report.if.ua Open in urlscan Pro
212.24.97.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://report.if.ua/
Effective URL:
https://report.if.ua/
Submission: On March 22 via api (March 22nd 2022, 11:22:52 am UTC) from GB — Scanned from GB

Summary HTTP 158 Redirects Links 61 Behaviour Indicators

Summary

This website contacted 43 IPs in 10 countries across 31 domains to perform 158 HTTP transactions. The main IP is 212.24.97.24, located in Lithuania and belongs to INTERNETO-VIZIJA, LT. The main domain is report.if.ua.
TLS certificate: Issued by R3 on February 3rd 2022. Valid for: 3 months.

This is the only time report.if.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	212.24.97.24 212.24.97.24	212531 (INTERNETO...) (INTERNETO-VIZIJA)
8	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:8600:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
5	116.202.115.24 116.202.115.24	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:9000:215... 2600:9000:2156:4600:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2 18	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
12	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5	2606:4700:10:... 2606:4700:10::ac43:8ae	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	145.40.89.200 145.40.89.200	54825 (PACKET) (PACKET)
2	2a00:1450:400... 2a00:1450:400c:c1b::9d	15169 (GOOGLE) (GOOGLE)
7	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
1	184.30.20.185 184.30.20.185	16625 (AKAMAI-AS) (AKAMAI-AS)
5	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:6c0... 2a02:26f0:6c00:297::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	18.196.61.57 18.196.61.57	16509 (AMAZON-02) (AMAZON-02)
1	213.202.235.8 213.202.235.8	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	213.254.244.105 213.254.244.105	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
2	151.101.129.108 151.101.129.108	54113 (FASTLY) (FASTLY)
2 2	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
2 4	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2	212.77.98.32 212.77.98.32	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
158	43

25 212.24.97.24 (Lithuania) 1 redirects

ASN212531 (INTERNETO-VIZIJA, LT)
PTR: 20371.s.serverhost.name

report.if.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:8600:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 116.202.115.24 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.24.115.202.116.clients.your-server.de

ep.umobile.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:4600:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 37.157.4.25 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.37 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

optad360-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.185 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-185.deploy.static.akamaitechnologies.com

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.250 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:6c00:297::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.61.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-61-57.eu-central-1.compute.amazonaws.com

vfd2dyn.vodafone.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.202.235.8 (Düsseldorf, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.105 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.248 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.212.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl

std.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 4064 track.adform.net — Cisco Umbrella Rank: 3334 s1.adform.net — Cisco Umbrella Rank: 8028 c1.adform.net — Cisco Umbrella Rank: 524	208 KB
25	report.if.ua 1 redirects report.if.ua	1 MB
14	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 205 cdn.adnxs.com — Cisco Umbrella Rank: 1232 fra1-ib.adnxs.com — Cisco Umbrella Rank: 8051 acdn.adnxs.com — Cisco Umbrella Rank: 523	76 KB
12	openx.net optad360-d.openx.net — Cisco Umbrella Rank: 54880 eu-u.openx.net — Cisco Umbrella Rank: 1751 us-u.openx.net — Cisco Umbrella Rank: 323	3 KB
10	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 460 rtb0.doubleverify.com — Cisco Umbrella Rank: 624 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 11873 tps.doubleverify.com — Cisco Umbrella Rank: 444 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 9304	121 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	250 KB
9	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 689 gum.criteo.com — Cisco Umbrella Rank: 347 mug.criteo.com — Cisco Umbrella Rank: 3185	8 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	7 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
5	connectad.io i.connectad.io — Cisco Umbrella Rank: 6650 cdn.connectad.io — Cisco Umbrella Rank: 4108 sync-eu.connectad.io — Cisco Umbrella Rank: 2655	2 KB
5	umobile.pl ep.umobile.pl	5 KB
4	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 22697	969 B
4	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 102340 i.bigmir.net — Cisco Umbrella Rank: 189369	1 KB
4	gstatic.com fonts.gstatic.com	114 KB
3	optad360.io cmp.optad360.io — Cisco Umbrella Rank: 37034 get.optad360.io — Cisco Umbrella Rank: 24237	231 KB
2	wpcdn.pl std.wpcdn.pl — Cisco Umbrella Rank: 29822	67 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 293	529 B
2	quantserve.com 2 redirects pixel.quantserve.com — Cisco Umbrella Rank: 381	986 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 384	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 600	59 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1055	552 B
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6130	348 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1689	24 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 12956	1 KB
1	vodafone.de vfd2dyn.vodafone.de — Cisco Umbrella Rank: 83897
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8832	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	644 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	41 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
158	31

