlGR9sdR-d3X71VubZ_yslvq7Jg2QDBCsc366WOUDRhzc9CKxuECqRpfKqUk54wagwA_TK9wi_p6KoAWNFcnH03YbuIqUkpB0lWh-Rd4Pd1al1YyUFWX2F_-NeIisKfgeR-UHgEmWkkGxJDoIBg8CnsDs_vgq9NFqprWhqoA8kfWGTaVYS_bH3bGQin_QCPu92AfGJKGxXBvK7Aw46Sp2wvRYTPF_HOsn0UNJ6SNH1RFs5s9RGHyvUx6zanHY0Mz15-fTpVP9CtKIp5_gKtqTMiB-L471L5dta7OhRAbiNFy_kBVLH8xDQRvLxpLHZ8ZADZ1UDMNMWHR4kU9z7S6_f1WCKVooaWQRLRSI4YdmoOvpQ2zwGAubWkyUcRpyS4VBHGv_nSEHVNhylA5rU
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame EAC7 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssrJD6BFN3uRU1yxd4UhGZNVkTHaYxmTngoUtZV6TLxK5Tfp98U5yHfXbt7B9XaxN8-UXA1uldFqGCSS8Zi0aqk-mf1k9zqFXxthFoiN6nQpHqtG_-819P1cTmMR2oV9LcehM4FL8_kTr8g2vGhrVLc1HHiL3kbQrrGNc3wtBjSS9sbOw1w_8d5SyxkOF4VSQy4lDiORy6kiXBbJFg_GXIX-iuqKMx-tO48OIVgtu67zfWCkhNZg7kKU9-_uI-qJv18PICt0AX90SC5ak3FXu6QYgRiBf_sYEguiCgbFlkEB5EattO1zn7T6Y_XzqAboDVRnvF70kwt2Tzmnmckcfgcqj5GQ-qopkacydKAs3Uj7tDc8mHcuYd47axMuS9Ut3GHnGTCb5wTmFrQw0R9CwukG7p_y69jYcoDFv6IfHFaT7PiBvg1JmxUk8Uy3-ei00vE3_fpnUD-hR0I7E0RrKvSkWs6Pmj12OaeoWBzeRKTqpjNIEnl_CbaTvkCm5MvkDxdtpsKTeQG5nmQGj5g4K0dqU6QwUimijvVrNG_Mspiqs5o3J5COl38DgDBwo3F9OO0_l30FmLskw85ZgxLQBXlIzpDzuD_xqlX29L46iuOId0LCnfyKzwEISegsUDITD6MuLNIyE9RSu3lxf8nrv23PC-LpalCSPTqJUTzFldzJnu0fIr5-SGs2oYox_L1-pPpEjSisaYcn8VPJlEiKDl3fD4c27pmrhaCfqu7Yl4kmPp99xqteOqKlU8jJvDNjM48M7v9-1e1UuQfpxPTEtqL7pKNl8OpcX84iHnuJBQXWtAH9tN7J1iHr1fDSMvmsNjUT-Itmvc7uTUdEfRk7SIK2fOoxWhDcp9oTjsJRKIX5GAoOgOaDDFpXQiAXGupommFwf5pOQY2yOsc1USjpC2zu3dZ8kLkh8_fjQgDVyGogAxEcntOFFlxBBtsjWObVMDDFH1haBoUEAkYwHPsnkpXXxRvmRC5gzjkie1hbvmCw2IVC2ISytH--djyCiw3aJOUXmdi1ny1tNQPK4llgVTY7m4SjjGmgMtsTK-Rwb4YG3bKhaTKYmiS6QGeEuvy6uplkkK7wdZSFprWST_tY-D0BjLR5ED9Oe67XSWdGxJfQT5lb-z8jJdUsw&sai=AMfl-YTkF4hzLT7EQt_UkkVmbWE1wtYlB6NzpwiafNYZ7CkEEXNybOek23LVkGg6kuXpGjq7Gp6TYKhPpfiQCG9G6OaLSCGI8LRMQrqXG4FxTkj0_ONQtwDwmmPg9Amap3q9t_MKsbVlJlbaVlTZ2VFZ22XKfkXSp53g9pGFmNxBumCOAGYarAOrIe-NBRK50Bsofptz42LKA1rWpUQO6ZG2bA&sig=Cg0ArKJSzPo6GLSfONxHEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=868&vt=11&dtpt=593&dett=3&cstd=272&cisv=r20220616.98373&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 23 Jun 2022 04:11:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3699 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkBDW-uezYpyyHtaRjuwPpM6Q2A0AAAAAOAHgBAI&bg=!n5ylnNjNAAZlcKWdRXA7ACkAdvg8Wso7J1d-6vmw-hlWCcSmm5rKoVPY-m2ZuZ8uITmvTvKOA8WbdAIAAAM1UgAAAAJoAQeZAt6DIoiToRcHPpYq2vuL7e2oHhVUyF9VrloFKFdeAoAJShnOHgZHi4ItFmudbvl6GmADmZ0CcnSvYkpZtathjsiMeJsO3qb7pKPglc4ygCBUOWILd4OKY3XhmJ7WKxbLvXDsc8uPRIpLGRVPWeedIhgqrH4KSO5wusk4cG9Mug4iTZt1IsbDEboXyw1MNeas2SRONknKDQm1w293HlV5WMwxDo6fuD4AQpDisR8JphCrWB30Tosv-2KaajzLGY6GGeQ2DiUOdkUZo0PB4vhW5HYjsL1Kbw_G2TfpQx3iVv_kHg9JCH7eVSmRfApxPRGFTTCJx7YrEllfN0L8UpVakvNS9CBRxpGm-3UBTQp5W4Rmm9h_1LuBgCfIrFvw07phbv5xgnF5qLtXftMvo0C8ItLvemtQ0SYl6P6_lDnERuRDyAYnMoCs6WnKgCQV6yXk1yF7fNspFZXx51O9rwOK4ThlbHf96TdM1xHdEphxocDwWtiMDIfOFKmVVQjLtTlvhY3Xh5_5wE4k1cDPeM_QG8P8lnnn7KR_aTMWE2IUyxrSNVnTylMbtdikbXdYrqkKVZAZeXzdqJCyuF2jgsn9_rNTKk993vSWtU582cUsYTMzrFj3-jDERLIqB47kjEYFYoT5xbZ6db3fMFGjZZWQHUbcETJXLe3wcgAof0FPZBWNRxksCCTZajAZAU9uyMjCPWlaFFPvvU4a8KMcCWMxnSFdKyCCZegIpaIzGoXRfTwDwbP2fWEIhNV3kYXOZvye1HFwIf1m7QeYEcXPoYN9Qy6Ec6840FiwD-xAzphMsQapAWDnyfYOoR-KOYYZmnIvfkgf_CVHN39xZd7S-Yqx41tf7SzIBKJEr220Am6LsuuO7gZWUPy2pA-9Dk5hmRuXUZUjzGe93kOhg8lJtK8BPQLcGFxGalz7JzYbmDMzwVT42yxdsJ6B1QZfUvzTPTZczPVK4HBqGj4Z4xO3YrBtRA
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
pagead2.googlesyndication.com/bg/ Frame 7B5C 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/soJQjVMEWz-AW2aX2cEGIVeY-mqDblLvtbtmS3KyNC4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b282508d53045b3f805b6697d9c106215798fa6a836e52efb5bb664b72b2342e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 22 Jun 2022 19:42:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
30565
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13867
x-xss-protection
0
last-modified
Wed, 15 Jun 2022 09:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 22 Jun 2023 19:42:15 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B4DC 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bpq0n-uezYoL0LMDYx_APsbia-AgAAAAAOAHgBAI&bg=!RUalRgLNAAZlcKWdRXA7ACkAdvg8WtRBQYyaEe0_9wa414akhw0i4N46XOMh7sr2iwp_zUTv2gDaCAIAAAM0UgAAAAJoAQeZAuhaQGVhzDuAWgNq7-YihiO4o38nWd1BjqeRbu5aBcvM8J-TwLQ7CeXnl3iXDXNmDLaFRIbq3ieK5T_GYhPg53fvrdDV5S0_RfQcFebzgYYLZPFV1iw9cw6s1pmR0XpLsQSN5j7p3YIjrYtHuXTx0tttl7MlWdExfRqIwiiJzX2ig1OvotvYh3Sd60ahJpctLNxE0hQ4Qw4sbB1YM-wrtmOPhAO08BQpg2PKOzpawmzfMntGoLfX2oiVtz4y_-gQiI18D4VgpF4ew8D16RmRGY5ds_Wf-VcOQE-GXwqKP_6A0PQWRXCggZZWKuM98Hw2OWYi45OoUzZmBKDKv0uTBCuHLF86l3F8cx_Am2nv_wh-URnhZKf0WsX6dh8u2FLOZ7_YGHpwwI9HpT_34DYlytlShJ0OlkTYx9JoYl4qMq9NZOmPnR4rlefFOsHWqGnYj3tZc0oxzBcZnOBcOD1yL2JSQe1N8y2kvtu-iY4j7nYpueUSg_mzR2zyGAMuo8IGpd4BGqZriKhq6jzMGGQn_XZkHbD5h_cvPEZ0X7UKjXHYn9i9_t1Q2bjxJj-zVgOM033ljQs9WGKfRupHjFe_OMiyLqNxJfw1kZL5cFxk3mrMa4IrBIrXFmnXP1Ai0CR8OpGQb1YKoVF0UXNRRkwSE9Qs8mf1dQkXw_rS2mOy3u_uK29uwkJj7oCQHiL_f5Hw-kpjsH9bUEAUyGpuFrxStT9OnrwJ-WyNy5u-uMnfpUDtJGi3UMB9N0pwOfncI1Ff32BoLQt-QHHchjwVtV6ICoEHb00pX56MH8U_ifouGq1DXN83-zWbXYLwwOaIcGfau_gEyQnZcdouDn2gWrhPzLIaa-BJ3g3hN7DCTugsPGeNqVkokCkoJAGOwhGmm3WDM5j7_q6oq0731qQHoND37Y_gBdYTv_WkG6YVYaX6XuuVFbOBWXaJR-DidZ9qE6pOSdtDWfI_GlbJe-_lhHvIBdrZV9xoj1Xj8XM
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E6C4 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BXXAZ-uezYqm_L_3Ax_AP15SogAQAAAAAOAHgBAI&bg=!QEOlQwfNAAZlcKWdRXA7ACkAdvg8WjsBfOQEdmjVz1VUDgQH9_IKTVReV9WClZsnuK_zPNtGntFloQIAAAK2UgAAAAJoAQcKAGsW5ZKRhSX-Uw6ls9UScGj2VvKKMvDnfghELPJcd-oYaBKfSO8-mhDQYEUKCDx-ghZ91KitA_Ov1Gf6VQdvMynzJ8SlXw8o2MuLXYhM-fZgUhvmuKiBRwbRDLk0uqvZiH7bZRjzMUF__JeTcJkC1hc4qcyPEmM-LaTtNPke1Ur2TToN2qDhEdI7AnKRQPX31mL8iE70cnAYVzIIzJjiLn-Kqo3hkKkjXVKAVeeZKGRRIuPyfUhcBkY2e__1btUzrnRU8tygcTMIPgxMvX3_WVFo6kCIW4D25R2A5tiVBcvDeq03heGlng7z3Fux9l8fMQcKKfbYMIrfHlhkELnNFrkNvWc_BpsfcFxJ_Jam3do1A-KwcGpxJgu3W6AhxPN6TjdjQKP-bN7MfMAcCaCSWDR7O-_H9jgVssDKjQOwmUeXzOrofR7vZy1f9-anzrw3-FrB_jN5Rq80E9B8pk7sSMmhIOYWteX85PK6N-6OeOoFHl8ZZMWSpyflYWBzx9SLV8coktMXPSdOWMCUdkF92oYzIkxdbNFZW3Ur1wYdBC4JWX6iAQ9crdv7EBrYalffSppggFV-8hbibhfKvIF3SNLKkzmC1W4iBoRdSw2rMvgHb0ci8cZBspvHnFV-SMTKbamo0-8a56VjjfPV3fTacpr2IGqgN31ShxnI0Mm9aZJY164JNszLTSke1kqmXuAzWDEPhjndh6UBnreE2-TVL_EwFwJfw0n2P6qjWrBi_PJ39cmsQc49wChOsQWm2TqOSaECuL22l2fUonN494CAujtr2yQXPfXzDJtOA6KQ74cKBj1GABgp0yZJYe9c0RjIqPHT9P2NEDrUeM24YdvmP9FgLara-NPa8vm2JBd-j5T5TB9DlBz2gEauntvciC0fubg44EQ8dh0Vx0rD9ZqK12ZONi7TJT8D9_bVh6TmtLeA51rNvBP4gMtwwK9tqRHVFZhlgUE5iqxLq6tkbAmXXvwUJktTTquyP5ZBkpAuH0gfXu6nlT5a3IP5CUeaf_jdhvvehlPinrcXwKsFYAGkMFY2g57jmRyRiOeRIVaPsgEWv3UoZp5pS3w36ZAN-SEvMLvog6NoN0iZXvCMi6_yXzSkFxGw6Q
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0CCE 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BRpCD--ezYtLyAvSl9u8PpOmciAgAAAAAOAHgBAI&bg=!9Pel97PNAAZlcKWdRXA7ACkAdvg8WpkdOzL-lqzDu3VjR8WhUrPFitINpXAKmEEh1rBz53Rage3gCQIAAAHbUgAAAAJoAQcKAICvC7kFaABMhLOcxkW7ndb8pEvl9Om5tjlSHEh9lVGLSJJino-QHUVNnYTwtn8_GA6Z2GVm1rlEqrz1p8ZZT2ORfHNF3jM5YA9KDWa83kKKhiri5pbHDZBKQomLIJy0RMqZQDmCtYoCyG-hTSo00t7LOp7Pen3USKUo5_UjuYChiZkC2iKtnK2Dl2ZlAUzxLuFTCVXVPW9zjBn3V9gd3pqqrtefpklVRyMI0wWAnEB9AcvaC9Whv7H1ukap88svLOb3Q1xRZKj3RhFC8AFQFv5S7xfU6ugDpILvD9z5yCsr66nMZGQXOgG8EEzTy2FAb_KgoKv3JO-HwL4SIbtjI-iSvyrJoXVl6KBRSB-c5Ddm1CVBsns2chBK8Lnr-pUTqYzzDc1c-4LtVE1dcZhJOpKCj6nWPHcC1uvDTGKE9z_fpc_qLQRBV6-CItUZetG_fhpSfp0q_1VwRZJAPxaXTUBZogwF8zDoF25skwd6bvTjvNZPFtrbMERhZQrmQyqEJo4qEgH2BOg7pnAFpGCNcuDsDbJhMgAML_MvcSpZxGRN8ogYPOdY7J9NGCQMTYjCGTraV2zPqWJRoszac8CAkqBHP2g5kyVLwlY6OEqa--J4iiqGqtQOwS2rq4XIwIBDUcjkIhlw1FG_XgKnDIg1oXl8xUzLH1NT7YWMQBg0xF8sKfgo59Ah_IQZfXlAZVdTiIpK8m8QG8UUFQ3dL5yU7UpE9PTDs5HiZwMoDUec5BxCxdC-iBEvDwsOwXLRCxxxQhVe64gPowyR2DwFq1tjBkUM84wb_W4npPZmjsoCO5jmG5xDwBw5vVa8tAvUHsVLrxzBVbrpLFLTXN4NyNJj6s2sCn7IurN01o19G15ILD0Ruyt1g50mJ1MHnSAidxsWq82So26bpTJ5eWVzXwPvnXj_4RhnYHbFDNsMEEuNm8j-pGBWO6Q32sGZF15A0tnW9zoMaNTYLAkK5lzX0jpwWdoYPjshz4eFleXp5apA1bAPY4h_r-SVaCg1eHrkwGMF8ZTuyL61hoOq9x6CxZ6krWT088AlkV0ZzkLG-onS49aRQLv3ZG2ZnDE1p3JJV-L4_JmYNQf_POqPpbXXD8snLbOFzFU75eUMfPCFSNotjZYIMIbeALSvtNqn423070g
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E93F 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B976A--ezYqtkrbrH8A_27qnAAwAAAAA4AeAEAg&bg=!xcalxoLNAAZlcKWdRXA7ACkAdvg8WpwQzBySUR6_IyEJYIewLVCVmKA7uiF7mTZO-abV0yZdLJFIPwIAAAH-UgAAAAJoAQeZAvKYwV6QPd5Qv3Peq6f-wXOWfuOtLt2T0yYbephfcCwfph7EmLtgmpnOK-0xIn-ky2I0oK93jWhLow9vsos3sijIZlGTP3_t4b5cSWKLHxb8mQ4rwL-8TVwjStXte3iZ5Umm-DVV0Upv0dceQXAZ-s_ECyJUPeO2JvS--qEXhapVvR4Zdot9TMlAB48_o_bI4EPP0ak3mPzfcTqEbERTrWz1AD2ADPlgMIzyM0xiD3jkfTg904zuB0-NgM23V31d-5FW0BDUXcFmVd-g7LVU3XiRCJDDVj8AOln_hYqvOhhtlW2_SwO8Hkf8kLgejyxdKx7CUUOo9KdvZtCFlJjHK0PdpTy-gbhlRqWKTsdWD4jNZ7HHxliwrO8H-FC-FVf_W2CK77Zybo8oGYWY0KZs__z5C7E9CvyTcZ5ge1dR0-fuHSMNcb8jwJjYR040I9QXtJRC0BbKS03ysFJ3AQhl_RFOvTVV8neAK2sTwL6yk9-MVYW4JVFSlBJIT_oIK5M3ZDNkhED6chcIdK5dHfxbA1776pwUJcZuAoqOwBuF7TlPm9vRllgoytUP58QpwBie4vspp7QmofNd11MCpK-o2CVLApvV5ya5gKGIZHoZbI0sdVrte6yk2Z-GL3AlHRLWoKX3LNBz0z1Cp0hNosohSJPk-L9Ty_O9UmFst7jTPGSPoqaGKHbfCeHWoCyUtZ-Q8BZUVU7KpwQhzWparvJNAkE2z_5wBldZcZwGLXrWZ1CBC4_cwjJfw_hEoaIdR-eBNECgSSYVzXCR-JoQOprJHbm8P4LGhI8KlYFaGLgs-dl3mVqI_NlRAppdaRQ_pFWO2SWzfGEAWvF6LcdPXAnh6zfAgdSBU3v6UY0AZ9_yfbIPoum9IhPzETpTjR-0nXbtU8yJc668gyEE--r7oFib5xIp_d4nnkndGPHH9MgjbuybyjKyeBppg6k9tuKXAdS2FG8V-cxsPGLMcz-Dfig0eeYiErkF5PhPVxrbVJf5xobQSMtS
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame DE39 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJJLL--ezYovtBJGTgQfp_KzgCQAAAAA4AeAEAg&bg=!MTKlMnbNAAZlcKWdRXA7ACkAdvg8WonnZ2a7ShTK97137XcrZtLRU7Smx77Z-ThfGzHyWsBuRX7LKwIAAAFoUgAAAANoAQcKAEoy9Bl7mwNL5CNCc3DXP5w1IQEjbLNPRG5K2vgfohxGWmw1F-gv5APXr43kE0c46sbf76ZzUm89CcNqho8_8pE7oc-BJo8WrFqkTpkC3ZDKKCdXr8Na68miCk8O_uEP2D7TAvXhBnDMIoneXcF0cOXpBR7tvr3ATB1T-5sHSyGHa4K2uraN1uYJHI0lcdEcM0j7sEhFBl8903CNPzuYKLNtSUj1ZWCFYrDmu_gKs_4xuD2FCHV2KpP4E-MD-db9lcaVJ2nb0IqSBK95eZI6dX3UwevmA_PWWFm4GJaC3_cgKtvJJU_p4dsTeCPQPVwMKoIW61s1PbQ_gbXcXhsN97iDxWRMM4SB__MgRNAqk701FxiVO_R1Mx4OheSahQpm0Ioj4tXvMvOWKz2g6D1f2jXld9NV0IlzU0A9kGWJFQIL2b6XrWfJtJiFFW7UuPhu7D-L4WKgtEFERGE4FcGF9JIFYjvla4c5yud_Tl8yss-JXrYm-oPo3CfPtkq_-r91Ru0QXTSlJoUM-UyU5mT8RUnpjYPnW46CrGCHzbc6oA_WXThvk_55lvc0w9GLXxXc-FFqZM4Iq1DxOkZaL4SZ1qS6xrmzWMs8fT0f3mRZAEbcLKhG_rfdljvDoGjTiev653lxFzmBmCnwDDpF5_8BBpjqs7kNLLn79Tf_6rIRKEjStbNzXvPX36leToe8Q8u21R1YFWBXiCqn2Sz1-9LuIQ2ElbMQLiUGWiZPlsBeYpA9euNKDT_doFmW7T4CS40XB_xd7FmyDJecRyQjqM1wflpm4eloHdCiBD7aBs9EjXVYVxRv_DiXUDFXvif_Uc5EfAo7WY2nciNO-skT_O8E5o46WBhSpfhOnOjCfYKtmKcsPghWdKOx9RkLVtcWb3lNIGlthZp4QWMlPa9DLm_nT8aiaA0mLsMgjCkRI6mMmvi4eI9v-NOfcgiCGBBrbVD5Du0E8z6wge1sdC6XbKj75oGByEuDQwGZhGxKYG8WDq6tNLlsnqDHHJsYplqwerimcZqyCgJ0l1GEj1-pv--Uh6thjgvvMAQfS02TZeN2iOzg09lUlfx1kOxGNug
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7B5C 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNoNt--ezYoCHGrjDx_APt6q_mAsAAAAAOAHgBAI&bg=!QkGlQQXNAAZlcKWdRXA7ACkAdvg8Wkc2lIbXQuJ7mAN1yxZBOKt8TCfJ13mYz9AhNN6xzbJtGkPOfwIAAACCUgAAAAJoAQeZAu_5WtskXCf5QyFbBFYCMoBpQG5jW52YiwqLH2H-rS8ZUWAoRsIToAjF5Ya0Q4U62aVJZmaN5tNp6M6QuKwM0ANEsW4UGEOW_YOfgiOzcT5y-9MDktfAaqXdwOXg45z3rN5YXNCfso_kUjJal75UFOeOvaJMVeWCX8eSKSuTmf7uD-BMSwO8nK-BJJUL30G8lPgAWtu4natzg3CWcCDNLDkEgtTAtPkV0wr_KABD646I4JmXkNM4cUcNUzTpaj4cYb3aZcqLMJbXY2Flx22dcq7_ebvfhub9mU8A99i1NAjxbVcKOdBS3UWPOcyLRMxQ23cqu2A9Hw11j38d0J1Py2cEmOG7ptETi4OWL3YZz8rEsLPqxE_0RYHea5KpUKe9PATEmgJo0xTI6SWGsAr28Hu3-Cd5YQ65_eSOUK87uzu-dKMaXNJEWwPGt_h59ssYvojWjFItYVQ4LCP9h_nt6gmdrC00rlybC2lMztWO41DNYQ7-4H05WI82JG7g-iPMY3lP6ubNr9YnoZ9nZSlAZMkGN2Chv5hedsDQC714iOG4GXtSAUPrxWiGALtufVsEMyyE8Ak1IQhyv8DKBxQLAHhSe-q4N6HW7pq3VXOEYGqZrOSZYjSbG6OnLapXE6_koMHXuZ1bPzIVytu5qYKgmfDnzExwPjkqyv2geEJfJe0owe_n2bHeNFC6VQlgSkKn-t64sGQl6vj09aj-7F1EbxzDIxEjuL3A_hym3cSP920_ovxsl6xpASdrEV20FRUKFWwzslTyH3JM6WH4ALS3nkB4CooquAFn2rRhl0uCU9i4cjdFOa2GYa_Q-km6QH_jVYZfiDiB2-AdZS8qBwLpymkXTKDNAdAJYBjgpzAuaI4qhcJV4EzM7wRqLpnQgXIfFi0h6wiEpUGw5YagASRGjc3Qtp8cKEmG5IBW9g7jgIsUNH9ocl2S8qugSpEg-zmpsLdbzQsL6UiZHBQSl2pITrHXTNjkv_cvWVRF5S9vWVmj
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 439E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&zMoatUrl=https%3A%2F%2Fivona.ua%2F&zMoatBSWFFID=_moatApi84230861&zMoatJPCN=MoatHandleJsonpResponse_385191&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=24425061&zMoatL2=6909169&zMoatL3=303945196&zMoatL4=151351638&zMoatJS=3%3A-&zMoatADV=10150206&zMoatBo=ivona.ua&zMoatBd=ivona.ua&zMoatAISJS=1&zMoatCURL=ivona.ua&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0.0029022693634033203&zMoatLT=%7Bt0%3A1655957498909%2Ct1%3A1655957499207%2Ct2%3A1655957499490%2Ct3%3A1655957499490%2Cta%3A1655957499179%7D&zMoatNL=135&zMoatPRTJ=%7BconnectEnd%3A755%2CconnectStart%3A684%2CdecodedBodySize%3A351%2CdomainLookupEnd%3A684%2CdomainLookupStart%3A656%2Cduration%3A148%2CencodedBodySize%3A351%2CfetchStart%3A656%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A756%2CresponseEnd%3A804%2CresponseStart%3A803%2CsecureConnectionStart%3A718%2CstartTime%3A656%2CtransferSize%3A651%2CworkerStart%3A0%7D&zMoatDUR=283&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&zMoatINS=4&zMoatGSCACHE=0&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A130%2CencodedBodySize%3A0%2CfetchStart%3A942%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A1072%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A942%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1655957498551&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TUI_UK_FT_DISPLAY_BS2&ol=273284308&