	Domain	Requested by
25	report.if.ua	1 redirects report.if.ua
11	track.adform.net	get.optad360.io s1.adform.net
7	s1.adform.net	get.optad360.io track.adform.net s1.adform.net report.if.ua
7	pagead2.googlesyndication.com	report.if.ua pagead2.googlesyndication.com tpc.googlesyndication.com
6	eu-u.openx.net	get.optad360.io eu-u.openx.net
6	ib.adnxs.com	get.optad360.io acdn.adnxs.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com report.if.ua
5	fra1-ib.adnxs.com	get.optad360.io report.if.ua cdn.adnxs.com
5	adx.adform.net	get.optad360.io s1.adform.net
5	ep.umobile.pl	report.if.ua ep.umobile.pl
4	cm.g.doubleclick.net	2 redirects eu-u.openx.net
4	us-u.openx.net	eu-u.openx.net
4	gum.criteo.com	2 redirects static.criteo.net
4	cdn.doubleverify.com	s1.adform.net cdn.doubleverify.com report.if.ua
4	ssp.wp.pl	get.optad360.io
4	fonts.gstatic.com	fonts.googleapis.com
3	mug.criteo.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	i.bigmir.net	report.if.ua
2	tpsc-frc.doubleverify.com	cdn.doubleverify.com
2	std.wpcdn.pl	ssp.wp.pl
2	match.adsrvr.org	eu-u.openx.net
2	c1.adform.net	2 redirects
2	pixel.quantserve.com	2 redirects
2	sync.mathtag.com	2 redirects
2	acdn.adnxs.com	get.optad360.io
2	cdn.connectad.io	get.optad360.io
2	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
2	static.criteo.net	get.optad360.io static.criteo.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	prebid.a-mo.net	get.optad360.io
2	bidder.criteo.com	get.optad360.io
2	i.connectad.io	get.optad360.io
2	prebid-eu.creativecdn.com	get.optad360.io
2	optad360-d.openx.net	get.optad360.io
2	script.4dex.io	get.optad360.io script.4dex.io
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	get.optad360.io	report.if.ua get.optad360.io
1	sync-eu.connectad.io	cdn.connectad.io
1	tps.doubleverify.com	cdn.doubleverify.com
1	m.exactag.com	report.if.ua
1	vfd2dyn.vodafone.de	report.if.ua
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	www.google.com	tpc.googlesyndication.com
1	cdn.adnxs.com	get.optad360.io
1	cdn.jsdelivr.net	get.optad360.io
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.bigmir.net	report.if.ua
1	www.googletagmanager.com	report.if.ua
1	cmp.optad360.io	report.if.ua
1	fonts.googleapis.com	report.if.ua
158	53

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
radio.z-polus.info
if.gaszbut.com.ua
knyagynyn.if.ua
plus.google.com
pinterest.com
uragan.if.ua
typical.if.ua
www.adamson.ua
stanislaviv.org.ua
www.bigmir.net
my.oe.if.ua

Subject Issuer	Validity	Valid
report.if.ua R3	`2022-02-03` - `2022-05-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
ep.umobile.pl R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
c.bigmir.net R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
img.com.ua R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
*.wp.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-10` - `2023-03-15`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.a-mo.net R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
dyn.vodafone.de DigiCert TLS RSA SHA256 2020 CA1	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2020-01-22` - `2022-04-21`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.wpcdn.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-14` - `2022-05-15`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://report.if.ua/
Frame ID: B6CE710FC3D2626E7EB67FA9EB822ABB
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html
Frame ID: C62959D4892A5F05DB4CFB9D406EED5B
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22sa9fafqr90raiq9pd7qlefov7nl1647948165918%22,%22ac%22:1647948166110}
Frame ID: 3F31A93CA9627A78DDC6907CF50D6548
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22k4smtdmiknnmik1u7i61q4btq3q1647948165919%22,%22ac%22:1647948166162}
Frame ID: 65F846612BCA7977196FF927E88A46C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1647948166&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647948166092&bpp=20&bdt=363&idt=287&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1390938128287&frm=20&pv=2&ga_vid=1120601684.1647948166&ga_sid=1647948166&ga_hid=658368509&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760494%2C31064019&oid=2&pvsid=2270295730644327&pem=509&tmod=1745958221&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=302
Frame ID: C87A8329146BFFFFB6208C3F97AB98BC
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/video_player?data[act]=getextplayer&data[id]=300
Frame ID: C600ED2D0F50AE560561CBD0CE4B90A8
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=53791991;rtbwp=OFSA3vWReYRiQHP7cqBxuazboUFQG3yp0;rtbdata=Bi119AxlmbAYd-eLDxf7-nvKcax9mmV4RgfHs1Xlwqlip7AkSuwzb99zKvYmqj_FNxMrK5VfemSvg4jFumKLS7C53is-viyOivIVs4lhcmJXtgSGcvPC1Yc9CtlVEOGZe1bKYEf9kq57h_Cko5AVCgpWVCgl6K490jD3DAFjK8peT5CqUm1bRIgAw5-Smk_eapE5HxCbGTVgDIZbHfMXRgWBtZS71n-GFfvyievnAIs0aMwml4Zv7BrVPRD1tdxHGNb_ATLhl7THoZ0gxe9O4rftOFdXYAZNkNk7t2M4xJwyqqlYMU0tzywR7P8hmRxJUhDG55qBgjEnQNBEiXc8urCLULNV66XlL0jSnk0otj7ZqbSzEMz2rK0frOVHhDccs1qs5qMgCWQSfs7UZ1nI4to2hKqZB-eEuVjCKAgTY901;csid=16383;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=D3dO9oHMNt142u1ywTJ-2liBlduye4L3urNMmjgiykRG7fjXkzrUDJG4dWAZeGGw7-ItQUX26WT6J5VkPjn01jlZxUeWK0D6IDOloe5xNZmwZ5-gt9Iuo1CkPIp8OsEmfvu0Kil5L7nMAkmGOchprdXiLHTfaW5d3dNyS3qC9lKk6PDMoGN38JWmuAS3fAuTbuwx3WB898xSgvC0HTM99wQaFYhrd-oY0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: FB45E803BD1A23FB326657F8FC35BA2D
Requests: 19 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=45708919;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.054979-Vpap9gQZSvbCsGbqFwBckZm0USG3HwOu0;rtbr=2038595194019661215_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Freport.if.ua%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=PeJbDGpokNvQPoDpt6O6FDFzpfhhNDdMG83hrGRvF37NA7LakeySyFHhb52wH9U4uqk7ELp8gbVE1dxl2BZtSZ0LquQ751yI50xj1cXPNTK3-H30iz0Fjn7svJkJRUhoIm-dR_oa_eySDbxvwSWkymBdTpXLHY5CeTqcoE3up6M5DHgPw5vtQJLqBcHmZPtZZPSVCRcBPzE1;rtbtest=0
Frame ID: 3E7C1470622F23499AE628BE73B79137
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5347AD6609C22D70F91A5153C121A045
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A3934555219395B58646F6D6D38BF5E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=report.if.ua
Frame ID: 8CE9BC53A003E1F288BBEE6F1ADA8FD4
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2410.js
Frame ID: F0B9F1682DAFB75E8E965C25F408CF73
Requests: 4 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Frame ID: 0820E61CF5B46AC9BC30E565159ABCC7
Requests: 7 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 6ABD37775CB5398182F7EFA468AFB0B4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 25BC93BF8BE2BB2CA6BAC9400B5E640C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4B6653ADE117D1D149031B56C0352CB3
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2CF3BFE261BE231E3E9E9FB6BDCADDD9
Requests: 3 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: EBB33A384508B93AD1AABED280CA183D
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: BDAEF58371030D339A93C59EF1590E26
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Frame ID: 9EB090338F08977C142E96AF03EEE382
Requests: 7 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 0AB185A1E2EBBDB2FC0DF72AD5C0D7D5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Репортер - новини Івано-Франківська та Прикарпаття