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-zka3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkQAhdO0GQrpmAccYWT5mZs%3D&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-IA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gv=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&hw=0&zMoatGSE=1&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fivona.ua&lp=https%3A%2F%2Fivona.ua&t=1655957499719&de=637881802323&cu=1655957499719&m=4267&ar=0a763c40972-clean&iw=618855a&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=98&vx=-%3A98%3A-&pe=0%3A5028%3A5028%3A1823%3A761&aa=0&ad=301&cn=0&gk=101&gl=0&ik=101&ic=101&ez=1&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4061&cd=54&ah=4061&am=54&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=24425061%3ADBM%20TUI%20UK%20189882466-FC_UK_DIS_DR%3A303945196%3A-&bo=undefined&bd=ivona.ua&gq=23&zMoatDTYPE=0&oj=283&gw=tuiukftdisplaybs288007166418&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=198942&na=108079795&cs=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 439E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2pgHYJhv0TYjnnX2QoZs_Hm86ZcsJsxtVK4Q6TledMkILFouSCAz_tj84ntADYQoeq7GiIczsqCPdfwxvG7EPsfmzHrmbedl-bG-TqyYNoltrkJKG1zBq6YTOQ9Ee-4dSlw&sai=AMfl-YQKESbe8mV8fub5QJ28oiCc_DZicEBfPh0G8xKqx4z6KcuIUleqvqnKEJj-EEc65IJK4XYQ_i3m31dkKLJsY2Q-U2Svc26gwRxB68VKWinQ5jKxD2JIimpFLJw&sig=Cg0ArKJSzFTvvasTeM9PEAE&cid=CAASJORof2VZXiYA09AsRJqvghLoueXAVO_uLW5r7GEQdrLAxx1SKw&id=lidar2&mcvt=1001&p=950,300,1204,600&mtos=0,918,1001,1034,1034&tos=0,918,83,33,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2624882344&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655957498551&rpt=716&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 439E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&zMoatUrl=https%3A%2F%2Fivona.ua%2F&zMoatBSWFFID=_moatApi84230861&zMoatJPCN=MoatHandleJsonpResponse_385191&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=24425061&zMoatL2=6909169&zMoatL3=303945196&zMoatL4=151351638&zMoatJS=3%3A-&zMoatADV=10150206&zMoatBo=ivona.ua&zMoatBd=ivona.ua&zMoatAISJS=1&zMoatCURL=ivona.ua&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0.0029022693634033203&zMoatLT=%7Bt0%3A1655957498909%2Ct1%3A1655957499207%2Ct2%3A1655957499490%2Ct3%3A1655957499490%2Cta%3A1655957499179%7D&zMoatNL=135&zMoatPRTJ=%7BconnectEnd%3A755%2CconnectStart%3A684%2CdecodedBodySize%3A351%2CdomainLookupEnd%3A684%2CdomainLookupStart%3A656%2Cduration%3A148%2CencodedBodySize%3A351%2CfetchStart%3A656%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A756%2CresponseEnd%3A804%2CresponseStart%3A803%2CsecureConnectionStart%3A718%2CstartTime%3A656%2CtransferSize%3A651%2CworkerStart%3A0%7D&zMoatDUR=283&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&zMoatINS=4&zMoatGSCACHE=0&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A130%2CencodedBodySize%3A0%2CfetchStart%3A942%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A1072%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A942%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1655957498551&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TUI_UK_FT_DISPLAY_BS2&ol=273284308&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-zka3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkQAhdO0GQrpmAccYWT5mZs%3D&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-IA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gv=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&hw=0&zMoatGSE=1&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fivona.ua&lp=https%3A%2F%2Fivona.ua&t=1655957499719&de=637881802323&cu=1655957499719&m=5071&ar=0a763c40972-clean&iw=618855a&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5028%3A5028%3A1823%3A761&aa=1&ad=1105&cn=301&gk=905&gl=101&ik=905&ic=905&ez=1&co=1105&cp=4865&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=4865&cd=4061&ah=4865&am=4061&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=24425061%3ADBM%20TUI%20UK%20189882466-FC_UK_DIS_DR%3A303945196%3A-&bo=undefined&bd=ivona.ua&gq=23&zMoatDTYPE=0&oj=283&gw=tuiukftdisplaybs288007166418&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=198942&na=728548322&cs=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:44 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:44 GMT
pixel.gif
px.moatads.com/ Frame 439E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&zMoatUrl=https%3A%2F%2Fivona.ua%2F&zMoatBSWFFID=_moatApi84230861&zMoatJPCN=MoatHandleJsonpResponse_385191&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=24425061&zMoatL2=6909169&zMoatL3=303945196&zMoatL4=151351638&zMoatJS=3%3A-&zMoatADV=10150206&zMoatBo=ivona.ua&zMoatBd=ivona.ua&zMoatAISJS=1&zMoatCURL=ivona.ua&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0.0029022693634033203&zMoatLT=%7Bt0%3A1655957498909%2Ct1%3A1655957499207%2Ct2%3A1655957499490%2Ct3%3A1655957499490%2Cta%3A1655957499179%7D&zMoatNL=135&zMoatPRTJ=%7BconnectEnd%3A755%2CconnectStart%3A684%2CdecodedBodySize%3A351%2CdomainLookupEnd%3A684%2CdomainLookupStart%3A656%2Cduration%3A148%2CencodedBodySize%3A351%2CfetchStart%3A656%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A756%2CresponseEnd%3A804%2CresponseStart%3A803%2CsecureConnectionStart%3A718%2CstartTime%3A656%2CtransferSize%3A651%2CworkerStart%3A0%7D&zMoatDUR=283&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&zMoatINS=4&zMoatGSCACHE=0&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A130%2CencodedBodySize%3A0%2CfetchStart%3A942%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A1072%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A942%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1655957498551&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TUI_UK_FT_DISPLAY_BS2&ol=273284308&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-zka3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkQAhdO0GQrpmAccYWT5mZs%3D&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-IA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gv=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&hw=0&zMoatGSE=1&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fivona.ua&lp=https%3A%2F%2Fivona.ua&t=1655957499719&de=637881802323&cu=1655957499719&m=5273&ar=0a763c40972-clean&iw=618855a&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5028%3A5028%3A1823%3A761&aa=1&ad=1307&cn=1105&gn=1&gk=1107&gl=905&ik=1107&ic=1107&ez=1&co=1105&cp=4865&cq=0&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5066&cd=4865&ah=5066&am=4865&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=24425061%3ADBM%20TUI%20UK%20189882466-FC_UK_DIS_DR%3A303945196%3A-&bo=undefined&bd=ivona.ua&gq=23&zMoatDTYPE=0&oj=283&gw=tuiukftdisplaybs288007166418&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=198942&na=1984695453&cs=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:45 