Page URL History Show full URLs

http://report.if.ua/ HTTP 301
https://report.if.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

158
Requests

94 %
HTTPS

43 %
IPv6

31
Domains

53
Subdomains

43
IPs

10
Countries

2418 kB
Transfer

5621 kB
Size

28
Cookies

61 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/report.if.ua
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ifreporter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ifreporter
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/ifreporter
Title: YouTube

Search URL Search Domain Scan URL

URL: http://radio.z-polus.info/player/
Title: Західний полюс

Search URL Search Domain Scan URL

URL: https://if.gaszbut.com.ua/information-business/komercijni-propozicii-7?fbclid=IwAR2NaeN5WeY505O7mmQDH06Hw61MJsB8U6qK4LmtoXHAgh5UDsIzjGqfT0Q

Search URL Search Domain Scan URL

URL: https://knyagynyn.if.ua/?utm_source=newsletter&utm_medium=reportif&utm_campaign=reportif

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Favto%2Fvijna-z-rosiyeyu-vodiyam-zaboroneno-vykorystovuvaty-videoreyestratory%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Favto%2Fvijna-z-rosiyeyu-vodiyam-zaboroneno-vykorystovuvaty-videoreyestratory%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Favto%2Fvijna-z-rosiyeyu-vodiyam-zaboroneno-vykorystovuvaty-videoreyestratory%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Favto%2Fvijna-z-rosiyeyu-vodiyam-zaboroneno-vykorystovuvaty-videoreyestratory%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2F1-5.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Favto%2Fu-rogatynskomu-rajoni-legkovyk-vletiv-u-vantazhivku-dvoye-zagyblyh-foto%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Favto%2Fu-rogatynskomu-rajoni-legkovyk-vletiv-u-vantazhivku-dvoye-zagyblyh-foto%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Favto%2Fu-rogatynskomu-rajoni-legkovyk-vletiv-u-vantazhivku-dvoye-zagyblyh-foto%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Favto%2Fu-rogatynskomu-rajoni-legkovyk-vletiv-u-vantazhivku-dvoye-zagyblyh-foto%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fdtp-rohatyn_03.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Favto%2Fpershyj-pishov-u-rivnomu-netverezyj-vodij-vtratyv-avto-na-koryst-zsu%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Favto%2Fpershyj-pishov-u-rivnomu-netverezyj-vodij-vtratyv-avto-na-koryst-zsu%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Favto%2Fpershyj-pishov-u-rivnomu-netverezyj-vodij-vtratyv-avto-na-koryst-zsu%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Favto%2Fpershyj-pishov-u-rivnomu-netverezyj-vodij-vtratyv-avto-na-koryst-zsu%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fscreenshot_1.png

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Favto%2Fneh-j-shastat-ukravtodor-zaklykav-znimaty-dorozhni-znaky%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Favto%2Fneh-j-shastat-ukravtodor-zaklykav-znimaty-dorozhni-znaky%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Favto%2Fneh-j-shastat-ukravtodor-zaklykav-znimaty-dorozhni-znaky%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Favto%2Fneh-j-shastat-ukravtodor-zaklykav-znimaty-dorozhni-znaky%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F02%2F1-2.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fvideo%2Fpapa-rymskyj-zaklykav-svitovyh-lideriv-zupynyty-vijnu-v-ukrayini-video%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fvideo%2Fpapa-rymskyj-zaklykav-svitovyh-lideriv-zupynyty-vijnu-v-ukrayini-video%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fvideo%2Fpapa-rymskyj-zaklykav-svitovyh-lideriv-zupynyty-vijnu-v-ukrayini-video%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fvideo%2Fpapa-rymskyj-zaklykav-svitovyh-lideriv-zupynyty-vijnu-v-ukrayini-video%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fe89069cc-48d0-4774-81b2-a5e201b24434_cx0_cy7_cw0_w1023_r1_s.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fsocium%2Fbilshist-rosiyan-za-vijnu-z-ukrayinoyu-i-hochut-shchob-putin-pravyv-dovshe%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fsocium%2Fbilshist-rosiyan-za-vijnu-z-ukrayinoyu-i-hochut-shchob-putin-pravyv-dovshe%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fsocium%2Fbilshist-rosiyan-za-vijnu-z-ukrayinoyu-i-hochut-shchob-putin-pravyv-dovshe%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fsocium%2Fbilshist-rosiyan-za-vijnu-z-ukrayinoyu-i-hochut-shchob-putin-pravyv-dovshe%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2021%2F09%2Frosija.png

Search URL Search Domain Scan URL

URL: https://uragan.if.ua/
Title: <img class="banner-sidebar-1" src="https://report.if.ua/wp-content/uploads/2020/09/120047299_332843587798885_2443198252237337513_n.gif" alt="Ураган" width="300" height="100">

Search URL Search Domain Scan URL

URL: http://typical.if.ua/
Title: <img class="banner-sidebar-2" src="https://report.if.ua/wp-content/uploads/2019/05/60003335_842416096110354_211597374928191488_n.jpg" alt="Типовий Франківськ" width="1280" height="640">

Search URL Search Domain Scan URL

URL: https://www.adamson.ua/
Title: <img class="banner-sidebar-5" src="https://report.if.ua/wp-content/uploads/2022/01/adamson-new.jpg" alt="ADAMSON" width="1080" height="1080">

Search URL Search Domain Scan URL

URL: https://stanislaviv.org.ua/ua/
Title: <img class="banner-sidebar-4" src="https://report.if.ua/wp-content/uploads/2019/11/71790532_811210685963968_3902815547556888576_n.gif" alt="Готель Станіславів" width="468" height="60">

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fsocium%2Furoky-za-rozkladom-zno-pid-pytannyam-yak-uzhe-tyzhden-navchayutsya-frankivski-shkolyari%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fsocium%2Furoky-za-rozkladom-zno-pid-pytannyam-yak-uzhe-tyzhden-navchayutsya-frankivski-shkolyari%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fsocium%2Furoky-za-rozkladom-zno-pid-pytannyam-yak-uzhe-tyzhden-navchayutsya-frankivski-shkolyari%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fsocium%2Furoky-za-rozkladom-zno-pid-pytannyam-yak-uzhe-tyzhden-navchayutsya-frankivski-shkolyari%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2021%2F03%2Fonlajn-shkola-2.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fgroshi%2Fbiznes-z-i-shodu-tryvayut-peremovyny-vlady-frankivska-z-troma-velykymy-firmamy%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fgroshi%2Fbiznes-z-i-shodu-tryvayut-peremovyny-vlady-frankivska-z-troma-velykymy-firmamy%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fgroshi%2Fbiznes-z-i-shodu-tryvayut-peremovyny-vlady-frankivska-z-troma-velykymy-firmamy%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fgroshi%2Fbiznes-z-i-shodu-tryvayut-peremovyny-vlady-frankivska-z-troma-velykymy-firmamy%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2020%2F04%2Frobota.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fgazeta%2Fne-sydity-vdoma-yak-frankivky-v-tylu-nablyzhuyut-peremogu-foto%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fgazeta%2Fne-sydity-vdoma-yak-frankivky-v-tylu-nablyzhuyut-peremogu-foto%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fgazeta%2Fne-sydity-vdoma-yak-frankivky-v-tylu-nablyzhuyut-peremogu-foto%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fgazeta%2Fne-sydity-vdoma-yak-frankivky-v-tylu-nablyzhuyut-peremogu-foto%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fvolontery-vijna-1-scaled.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fvideo%2Fu-frankivsku-druzhyny-voyiniv-pechut-kondyterku-aby-dopomogty-armiyi-foto-video%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fvideo%2Fu-frankivsku-druzhyny-voyiniv-pechut-kondyterku-aby-dopomogty-armiyi-foto-video%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fvideo%2Fu-frankivsku-druzhyny-voyiniv-pechut-kondyterku-aby-dopomogty-armiyi-foto-video%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fvideo%2Fu-frankivsku-druzhyny-voyiniv-pechut-kondyterku-aby-dopomogty-armiyi-foto-video%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2F276015276_472289704622411_4547219913413818032_n.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fgazeta%2Fmaksym-karpash-plany-na-2022-rik-vsyudy-bude-ukrayina%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fgazeta%2Fmaksym-karpash-plany-na-2022-rik-vsyudy-bude-ukrayina%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fgazeta%2Fmaksym-karpash-plany-na-2022-rik-vsyudy-bude-ukrayina%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fgazeta%2Fmaksym-karpash-plany-na-2022-rik-vsyudy-bude-ukrayina%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2021%2F05%2Fkarpash-e1621174624578.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Flyudy%2Fnashe-misce-zaraz-tut-yak-frankivci-u-varshavi-dopomagayut-gospitalyeram%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Flyudy%2Fnashe-misce-zaraz-tut-yak-frankivci-u-varshavi-dopomagayut-gospitalyeram%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Flyudy%2Fnashe-misce-zaraz-tut-yak-frankivci-u-varshavi-dopomagayut-gospitalyeram%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Flyudy%2Fnashe-misce-zaraz-tut-yak-frankivci-u-varshavi-dopomagayut-gospitalyeram%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fhospitalyery01.jpg

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

URL: https://my.oe.if.ua/
Title: <img src="https://report.if.ua/wp-content/uploads/2018/02/baner_reporter_300h100px-2.jpg" width="118px" height="51px">