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E928 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvYEOv2dMxTSFpaorTXIiZplpLBmJtcAcyuwY6cIM3MD8yyFc9zN0QpCv-cd0q8Y-u7ZxSlH2Jp9nsqYpqU8poDj7vr_MmAEr1BwTxCPHJ26FDGhU3GOgLmkydPAMxeKPFB-i8SPA&sai=AMfl-YQEU0miRYz5rQ30OtFW_UKc3epQMmMRQfwozDP0iJpQOMIsEVbnW7uLyq4_wkX6im2bhhtzmVwkSDStE0c9uc24DPvRuaJSQ40bzyLr-Zs1Lx746GzIXLfUDnc&sig=Cg0ArKJSzMWSoG-Pg04EEAE&cid=CAASJORov1bxSccP9_bC2wKBIzvWsUHE64YQv_HOCcvRAS0iANSs4w&id=lidar2&mcvt=1001&p=778,1280,1258,1600&mtos=0,852,1001,1068,1068&tos=0,852,149,67,0&v=20220615&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=20&adk=1563346462&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655957498790&rpt=550&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ Frame 439E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&zMoatUrl=https%3A%2F%2Fivona.ua%2F&zMoatBSWFFID=_moatApi84230861&zMoatJPCN=MoatHandleJsonpResponse_385191&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=24425061&zMoatL2=6909169&zMoatL3=303945196&zMoatL4=151351638&zMoatJS=3%3A-&zMoatADV=10150206&zMoatBo=ivona.ua&zMoatBd=ivona.ua&zMoatAISJS=1&zMoatCURL=ivona.ua&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0.0029022693634033203&zMoatLT=%7Bt0%3A1655957498909%2Ct1%3A1655957499207%2Ct2%3A1655957499490%2Ct3%3A1655957499490%2Cta%3A1655957499179%7D&zMoatNL=135&zMoatPRTJ=%7BconnectEnd%3A755%2CconnectStart%3A684%2CdecodedBodySize%3A351%2CdomainLookupEnd%3A684%2CdomainLookupStart%3A656%2Cduration%3A148%2CencodedBodySize%3A351%2CfetchStart%3A656%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A756%2CresponseEnd%3A804%2CresponseStart%3A803%2CsecureConnectionStart%3A718%2CstartTime%3A656%2CtransferSize%3A651%2CworkerStart%3A0%7D&zMoatDUR=283&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&zMoatINS=4&zMoatGSCACHE=0&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A130%2CencodedBodySize%3A0%2CfetchStart%3A942%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A1072%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A942%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1655957498551&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TUI_UK_FT_DISPLAY_BS2&ol=273284308&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-zka3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkQAhdO0GQrpmAccYWT5mZs%3D&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-IA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=5&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gv=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&hw=0&zMoatGSE=1&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fivona.ua&lp=https%3A%2F%2Fivona.ua&t=1655957499719&de=637881802323&cu=1655957499719&m=5273&ar=0a763c40972-clean&iw=618855a&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5028%3A5028%3A1823%3A761&aa=1&ad=1307&cn=1307&gn=1&gk=1107&gl=1107&ik=1107&ic=1107&ez=1&co=1105&cp=4865&cq=0&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5066&cd=5066&ah=5066&am=5066&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=24425061%3ADBM%20TUI%20UK%20189882466-FC_UK_DIS_DR%3A303945196%3A-&bo=undefined&bd=ivona.ua&gq=23&zMoatDTYPE=0&oj=283&gw=tuiukftdisplaybs288007166418&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=198942&na=1220614322&cs=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:45 GMT
pixel.gif
px.moatads.com/ Frame 439E 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&zMoatUrl=https%3A%2F%2Fivona.ua%2F&zMoatBSWFFID=_moatApi84230861&zMoatJPCN=MoatHandleJsonpResponse_385191&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=24425061&zMoatL2=6909169&zMoatL3=303945196&zMoatL4=151351638&zMoatJS=3%3A-&zMoatADV=10150206&zMoatBo=ivona.ua&zMoatBd=ivona.ua&zMoatAISJS=1&zMoatCURL=ivona.ua&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0.0029022693634033203&zMoatLT=%7Bt0%3A1655957498909%2Ct1%3A1655957499207%2Ct2%3A1655957499490%2Ct3%3A1655957499490%2Cta%3A1655957499179%7D&zMoatNL=135&zMoatPRTJ=%7BconnectEnd%3A755%2CconnectStart%3A684%2CdecodedBodySize%3A351%2CdomainLookupEnd%3A684%2CdomainLookupStart%3A656%2Cduration%3A148%2CencodedBodySize%3A351%2CfetchStart%3A656%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A756%2CresponseEnd%3A804%2CresponseStart%3A803%2CsecureConnectionStart%3A718%2CstartTime%3A656%2CtransferSize%3A651%2CworkerStart%3A0%7D&zMoatDUR=283&zMoatF3D9Z4=b&zMoatCHNLS=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&zMoatINS=4&zMoatGSCACHE=0&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A130%2CencodedBodySize%3A0%2CfetchStart%3A942%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A1072%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A942%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1655957498551&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TUI_UK_FT_DISPLAY_BS2&ol=273284308&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-zka3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkQAhdO0GQrpmAccYWT5mZs%3D&rs=1-sicRKbOpzNBk3A%3D%3D&sc=1&os=1-IA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=6&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gv=gb_measurable%2Cgs_entertain%2Cgv_death_injury%2Cgs_health_misc%2Cgs_fashion%2Cmoat_unsafe%2Cgs_entertain_celeb%2Cgs_food_misc%2Cgs_food%2Cdomain_unsafe&hw=0&zMoatGSE=1&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fivona.ua&lp=https%3A%2F%2Fivona.ua&t=1655957499719&de=637881802323&cu=1655957499719&m=5274&ar=0a763c40972-clean&iw=618855a&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=254&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A5028%3A5028%3A1823%3A761&aa=1&ad=1307&cn=1307&gn=1&gk=1107&gl=1107&ik=1107&ic=1107&ez=1&co=1105&cp=4865&cq=0&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5066&cd=5066&ah=5066&am=5066&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=24425061%3ADBM%20TUI%20UK%20189882466-FC_UK_DIS_DR%3A303945196%3A-&bo=undefined&bd=ivona.ua&gq=23&zMoatDTYPE=0&oj=283&gw=tuiukftdisplaybs288007166418&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&ti=0&ih=2&tc=0&fs=198942&na=419235694&cs=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:45 GMT
pixel.gif