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://report.if.ua/ HTTP 301
https://report.if.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 108

https://gum.criteo.com/sid/json?origin=publishertag&domain=report.if.ua&sn=ChromeSyncframe&so=0&topUrl=report.if.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=hROgSXxwSUR0czNEZmJtdk5PUE5Ockt0VTN0c0dyOHFmZzArNy9GaVBXbTZLVVRZVDFNQVFKUnJSemdwaGdEdE4ybGI4WG5QVURvM3BMOE9VRnNSc1IyQW9GSGhRSVdMMlBzcjZERGtFWnhadGtYV1R4b2dlalYrbWlRa24welo0dEdRV1ZHN1Q1cDVlL2thWnB1YmlRT0w5ZFk1bnNqOWpZOVIvaFRXM2FBNC84dkpzandySFpWMEFqbVZtKzNINXlXeVFoMDF2eldZWEY2WE93NnJKOFdPbktYNDkyWGtBM2xGbDhkNFVHaDJraFM3c0VxMWREZ3ZqYjhpeXBkNDFIVElBb0ZVVVlYdFBVdkNueTE4bVFMZ2dlQT09fA&cppv=2

Request Chain 126

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=8RRE-HxDRWwvMk9vT1pFRlBwbFhnbVlDOGdxMFN1K0dYUy9xTGlYeW5sNWtqUDJJNGNsTnhlekFOSUNFeVJvZFVDY05qQVJ0WkE3VzFVaG5PejFoLzk3bXBtcWtYQW9LUkRKeFo3SldlU0xvTXpOTlpDeGlqbjIwdVVyV0Y3RDBoZlVsUWFiaDd4QnN6bFRLWEJjSXFyNEFueHA0bnhsV3h6RTBSbG1HWmEvbkJkSzNvVWpUN2hPQ2szWC9wRnV6S0J4MjZwdGdLRDFWRjdXdEk2RGJrVmZvb2s1OEhVV0JlSStMV2c3diszd2VQY3A2NVJOcjlwdCtMNzFqbDJNSmlLQnNqYlNSRE9WMnROMzZVYlhmUnRJWWxldz09fA&cppv=2

Request Chain 136

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7b106239-b18a-4f00-8d06-9989ca2c0c21

Request Chain 137

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=EqKI0Uahg4kJp4KMRvWW2RWnj4wJ8dqOQaJa3wi3

Request Chain 138

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8869034054910701405

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC94pe6YwQJrMEnFQkLQjnw&google_cver=1

Request Chain 143

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5cb86239-b18a-4f00-bac9-aa157ed2cebb

Request Chain 144

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=LOVSvXjmWeU34FjifuJM5i2zA-Y34ViyIrF_-wwC

Request Chain 145

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8869034054910701405

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHRsyiqwvQJ1Knnfh4WOQLU&google_cver=1

158 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
report.if.ua/
Redirect Chain

http://report.if.ua/
https://report.if.ua/

188 KB
23 KB

350ms
174ms

Document
text/html

212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: e1e87b6deeb4dc26ab010a89388a93ab3a8119e1e0b3b207f4611a2672180f99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

server: nginx
date: Tue, 22 Mar 2022 11:22:45 GMT
content-type: text/html; charset=UTF-8
x-cache-handler: cache-enabler-engine
content-encoding: gzip

Redirect headers

Server: nginx
Date: Tue, 22 Mar 2022 11:22:45 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://report.if.ua/

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
53 KB 253ms
135ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69242e9bb1aa9b1e5673970355a91e0343515771d5997634ec52e905156d1268

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.if.ua/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54645
x-xss-protection: 0
server: cafe
etag: 17058145756707243322
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Mar 2022 11:22:45 GMT

GET
H2 200 autoptimize_cc76c13dcac57a2b855958efed209d77.css
report.if.ua/wp-content/cache/autoptimize/css/ 689 KB
88 KB 94ms
93ms Stylesheet
text/css 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/cache/autoptimize/css/autoptimize_cc76c13dcac57a2b855958efed209d77.css
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: cfb8cf793f234253a8404d4b5221cb675709a3c15c8f5ca5416818c18fa17102

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:45 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 19:06:11 GMT
server: nginx
etag: W/"62323523-ac5da"
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 181ms
63ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

566b34c4d71bc08e2fb2d0bfd37ab4b5962925780224e735ee4b3b4078f32502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 11:18:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 22 Mar 2022 11:22:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 22 Mar 2022 11:22:45 GMT

GET
H2 200 jquery.min.js Show response
report.if.ua/wp-includes/js/jquery/ 87 KB
31 KB 261ms
261ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:45 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 14:33:11 GMT
server: nginx
etag: W/"60cf51a7-15d98"
content-type: application/javascript

GET
H2 200 4d4a3073-7c40-48e1-bbb9-4487f0b77435.min.js Show response
cmp.optad360.io/items/ 497 B
832 B 233ms
85ms Script
application/javascript 2600:9000:2156:8600:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/4d4a3073-7c40-48e1-bbb9-4487f0b77435.min.js
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:8600:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 00:42:55 GMT
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 08:54:56 GMT
server: AmazonS3
age: 38392
etag: "7acdc116a0830ba0aef5e087010246ba"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 497
x-amz-cf-id: 9fsz8d1g4-cn68vQqBiWMeceVQSLJzU76aSX9YOSsjQR9bkccloPFg==

GET
H/1.1 200
OK js_banner Show response
ep.umobile.pl/ 5 KB
2 KB 197ms
59ms Script
application/javascript 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22load%22}
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: b1ae9380fd51b15a8c48a056377860cdceb08bb60bd5bdd7ca229205cb4c101b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:45 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 1383
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 192ms
75ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1934008481619997

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

392acc767fde3c94ae694ecf5d67bf3b5c67b12a1672f965a6cd7d5e2cd58a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.if.ua/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54646
x-xss-protection: 0
server: cafe
etag: 17238943477424919650
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 22 Mar 2022 11:22:45 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/ 371 KB
88 KB 220ms
68ms Script
application/javascript 2600:9000:2156:4600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/plugin.min.js
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a455924192c13db118d571bd894b18a4ce83c939708219cef08a7550fcef0d21