px.moatads.com/ Frame F936 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&zMoatUrl=https%3A%2F%2Fivona.ua%2F&zMoatBSWFFID=_moatApi36872821&zMoatJPCN=MoatHandleJsonpResponse_28042259&zMoatOrigSlicer1=N%2FA&zMoatOrigSlicer2=N%2FA&zMoatL1=25927350&zMoatL2=6688358&zMoatL3=303889082&zMoatL4=154638429&zMoatJS=3%3A-&zMoatBo=ivona.ua&zMoatBd=ivona.ua&zMoatAISJS=1&zMoatCURL=ivona.ua&zMoatJPRCVD=t&zMoatJBR2=21&zMoatGSTS=0&zMoatLT=%7Bt0%3A1655957499274%2Ct1%3A1655957499420%2Ct2%3A1655957499664%2Ct3%3A1655957499664%2Cta%3A1655957499398%7D&zMoatNL=202&zMoatPRTJ=%7BconnectEnd%3A552%2CconnectStart%3A552%2CdecodedBodySize%3A341%2CdomainLookupEnd%3A552%2CdomainLookupStart%3A552%2Cduration%3A42%2CencodedBodySize%3A341%2CfetchStart%3A552%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A553%2CresponseEnd%3A594%2CresponseStart%3A594%2CsecureConnectionStart%3A552%2CstartTime%3A552%2CtransferSize%3A641%2CworkerStart%3A0%7D&zMoatDUR=244&zMoatF3D9Z4=b&zMoatCHNLS=gs_entertain_celeb%2Cgs_fashion%2Cmoat_unsafe%2Cgs_food_misc%2Cgb_measurable%2Cgs_food%2Cgs_entertain%2Cdomain_unsafe%2Cgv_death_injury%2Cgs_health_misc&zMoatINS=4&zMoatGSCACHE=1&zMoatPRTM=%7BconnectEnd%3A0%2CconnectStart%3A0%2CdecodedBodySize%3A0%2CdomainLookupEnd%3A0%2CdomainLookupStart%3A0%2Cduration%3A70%2CencodedBodySize%3A0%2CfetchStart%3A798%2CredirectEnd%3A0%2CredirectStart%3A0%2CrequestStart%3A0%2CresponseEnd%3A867%2CresponseStart%3A0%2CsecureConnectionStart%3A0%2CstartTime%3A798%2CtransferSize%3A0%2CworkerStart%3A0%7D&zMoatPTNS=1655957498868&hp=1&ra=1&pxm=9&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=CRYSTALSKI_UK_FT_DISPLAY_BS2&ol=273284308&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(KX%3C%3Ce%24%26%3B%23wPjrcMe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3FtDJq%409BG&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rb=2-iwO8rBsiY9PHPf0uHVjPGlx1P1tMeAYh8VJoiwm1U%2F9KTOa5pbr0xUE%3D&rs=1-0BJLasQST%2BDrDg%3D%3D&sc=1&os=1-Aw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=600&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gv=gs_entertain_celeb%2Cgs_fashion%2Cmoat_unsafe%2Cgs_food_misc%2Cgb_measurable%2Cgs_food%2Cgs_entertain%2Cdomain_unsafe%2Cgv_death_injury%2Cgs_health_misc&hw=1&zMoatGSE=1&gu=https%3A%2F%2Fivona.ua%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fivona.ua&lp=https%3A%2F%2Fivona.ua&t=1655957499946&de=376581290781&cu=1655957499946&m=5395&ar=0a763c40972-clean&iw=28c08b4&cb=0&ym=0&ll=2&lm=1&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=604&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A1641%3A682&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5191&cd=99&ah=5191&am=99&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=25927350%3ADBM%20TUI%20UK%201494559211-CSKI_UK_DIS%3A303889082%3A-&bo=undefined&bd=ivona.ua&gq=23&zMoatDTYPE=0&oj=244&gw=crystalskiukftdisplaybs363091935889&zMoatF3D9Z3=-&hv=BrandSafetyFrame&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&ti=0&ih=2&tc=0&fs=198942&na=262207253&cs=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Jun 2022 04:11:45 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 23 Jun 2022 04:11:45 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.invamia.com
URL
https://ad.invamia.com/delivery/sync?userid=89fa8901-2ac4-4179-b9b3-2ed85b4884a8&inner_redirect=1&inner_uuid=725ea815-8aba-4ec3-b060-597264f5a7e2&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVyLnRv
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEMk9P8LTlxpRuJJ0qVbz-zM&google_cver=1&google_push=ARnp8GC6IKnKt3Xbq55m7T_aJzS8UmFZrTVaSWi-8spUeB8r5OtsjfBw58lS6pUDY-YbwHYOPpABcVLVVyvvPZnjLWl7yrztRdaYIw
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEMk9P8LTlxpRuJJ0qVbz-zM&google_cver=1&google_push=ARnp8GA2YFoF2Nu_6lxZkcC9XYZortBshewxTsJDaCw5CUibqLekfCDuTZY5PURyBD0CbUc6KzHP3mL8AH5oGxzK8TCGdaM1qelBKQ
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEMk9P8LTlxpRuJJ0qVbz-zM&google_cver=1&google_push=ARnp8GC1SFOe4yNRmEe2mSKcj1hlnSeZqgCTAHmWfRspHgwBCyf1Iopug3dCzn5zoIHgEzCSUxz6xb0z_OKpUkC_T1te5p2rLCPGUw
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFPvBLT7MHgaurNAxfoyh1E&google_cver=1&google_push=ARnp8GCAlvru6NtnB854RMbskDiIZybNyyiPmSya2CGnA7PfTh47ojC2fy8WNruO3mnZwMkXl4OfQbCTOtYSdirY60NeN6DTTMI

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation number| H_DEV object| holderPlaces function| holder function| gtag object| dataLayer function| $ function| jQuery string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| ABNS string| ABNSh object| ABNSl function| Popper object| bootstrap object| jQuery112401596882651960434 function| setUMHBibbCode function| loadUMHBranding function| admixerLisBrndMsg function| runZoneJS object| UMH function| ABN object| pr number| pos string| k number| v object| e object| b function| lazyload function| LazyLoad function| phnx_frontend_get_var object| FB object| timeout object| gemius_cmpclient object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt function| phnx_article_stat_view_complete function| phnx_article_stat_view_add function| md5 object| toastr function| phnx_set_data_message function| phnx_notice function| phnx_notice_session_save function| phnx_notice_session_start function| phnx_scroll_to object| google_tag_manager object| name266now object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad boolean| admixerLisBrndMsgSet string| google_user_agent_client_hint number| google_lpabyc object| gaplugins object| gaGlobal object| gaData object| hb_dmx_res object| _mgIntExchangeNews object| IdealmediaInfC1296107 boolean| mg_loaded_466737_1296107 function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| regeneratorRuntime object| mwayss object| IdealmediaInfC1211636 boolean| mg_loaded_466737_1211636 object| onClickExcludes function| mgReject1296107 function| mgLoadAds1296107_04e1a function| IdealmediaCReject1296107 function| IdealmediaLoadGoods1296107_04e1a function| mgReject1296181 function| mgLoadAds1296181_04e1a function| IdealmediaCReject1296181 function| IdealmediaLoadGoods1296181_04e1a object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint466737 string| _mgCanonicalUri object| _mgPageView466737 string| _mgPvid object| googletag function| mgReject1211636 function| mgLoadAds1211636_0ed47 function| IdealmediaCReject1211636 function| IdealmediaLoadGoods1211636_0ed47 boolean| IdealmediaCSvsdsFlag function| setImmediate function| clearImmediate function| Achernar object| pbjsChunk object| pbjs object| _pbjsGlobals function| Swiper function| html2canvas function| _open boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgRequests

114 Cookies

Domain/Path Name / Value
ivona.ua/ Name: b
Value: b
.cdn.umh.ua/ Name: AU
Value: 728111be57592688
ivona.ua/ Name:
Value: store.test
.ivona.ua/ Name: __gfp_64b
Value: AW3RlZ64LZe9hxsI48rl4wY0yuJ8kH.PebXuvFrRpMf.F7|1655957496
.ivona.ua/ Name: _ga
Value: GA1.2.545246093.1655957497
.ivona.ua/ Name: _gid
Value: GA1.2.225374959.1655957497
.ivona.ua/ Name: _gat_gtag_UA_206274582_1
Value: 1
.hit.gemius.pl/ Name: Gtest
Value: KlQtNMMGQMGG0AC6OE4_kgiissGMXP8c25nSGYUsEPnIXBG.