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:28:17 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 08:58:05 GMT
server: AmazonS3
age: 3270
etag: W/"a1f68c1c7c64925394855df7d8e42aaa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Xh6I1sJT9cyh9BEy8OPl6xz3qVnOHx04RpkBqH3-59Qr3FoBvOS2YQ==

GET
H/1.1 200
OK js_banner Show response
ep.umobile.pl/ 5 KB
2 KB 198ms
60ms Script
application/javascript 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22load%22}
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 88f3277a59899e2907f9bea69198d0f8b56ca1ce7ea41f6ec03e6fdd22e09606

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:45 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 1384
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 autoptimize_522ab4cdefb0e46b4bbee965ac6dafce.js Show response
report.if.ua/wp-content/cache/autoptimize/js/ 155 KB
47 KB 91ms
91ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/cache/autoptimize/js/autoptimize_522ab4cdefb0e46b4bbee965ac6dafce.js
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 9bad7feb8f1dc630c9f35a0516ab1998c37c9d37a42afa1b8bab0030e5825e5a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 19:06:11 GMT
server: nginx
etag: W/"62323523-26dda"
content-type: application/javascript

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/ 297 KB
107 KB 146ms
84ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

776a52401ee01b1b32d1932f3b96e1c14aa6b41dfa02733b9b0ed7de0f7b3291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109610
x-xss-protection: 0
server: cafe
etag: 1046989276055107406
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 22 Mar 2022 11:22:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/ Frame C629 10 KB
5 KB 171ms
54ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Mon, 21 Mar 2022 23:16:13 GMT
expires: Mon, 04 Apr 2022 23:16:13 GMT
cache-control: public, max-age=1209600
age: 43593
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
41 KB 188ms
72ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8FPFJ7

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd25eda849836afa13c28db2f6cb0b7fd05a9c9f98ac7bba46fb54057ee3e780

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41780
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 22 Mar 2022 11:22:46 GMT

GET
H/1.1 200
OK js_banner Show response
ep.umobile.pl/ Frame 3F31 381 B
730 B 76ms
76ms Document
text/html 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22sa9fafqr90raiq9pd7qlefov7nl1647948165918%22,%22ac%22:1647948166110}
Requested by: Host: ep.umobile.pl
URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22load%22}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: d3fea00c6c209c7892450e3d136f577270cc62010c38bb523f44da8558cf3fba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Server: nginx/1.18.0
Date: Tue, 22 Mar 2022 11:22:46 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 288
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ 24 KB
24 KB 296ms
179ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:48:08 GMT
x-content-type-options: nosniff
age: 563678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:48:08 GMT

GET
H2 200 fontawesome-webfont.woff2
report.if.ua/wp-content/themes/reporternew/css/fontawesome/fonts/ 70 KB
70 KB 156ms
156ms Font
application/octet-stream 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/themes/reporternew/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: report.if.ua
URL: https://report.if.ua/wp-content/cache/autoptimize/css/autoptimize_cc76c13dcac57a2b855958efed209d77.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://report.if.ua/wp-content/cache/autoptimize/css/autoptimize_cc76c13dcac57a2b855958efed209d77.css
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Sun, 12 Nov 2017 09:46:16 GMT
server: nginx
accept-ranges: bytes
etag: "5a081868-118d8"
content-length: 71896
content-type: application/octet-stream

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 162ms
54ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Mar 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 563836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 15 Mar 2023 22:45:30 GMT

GET
H2 200 player.png
report.if.ua/wp-content/uploads/2017/12/ 4 KB
4 KB 144ms
144ms Image
image/png 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2017/12/player.png
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 7022ca758ad0b7f4bd8269777b4a697ef25e950e23403b0da91a6857dd1484bc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Tue, 12 Dec 2017 14:50:58 GMT
server: nginx
accept-ranges: bytes
etag: "5a2fecd2-10da"
content-length: 4314
content-type: image/png

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 253ms
161ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 489111
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:55 GMT

GET
H/1.1 200
OK js_banner Show response
ep.umobile.pl/ Frame 65F8 381 B
732 B 76ms
76ms Document
text/html 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22k4smtdmiknnmik1u7i61q4btq3q1647948165919%22,%22ac%22:1647948166162}
Requested by: Host: ep.umobile.pl
URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22load%22}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 8ac4bcc0313de9992ab7162eb615c404fb8808546af077f6ea64ec5254096b4c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Server: nginx/1.18.0
Date: Tue, 22 Mar 2022 11:22:46 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 290
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 134 B
425 B 373ms
96ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n638604&w0&y0&d24&r1600
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 29e52d6b0e533f52222bf28d0aae2a8d35fcbcabceb43bb2530a8f5fe513363e

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:46 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 187ms
117ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 489088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:31:18 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
644 B 192ms
62ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=report.if.ua&callback=_gfp_s_&client=ca-pub-4857462492105343

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

40d52db54572a46c77a536ec00af3f87c7a5c6801cf6eee4da803160413e4666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 182ms
64ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=report.if.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Mar 2022 11:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 180ms
62ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=report.if.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Mar 2022 11:22:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C87A 603 B
67 B 137ms
75ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1647948166&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647948166092&bpp=20&bdt=363&idt=287&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1390938128287&frm=20&pv=2&ga_vid=1120601684.1647948166&ga_sid=1647948166&ga_hid=658368509&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760494%2C31064019&oid=2&pvsid=2270295730644327&pem=509&tmod=1745958221&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=302

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 22 Mar 2022 11:22:46 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 170ms
54ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8FPFJ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4680
date: Tue, 22 Mar 2022 10:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 22 Mar 2022 12:04:46 GMT