.facebook.com/ Name: fr
Value: 0xaRhcL6KHPKNnEJG..Bis-f5...1.0.Bis-f5.
.hit.gemius.pl/ Name: Gdyn
Value: KlSHXRXGQMGG0AC6OE4_kgiissGMXP8c25nSGYUsEPnIFRxSG7RrGS6Gwg9BFlMQYH8W8jBGqSRxSG8.
.admixer.net/ Name: am-uid
Value: 38d2189015f542368c9fbab5e8e7d253
ivona.ua/ Name: cbtYmTName
Value: meK78P27o7urqqitrqir+Kqv+P+t//ygu+S0
ivona.ua/ Name: am-uid
Value: 38d2189015f542368c9fbab5e8e7d253
ad.mox.tv/ Name: _mwayss_zone_imp[4730][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[4730][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_imp[15455][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15455][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_camp_imp[4847][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4847][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_imp[15595][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15595][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_camp_imp[3877][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[3877][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_imp[15442][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15442][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_camp_imp[4418][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4418][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_imp[15792][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15792][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_camp_imp[4942][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4942][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_imp[15362][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15362][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_camp_imp[1954][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[1954][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: moxuuid
Value: 725ea815-8aba-4ec3-b060-597264f5a7e2
ad.mox.tv/ Name: _mwayss_zone_imp[1025][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[1025][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_imp[15459][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15459][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_imp[15597][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15597][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_imp[11767][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[11767][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_camp_imp[2282][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[2282][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_imp[15444][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15444][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_imp[15789][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15789][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_imp[15780][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15780][frequencyPeriodEnd]
Value: 1656043897
ad.mox.tv/ Name: _mwayss_camp_imp[4912][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4912][frequencyPeriodEnd]
Value: 1656043897
.bidswitch.net/ Name: tuuid
Value: 89fa8901-2ac4-4179-b9b3-2ed85b4884a8
.bidswitch.net/ Name: c
Value: 1655957497
.bidswitch.net/ Name: tuuid_lu
Value: 1655957497
.quantserve.com/ Name: mc
Value: 62b3e7f9-9b0ce-f463c-39758
loadercdn.net/ Name: vui
Value: 287ef00978054ce7be1ec3331afbe8b4
ivona.ua/ Name: IdealmediaStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C1296107%22%3A%7B%22page%22%3A1%2C%22time%22%3A1655957497719%7D%2C%22C1211636%22%3A%7B%22page%22%3A1%2C%22time%22%3A1655957497808%7D%7D
.mathtag.com/ Name: uuid
Value: fceb62b3-e7f9-4000-b25e-f5138b5f9e0c
.doubleclick.net/ Name: IDE
Value: AHWqTUnbgi8f4Ot6TiFQQJI76uaUBrC9X6VpeFcAa_v7miW8ZqbGdwmN1FMJ3_eMArw
ad.mox.tv/ Name: bdswtch_sync
Value: 89fa8901-2ac4-4179-b9b3-2ed85b4884a8
ad.mediawayss.com/ Name: bdswtch_sync
Value: 89fa8901-2ac4-4179-b9b3-2ed85b4884a8
ad.mediawayss.com/ Name: moxuuid
Value: 725ea815-8aba-4ec3-b060-597264f5a7e2
ad.outstream.today/ Name: bdswtch_sync
Value: 89fa8901-2ac4-4179-b9b3-2ed85b4884a8
ad.outstream.today/ Name: moxuuid
Value: 725ea815-8aba-4ec3-b060-597264f5a7e2
ad.adopx.net/ Name: bdswtch_sync
Value: 89fa8901-2ac4-4179-b9b3-2ed85b4884a8
ad.adopx.net/ Name: moxuuid
Value: 725ea815-8aba-4ec3-b060-597264f5a7e2
.ivona.ua/ Name: __gads
Value: ID=5d7dfe12af71a4fc:T=1655957497:S=ALNI_MbSoHdOneS2QbXoMedUljC0pARdLA
.adnxs.com/ Name: uuid2
Value: 4963601648819326252
.casalemedia.com/ Name: CMPS
Value: 711
.casalemedia.com/ Name: CMPRO
Value: 711
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Iljwvy?2!]tbPl1M>e)ZlrFUfJ+tGXxoPQUwVe_?`5c?Kbw_Dt:t^Q4>v+c?372pKTY[3If)y3KL9D3I?+._8-hM
.casalemedia.com/ Name: CMID
Value: YrPn.zYD76snqHG8qQUiXQAA
.spotxchange.com/ Name: audience
Value: 9490f54d-f2aa-11ec-bd3b-14684a3a0306
.yahoo.com/ Name: A3
Value: d=AQABBPvns2ICEORcCmHO_Di3KRq-enAcRPoFEgEBAQE5tWK9YgAAAAAA_eMAAA&S=AQAAAgfxFhHYMTCkPh_4QXicsrs
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YrPn_wAK3tEwqwAj
ads.stickyadstv.com/ Name: UID
Value: 844a3f2e63a246c7d5969e30775c3ec8
ads.stickyadstv.com/ Name: uid-bp-159
Value: CAESEIpK9otIaZiq94Pxr5IImk4
ads.stickyadstv.com/ Name: sessionId
Value: bd6d578b44c52fff3fb17f863ed228e
.3lift.com/ Name: tluid
Value: 4420940105984580060154
.360yield.com/ Name: tuuid
Value: afe637f0-a2e6-4410-8a2a-15670fc7f6a7
.360yield.com/ Name: tuuid_lu
Value: 1655957499
.casalemedia.com/ Name: CMST
Value: YrPn+2Kz5-sA
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-97439b22-b303-4569-a96c-e607af58da39-003%22%7D
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22D26DEF9F-EA5F-474F-B6F7-73B00B07C14A%22%7D
.simpli.fi/ Name: suid
Value: C5AEE89E4AE84CBE9FA110A9CE5FC1D0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-97439b22-b303-4569-a96c-e607af58da39-003%22%7D
.quantserve.com/ Name: d
Value: EAcBCQG5JoEA
.rlcdn.com/ Name: rlas3
Value: f+jOWfEulC7pJKuK4ElC5SqG6wLhH7EaqmjQF4fZ45A=
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.bidswitch.net/ Name: google_push
Value: ARnp8GATJ10WDqEu1ehv2B6ogTosc3w4Maccq9Nf8irIVR4D301KjkI7R6Gvd77qBT_5PD92b4TfccyaextW4t2N9KLjEZveL_Y
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~25m4:18yx~25m4"
.mathtag.com/ Name: mt_mop
Value: 4:1655957499
.blismedia.com/ Name: b
Value: 62B3E7FB6AAFC675299EAFD1BLIS
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.rlcdn.com/ Name: pxrc
Value: CPvPz5UGEgUI6AcQABIGCOndKhAA
.w55c.net/ Name: wfivefivec
Value: EdN5vFML1O4ebV5
.addthis.com/ Name: na_id
Value: 2022062304114000077247682942
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 62b3e7fc3f7f39d8
.addthis.com/ Name: ouid
Value: 62b3e7fc00011c9dd9ca7cf8a37bba813b9fac5489910a7c52a8
.dlx.addthis.com/ Name: na_sr
Value: 20220623
.dlx.addthis.com/ Name: na_srp
Value: 3614
.w55c.net/ Name: matchgoogle
Value: 5
.tribalfusion.com/ Name: ANON_ID
Value: aanseFx2eNkSE0U7bdfrceWEBESxx8KKPGVD4G2Zav4KhMZdXAvNCFNZdpUwZc7AvbyqIFEvrsPiSCTXUxqxJU23
.dlx.addthis.com/ Name: na_rn
Value: 1
.dlx.addthis.com/ Name: na_sc_e
Value: 1

9 Console Messages

Source Level URL
Text
network error URL: https://h.holder.com.ua/s?ta&bholder_320x100_5759&c1&r40589945&dholder2068016217&hhttps%3A//ivona.ua/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://h.holder.com.ua/s?ta&bholder_320x100_4084&c1&r40589945&dholder1217097366&hhttps%3A//ivona.ua/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEK4NqMtMWle-qH61eyHycGM&_origin=1&google_cver=1
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://z.moatads.com/tuiukftdisplaybs288007166418/moatad.js(Line 134)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
javascript warning URL: https://z.moatads.com/crystalskiukftdisplaybs363091935889/moatad.js(Line 134)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEFPvBLT7MHgaurNAxfoyh1E&google_cver=1&google_push=ARnp8GCAlvru6NtnB854RMbskDiIZybNyyiPmSya2CGnA7PfTh47ojC2fy8WNruO3mnZwMkXl4OfQbCTOtYSdirY60NeN6DTTMI