GET
H2 200 b59_top.gif
i.bigmir.net/cnt/samples/diagonal/ 65 B
237 B 271ms
85ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_top.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-41"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 65
expires: Fri, 25 Mar 2022 11:22:46 GMT

GET
H2 200 b59_center.gif
i.bigmir.net/cnt/samples/diagonal/ 78 B
249 B 271ms
85ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_center.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-4e"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 78
expires: Fri, 25 Mar 2022 11:22:46 GMT

GET
H2 200 b59_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 66 B
237 B 271ms
86ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_bottom.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-42"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 66
expires: Fri, 25 Mar 2022 11:22:46 GMT

GET
H/1.1 200
OK video_player Show response
ep.umobile.pl/ Frame C600 0
392 B 60ms
60ms Document
application/javascript 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/video_player?data[act]=getextplayer&data[id]=300
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Server: nginx/1.18.0
Date: Tue, 22 Mar 2022 11:22:46 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
142 KB 64ms
63ms Script
application/javascript 2600:9000:2156:4600:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:4600:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 16:54:12 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
age: 11730515
etag: W/"6dd0a13bde35d2daa452bba998871016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: J6FOZc2fO9whtMhGGUoeYm06_t7cCXVwgLwvEpsIp1Rb2npGu7HSFA==

GET
H2 200 logo_r_eu-1.svg
report.if.ua/wp-content/uploads/2017/12/ 9 KB
9 KB 85ms
84ms Image
image/svg+xml 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2017/12/logo_r_eu-1.svg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 1159ba1e605fff6cdf2a2d9b390446ca25df82d99b25cf1c4885ba173991590d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Sat, 09 Dec 2017 15:35:26 GMT
server: nginx
accept-ranges: bytes
etag: "5a2c02be-2369"
content-length: 9065
content-type: image/svg+xml

GET
H2 200 maxresdefault-600x400.jpg
report.if.ua/wp-content/uploads/2016/11/ 13 KB
13 KB 86ms
84ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2016/11/maxresdefault-600x400.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: a49a067ee6341744a4ff3db5441bff086963f3b38f161c541ce35a888d4eebdd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Wed, 09 Nov 2016 12:40:09 GMT
server: nginx
accept-ranges: bytes
etag: "58231929-356b"
content-length: 13675
content-type: image/jpeg

GET
H2 200 dsf2075-1-110x73.jpg
report.if.ua/wp-content/uploads/2022/03/ 5 KB
5 KB 86ms
85ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/dsf2075-1-110x73.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 8ae25182d624d7e40f385d089b038904daa8bf98d3d12a31891e4be48019632e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Mon, 21 Mar 2022 13:20:07 GMT
server: nginx
accept-ranges: bytes
etag: "62387b87-1446"
content-length: 5190
content-type: image/jpeg

GET
H2 200 airbnb-110x73.jpg
report.if.ua/wp-content/uploads/2022/03/ 6 KB
6 KB 86ms
85ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/airbnb-110x73.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 80c5b31c4ff01592cb69df17391e5012e03875a606024a21fe01985bc43ea694

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Mon, 21 Mar 2022 12:32:08 GMT
server: nginx
accept-ranges: bytes
etag: "62387048-196e"
content-length: 6510
content-type: image/jpeg

GET
H2 200 nova-enerhija3-110x73.jpg
report.if.ua/wp-content/uploads/2022/03/ 5 KB
5 KB 87ms
85ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/nova-enerhija3-110x73.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: c8c0bf2a9db044ac1805b7fb5e1fbc5a02eafb48edb084a548755445bf11155f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Sun, 20 Mar 2022 14:25:09 GMT
server: nginx
accept-ranges: bytes
etag: "62373945-14e5"
content-length: 5349
content-type: image/jpeg

GET
H2 200 baturin-110x73.jpg
report.if.ua/wp-content/uploads/2022/03/ 5 KB
6 KB 87ms
86ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/baturin-110x73.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 698d1c8b6895c4f9b464679593f5f3b788663e6d838bb2464717be764f1f8f41

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Sun, 20 Mar 2022 12:54:31 GMT
server: nginx
accept-ranges: bytes
etag: "62372407-1593"
content-length: 5523
content-type: image/jpeg

GET
H2 200 120047299_332843587798885_2443198252237337513_n.gif
report.if.ua/wp-content/uploads/2020/09/ 163 KB
164 KB 168ms
168ms Image
image/gif 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2020/09/120047299_332843587798885_2443198252237337513_n.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: cf1bf5bcae950b994962c4a3ba91a3746f1e08a651440e2e4d07c858ce5591a8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Wed, 23 Sep 2020 05:46:05 GMT
server: nginx
accept-ranges: bytes
etag: "5f6ae11d-28d3e"
content-length: 167230
content-type: image/gif

GET
H2 200 tank-3-370x247.jpg
report.if.ua/wp-content/uploads/2022/03/ 38 KB
38 KB 253ms
252ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/tank-3-370x247.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 780802a25a1ee957b780c4225d602f7a9b743508a34b3ffe377972a4f19e0c33

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Tue, 22 Mar 2022 10:34:32 GMT
server: nginx
accept-ranges: bytes
etag: "6239a638-97e0"
content-length: 38880
content-type: image/jpeg

GET
H2 200 narkotyky-370x247.jpg
report.if.ua/wp-content/uploads/2022/03/ 27 KB
27 KB 253ms
252ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/narkotyky-370x247.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: edfde0b9fc743affdd7a09a95d1781d4db81e39249cfad9e1b19c944e21d66e8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Tue, 22 Mar 2022 09:11:41 GMT
server: nginx
accept-ranges: bytes
etag: "623992cd-6b84"
content-length: 27524
content-type: image/jpeg