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.invamia.com
ad.mox.tv
ads.stickyadstv.com
ads.travelaudience.com
adservice.google.co.uk
adservice.google.com
autocounter.idealmedia.io
bgstats.mox.tv
c.idealmedia.io
c4fb54f0a91243b464c7bf27635d072b.safeframe.googlesyndication.com
cdn.admixer.net
cdn.idealmedia.io
cdn.jsdelivr.net
cdn.umh.ua
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cms.quantserve.com
connect.facebook.net
dsum-sec.casalemedia.com
e.dlx.addthis.com
eb2.3lift.com
exchange.informer.ua
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
h.holder.com.ua
i.holder.com.ua
i.ivona.ua
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image6.pubmatic.com
inv-nets.admixer.net
ivona.ua
jsc.idealmedia.io
kolobok.ua
loadercdn.net
ls.hit.gemius.pl
match.360yield.com
match.adsrvr.org
mb.moatads.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.everesttech.net
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
px.moatads.com
rtb-csync.smartadserver.com
rtb.openx.net
s-img.idealmedia.io
s.ad.smaato.net
s.tribalfusion.com
s.zmctrack.net
s0.2mdn.net
securepubads.g.doubleclick.net
servicer.idealmedia.io
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.inmobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
tr.blismedia.com
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.cdn.umh.ua
z.moatads.com
ad.invamia.com
google2waycm.netmng.com
googlecm.hit.gemius.pl
104.111.242.245
104.16.199.73
104.16.221.74
13.248.245.213
141.95.98.69
142.250.185.98
142.250.186.162
143.204.89.45
143.204.89.76
146.0.227.110
146.59.10.80
146.59.30.104
151.101.66.49
167.71.9.19
169.50.137.184
172.217.18.2
18.156.0.31
18.170.21.34
18.193.207.48
185.165.240.175
185.187.81.40
185.187.81.41
185.29.132.245
185.86.137.108
185.86.137.132
185.94.180.125
193.29.200.142
193.29.200.162
198.47.127.19
2.18.234.233
20.127.253.7
213.19.147.45
23.35.236.247
23.35.237.151
2600:9000:2156:2c00:1b:5138:8a40:93a1
2606:4700:4400::ac40:98f5
2606:4700::6810:5814
2606:4700::6810:7aaf
2606:4700::6811:180e
2606:4700::6812:acf
2620:116:800d:21:c5a4:625:6563:a5bb
2a00:1450:4001:803::2003
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:811::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c0c::9a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:90c0:41:2801::254
2a05:d018:d29:3605:ceb0:a2e8:d44c:f538
3.122.71.55
34.96.105.8
34.98.64.218
35.190.0.66
35.227.252.103
35.244.174.68
37.252.173.215
51.75.86.98
52.214.225.206
52.223.40.198
52.42.40.153
54.155.185.156
69.173.144.138
69.192.160.219
78.159.118.240
91.198.36.26
91.198.36.35
00b4fb39f931aa2eb9ab9075d30b9d4c56337486d55778da6ccdd190e1c9c41c
03418c354cee4b4204d83630572a048be353e3f26c293c869191a0d9a0494e1c
03f848430009dfc2116b88af857bb44ef073aca257eb71ff8575e8f0f1fc0f3a
0732fb3612951d99c975e950c0f33c51e960796270f1748d6aaca69adf3e07ab
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0a3d696dffca48ce8b54b1750ba72045e9f1f6221a634356409491c66d6943a3
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c816db78c9677581e1a5944e4822496ff397e2fdba0df34a2f809b49562f3cf
0d009b4551f9d66afed533ec5898043b509a0c188342405b66d4ad3fd9d30efc
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10dab755d7717cee514327d926c500ba2e4eea51abccaced04d37ffdc61986f1
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f0426858d64b78d128900c6fe0daa5c9707a630cca92ab7ae862fb6bf2fabc
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
1786f3910652e222bc486993158c2ce6bf25b8cf4a3ba112eadbe7a89c3244f4
19036eb427538c6fe3a1e1d9bba8effe3af740a0797527a0cd484f6b1a837a16
198ea2a90105c3cbc27a1578d14e829b2b02a622079063b97bf12e621bd26aa5
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1a22d3798006041b65ac1482cf92038bfc898a16329b0b33bd781f1a5dd52a0f
1bc85fdb62f0ab589d407b8bd394bb2d6f202e553e8fbac2be95cf9e9d776de7
1d0e378112eb9ce29b5f4365f4cdd61e74ac809ce7f4f87b66a166592d290ac3
1ef9ab0b51d6b5508076f25e80b5b385558ab419b0ee2ecde46e53b979916c7f
1fd1cfce1cd6e2413a325e9635e4de03839e53cd8dfa43db01538f653a66b16e
209396ca86ddb4c4613c6c6b5ce2b5ea9d7c979b6e10d78cfc2b55f70bd0c230
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8
231a63566544b4a49d77b375f1a097b31469524b4977bb2ef2efd033ae6d880f
23e0f1ea23ca61b5c2892aa2a26e3878d88d5f267fcaadfac8e61a05076d4f57
24b8dee038e42eb0a35f5f2250385a6e7821a0410a4c55f4afaab79dad56b470
2736f2b2b23040c880a0b4c682213c739a0598b048272e7dade16ea806cb6d18
2753dea57c205a69512aac41dc13b76d77ebe3bc70885444c0b47271401b85b6
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
29d9c9ee95da159a137373878551a7624726a8a2c1462f99536b932ff1e395a6
2a5ffc4b5364d3c9b497b0358cec59b47658cdbb7455e840977d80dffcc4c37b
2b34900c61d4bda5741c4e5118bf14b6ef5d5e924b9404e22f6e61363b76460f
2c6fb2e24874c5d972df4e9e1547ac23a34490514145bdf0bff9f85bab9ef3b8
2c87d3e2f818ba84a6d76a422499b997d743c05d936adfd84539290a8f0fec42
2cc53c77be9bb972ecb16e71fdef82a122e7e77c7482e0d2616e2e90c6d9e095
2d0a8d4df1cb923050d63cdcc24d9d4105fe404a76173e5ba3b3e54522b83e94
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d
31ade8e775fbbba3335212758da01e3d870c3d1b60685463a2ebdfaf621f767f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32f6c3ea47b2078da427f859df068057495851cb9993d0da6c122c320baf485f
332128bf7a7e69712b8ddb874d77735abbf071e1bfa47695102025080fd04762
3370768d9195e9b62d5369d029af25c1dbf5f9a295b2d60378d08451f36f5d2e
33ba16e1b1d8a7bd9b5fd855dbe3db459460d39b818944c98fa56efc03d04070
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
36e8435564fbeaa59d7c1b052cc8297092a2fce7471d86976777f7027daef8a5
36eb0e0d0a38e5fb99dbf3b081d4b9ea8aa5822b846047c6dc524fa014788418
371abee8c875c67efc84e3283d1dd68af4b64e2187d7bbb227ad41bde39ed78a
39159ff7a57949f0badda0cea62f13fe2f398b2fa54280d0f8eed46dd90ebbf0
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d3ecaf28f8730da9fefe446943f67fb78c45fa09d0658f338c8224f95d617a3
3d5a4882576715344e60650c52d640def2b0324ad9718411f3b36803be8cf8af
3df1ba1019126bd7e98f361e315b3a90912c3a539da9df068123a76a8cf35d9f
3eaa57962432e59cbfe2a1d5f6842ca4b419830bcc02f4f99aee9c187c72330c
41b143198b7072ca80f1ee00c8651c25d2dff69284bb5f06c14236783c1b5983
42a9a446d86f8c44ad3cf52a4eb21cc3cd1ad0c3ff765b29404f0cb2f5a45170
4470fa917cfa4ddadb982f708d0c54d9ad989609716343dd2f35ca351422d6c5
464ea952fb376e9052fa004560e11e8b0d890ea79bc5dc1e5a273cc250ef910a
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
479ab423a43aecf5d5e8a5b1de4235c848f17e321c38663f21f18cc8cfe23fa4
497a40b8d5b6bba0c4350f9fdbf8d8b2d300406108e2b6daf6970f63683ead55
4986e52729cfe48c197ff44bc549e475495e2d03bde28e2607b5530be62c9a70
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
502bf78db333356f428e459b0dccdd1974dcdf0a2211c52fe45cc10d6f4a6246
5036ff8425338eede2b1ef93f642629fcd03d5d91509ab11fd256337360e97db
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50e23b6922bfc1a4a313388c0f26aa3f9cca1b0aa71366aa567c27a3aa49a150
52afc5c95c13f814ab39bbd3de9d4f78cbddf54e389341e66aabd66eee579721
52fc04e1403e348f74c9e65c65278bab2bfeccc48a618c6d77252e957f2c1f98
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54c2e38fc1eb07a52ed9511df418fa514b7ebf4c6a426dbd8a661472572e1d07
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
5b212d357f7915537a39783743a0dda30dda09c9b04dd69ae0736f9df9fa174f
5b9e5caf62ae317288ff1294a8b99aaf5041c303f56338b053a0ec975226bd85
5ee219d9e027c52970e19a95503efb43b5e1067c8607e938b31e0fa210487375
5f10e66c0a7242876553b02d04b33e53790fabcb4e9d8fe8775e49401bc6d669
6056ffc424715134bc8cb5583ce0af5e2bb6c2eb772550a0519e1afd163eb4d6
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
62290e26fe541154bb1c4df2d7c027f50a301f9e2792a86bad6a460c7cc20703
6266084a52a1a323e230f023c52a34dec272620f00f2468ace6ef10a090948a6
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
67f26bc9668b3122c7e7c8c75e3748597ab4a9623036eaf3a8b60e53afef276a
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6ed8f8cc79ae1977ae60faced3ce01f3596812b5b87782392d4046af153c3f58
6ff3083bdc1e1465c8c1c343cc09de615cd96073e09b112725ab502a46a56737
7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791
72d833de2a972d8a3aa2a99df6beaf7f159fb1719dadb67616de047648caf580
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
748480506d6b0009939aff395354837927c158dbc737847ddcedaff64ee44bb8
74c2f0da6ff3bf4615c59a7cd9943d32cc0f36ed620636f060d3b246a9dd6fc2
78471dab945b59d358db49aaa00518f843820e961dd291e7d3ce7127265134e8
7a3e2211e9bf114d049bb17ffdab66a889f20a55770d462a3136b573e23c439c
7b1499ab598295fc57f50b418f5cdcf95ccb28539d1411373b0a4953e9c3aaa1
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
7b4b07d23354c543dc43e161b5abe841f026ebaf1d53ac0cce0e3884b970f871
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
7ec345d6916508a89d277b8c39ada44c34f8d429c5a113abd68240ad1e298d94
7f1d0ad08e99fd94041679d0a55a90426162b0305ab5daaf9fcb1d58867381ad
801d950152c16000c54c7303164bd5857300d473e853a89546c22eda7b3b045f
80b0c55e4a4c0025fb1003e4ff4fc844e0f4f84884dc50eda5d785613def01d7
813e00e93ee3876232674bfb1e27eebbeebc4a9494fbe02aff87c00aa6834ee9
82e3aeb3b2406f46ffabe5b4079312b0543a9a0a30ebb2872958ea97d2bb8ee1
84b00e2d77f599e6a52c1a95204b10c7ba61daed423e3b461c55cd6c71701de5
84c1e0b9acb193a79d93bfb095a1f9409f75481769859f3fc47c446bdd1cfb01
855141b72447ad59625d3b45984ff3c1e829eb5a15bd5bc0da1f8f7263349a2f
8698e0af340a8d0d5fcb29c4926c8a0fa99ec23afac95d7aa3c3ab95ed546ca0
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
87e1f30a61df776164c7d393d2a8206d377459705ba3ee73698bec5fce08b071
89f2108d6678428c75ed2b26a3d2eeab77e80b418bd62334e1c97e326ea04b81
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8bae5fdebbf3eb7ff15fdf90b283afc0b345d3cd37df9fa0e3e0e3166de34180
8c49566661e25a56098710ae7c23c306a8cd94bf3ac3614686aa7f9a3afb1c32
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
93eef65f3ca83652f1f21f8c616c1469bbf099fac22f214138d7ca67ac991e92
948e0d491c3ed599c53000e9fc76ba69d80e4664b032f1a2c24b97a3cefb2a12
95710034e080e6e408c4882f7df24e18ee4cece8f058aa1feeaa104434b8d9ef
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac
972198b02b9e13cc91f17a0e0cea3af056c3ad7fc8eb79d4881c9dc427ca8aa9
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9927c45dff602e742a82a4040e063051c71d7da4687952405c0f6f7cce7516c2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9acfedb43d16247bcd4849fb4999032d2b08733b53a4c8436296f505da626f2f
9b9d866b7fa495bfba4c09b8a73dd7b0253c04d739a810bc557fb6b3d051ed2c
9c473141dc73a49904c72500d32938b78834be5772b6dc7ac5a65f48bcc809f3
9df2b281bcbf6c576db18b0a2fa98cf89327b5acff1b3df8fae540af5704d795
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a58b2c7db3744bff882ce01b0e50128a1ab623d5274080245e1e156c80e13c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0f0d92f3d2edbc22e0fbe4eb122845f619ddcd2abbfe53034be65e617570a00
a10e7064bf6a788c67304be2dacba454fca986a3bac0d0de71c79fb6a54bd1bc
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4a2674006dda39c7b558246b22ccb78f9e082fd290c58ed6ed13a946ea919fa
a4cf11ad70f8cf40fd4ae3985ea9e8cce4968972b38b0e367fb5462f44e278f0
a72a2bf47a224321128e64e4928bbd9b821245e1e6eaad914b783af0462e18b0
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d45971810c66712db772d6d5293df84263b6707b70c43c71f88af0e66fb423
a8f17a0124b42849b8574e733516df4ef2d24ca04d7dc386681eb253dd572d87
a917f4179203230547c3fcb75808e5360c61fd052e072a851863f574cdcbd7b1
ad6a1a81b684582f4df2c0b966cdce7c6ebb1b510d2d697563c6800a99706f78
ada1e01d1f198af517c01b2e671b156159a41b47a1b53bdbcd235d64e06f5458
ae9032d19e41c439dbfa877038b54bc75864202b08859edb2a600e0e07c54d6b
aedf3dff6e3596bea2ed1f9bb489aca220ac62eb0f0eb2ec34306f215388a1c7
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b282508d53045b3f805b6697d9c106215798fa6a836e52efb5bb664b72b2342e
b3ae51ffdbcab9ba72045b701d3d6b4c9832c7d9ff46f45affdea9e8f2bc4293
b5a5f3bf47639ff16f465a6eea27633b8cae3d55478b7cd0bb5d189ea070c9ae
b5d91e83633543543de8c95bfd761fecca7d2d05dcdf7eef526e75a8139a93b3
b5dcf4aad520bb2b3a08a85bdeff452b1550ccd9bd297c578607019f895b38ef
b6ce302111de6cc0467e584ea54cd79e186e2c2d2872c1809ff7548ed750ce96
b73164d519a3ee0a2acc4025249aea1868009a3bfcb52b8f7e58b03b33cd3692
b8a5572d8ef6671c711a6e4733bf0649d3f1e85fcbf76972aa7260d92430deae
ba5d1b3e636f50b365ea48b22664e907dd7eeebbc7268fd7d762121730433afe
bc2d10eca6e799481043535b43ce8ae0dbd90dfd8ad15a177cd82fde2c38dcd1
bd9cf43c6e0a4a530208c996f328ea18fd7803124ada09d39093e3714835b04a
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bed3c6ee8f8c8abc84097c0c3604ff770c314a5bab600b7cb33aabb45b207c2a
c03e107ea308bc27d29cd224fb8cd3395ca7b36d3e370f788471bde9cbd7bdf1
c228cfe6b3ebb46f183eda1d08be68dfc80fd7680ce97ec6daef9b3d81f52b44
c30b014e3192d3d0d52b07e96b08e53ae72996798717bd8a46eeecfb353e7f16
c51d005840fbad17212f540468b5d3e6dd1554fdae81e00243d9989af2c3ceb8
c790ba2e36e289a98f70237f00f4c866b1dd09a946043ba32d43995c5eb17043
c83a0aa34db53034150f203e727698bfe2535ef3f4cffd3f03ef9ea988960e55
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
ca18a695aa649c8be202136c7e83fe201f90b7c3391d45fbe971689d9bb3ebcd
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cbc09799090373dabd4bdd3cfb8470dae9424795d12d6936eabbc23039a7328b
ccfeb4438115a74ddf5814dc60c5cf17481757417250492570deb5d0931079da
cdd597af1f3fb43e25505375e6531cf353a59c4efa2c8b9f26ce5fe8f53dfc2c
ce3329743f0318989c6695b27752956f78375556fbd33df44837d21d941fb267
cebc7ad5d9305d463059d8e0e83fb6cf7a48e6b9717aadade6b668fcd0755e98
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d24602f35aaa10804c56603c2961ee9d624192f2fba78782ec4d3766e21fa143
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d43af314f4a32ff8d1981c5319400f692c2cab96494705a9ec46cb1c45483ee5
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
d6babea0ece2c83d3f48544adedeb793677c6ea20343cd6971b608bc8cab571f
d771ea062bc591eff82864310f7516c7e5a75e270416c11c72a5643e8eef5f1b
d9c2b04641a4b8710e2db320a45b7a206ddabcaa991e15ff387a2c240864b93d
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46
dc8245ccbb62b28ad7022cad9c2aa7007e3b90bc256e4bcb01b748d056d245e8
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0aa33565d329e1218a6d190b0aa8c20e73d637429df09713949330e4632d7cd
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e23420eae1b29de393c1da12717231b04451e73a0593af27815f291af6d448a6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e452ea838b6c7d1284c0df7fa16d3a61d5a6ba9bb6de3ffc0c6801a90bc9164b
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e66f2dfd57915458e619e18596561c6a691e1fc50436494d902d7c5306bf031e
e90d2af27bf6a4dce3419e2c7a105f66420b69023fc9ad342a5e5ce6eece3c47
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef1f342a3e85285f6192a4b04d741a3018a8be6e882da7d9180a869dac3823f8
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
f1f875833ddb7ecdb962369413465f1a6fff8a887398966d2d248e5a4d34e817
f2418f8a690bc45dd361c947651cebc6da47effa8cad7461835eff8be39cb5d4
f365285d7ca876a421c8d6a32d198e5113708c31a98004accfb5639f8a28d6fc
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f570d3cfc5df9a889452f6a2e8ea3ea6c3e6691824d54106d8928efc3abf8600
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6b7451606fdcda3eb923c2e26b7f46f2ae959ea6b035204660d1c7714cad9cd
f83e87c2da4c56a61a3f3680ae93a5f2cff6cd00191c8c18ccd9fc39d0e009c6
f84d959ad366409b4040bf676f754e5859d870d12b18acd45d58991add711437
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
f94fbe35d1ec85f85d95c729a76dfc8f9e4419cf2843a1712fede13c5456e0b7
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fd21e8f68cbdc0d4ce016afaf9512d9dedbfda417c82d61272a39c7400761396
ffecdc3bd659f2a36dee20d520ed817e3d070aaaa61733ec82e322d985ffa44b