GET
H2 200 gazzbut-02122021.jpg
report.if.ua/wp-content/uploads/2021/12/ 32 KB
32 KB 249ms
249ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2021/12/gazzbut-02122021.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: af31788831e6fba62fd7280d994fb8bec5a115c95bdb9dcee4001e7dc6b1786e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Thu, 02 Dec 2021 10:31:55 GMT
server: nginx
accept-ranges: bytes
etag: "61a8a09b-7ed8"
content-length: 32472
content-type: image/jpeg

GET
H2 200 spilka-zabudivnykiv_580x96.gif
report.if.ua/wp-content/uploads/2021/11/ 275 KB
275 KB 249ms
249ms Image
image/gif 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2021/11/spilka-zabudivnykiv_580x96.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 133974970cd7dafaa652f6cff32bc1a0dafd5ccd58e428ff06edd3c74e31833e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Mon, 08 Nov 2021 16:45:18 GMT
server: nginx
accept-ranges: bytes
etag: "6189541e-44b9e"
content-length: 281502
content-type: image/gif

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 124ms
62ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=658368509&t=pageview&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=142415017&gjid=601282693&cid=1120601684.1647948166&tid=UA-7446216-8&_gid=1677605187.1647948167&_r=1&gtm=2wg3e0W8FPFJ7&z=529482919

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 116ms
61ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=658368509&t=pageview&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1612827167&gjid=1092849146&cid=1120601684.1647948166&tid=UA-7446216-8&_gid=1677605187.1647948167&_r=1&_slc=1&z=1227409629

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 109ms
54ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=658368509&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sidebar%20banners&ea=Sidebar%201%20banner%20view&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=1120601684.1647948166&tid=UA-7446216-8&_gid=1677605187.1647948167&gtm=2wg3e0W8FPFJ7&z=39881170

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:51:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66685
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 238ms
74ms Preflight 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://report.if.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 22 Mar 2022 11:22:46 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://report.if.ua
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 232ms
74ms Preflight 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://report.if.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Tue, 22 Mar 2022 11:22:46 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://report.if.ua
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 161ms
54ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220322

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb9c1f346f27118e9c12f3134c1d7046555698dd752aeeb600ecab781ec34a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 30110
x-jsd-version: 1.0.1287
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19146-FRA, cache-iad-kiad7000107-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"669-Lvi7scPpsos3p4GSqSy7jrrH+90"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6efe8d2aac9c887d-LHR

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
940 B 158ms
58ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7611
x-amz-request-id: tx8f12012ef84f4f449ef51-00623993ca
x-amz-id-2: tx8f12012ef84f4f449ef51-00623993ca
last-modified: Tue, 22 Mar 2022 09:15:21 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mciakVgSrOBJjy%2F9rXkedXU%2BaQxOGiBiQkei3qxGKYRdxfEmCPmylGP6zHhqsKD5CzNEh8EIg%2FptAyC1WCUwpHAtY14bHFQTELqJB4i7%2FUXFDPRF3t3a6Ogwxw8GBJjPsrzuJY8WUxG7rca4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1647940521027959
cf-ray: 6efe8d2a9c3276a3-LHR

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 10 KB
5 KB 365ms
252ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d11994b9b0fe7ed20562f92629ee185772092671f5384918a2a0157e9db9900e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 22 Mar 2022 11:22:47 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 82.199.130.42; 82.199.130.42; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: f41414e9-94f9-4530-bfff-0bd041550a42
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
optad360-d.openx.net/w/1.0/ 173 B
590 B 207ms
81ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Freport.if.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=cd6361b9-ea82-4915-9aa3-b38ebe2a091f&nocache=1647948166701&gdpr=0&schain=1.0%2C1!optad360.com%2C4214681%2C1%2C%2C%2C&aus=336x280%2C360x300%2C300x250&divids=oa-360-1647948166568_nmwpjx5hg-0&aucs=&auid=543540636
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 184deb86b295fd4d8bfa8831a98d80a927ecc6cca0c462ed7420a9f9775244c4

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:46 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://report.if.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 155ms
51ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Tue, 22 Mar 2022 11:22:46 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
38 B 196ms
97ms XHR
text/plain 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6efe8d2aa83f002a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
407 B 264ms
118ms XHR
text/plain 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
17 B 235ms
77ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Tue, 22 Mar 2022 11:22:46 GMT
access-control-allow-credentials: true
server: nginx
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary: Origin
accept-ch-lifetime: 604800

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
214 B 174ms
56ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=33039302097

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://report.if.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
206 B 574ms
292ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Tue, 22 Mar 2022 11:22:46 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 156
vary: origin, Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
213 B 174ms
59ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=94092886284

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Mar 2022 11:22:45 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://report.if.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 arj Show response
optad360-d.openx.net/w/1.0/ 173 B
358 B 206ms
88ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Freport.if.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9de8dd3c-130d-46ef-a9d4-e114c824a4c6&nocache=1647948166709&gdpr=0&schain=1.0%2C1!optad360.com%2C4214681%2C1%2C%2C%2C&aus=728x90%2C750x100%2C970x90&divids=oa-360-1647948166566_j240e95dm-undefined&aucs=&auid=543540636
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 975120889cf431a23296fe30f190ec09e1117f8c771a62fdf6b13279c9f1a990

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:46 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://report.if.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 openrtb Show response
adx.adform.net/adx/ 2 KB
2 KB 282ms
135ms XHR
application/json 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2b927269b7dc1de2e01e58f1961d50703804f6864d10cc378fbd45789a0bbe62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://report.if.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
172 B 229ms
76ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Tue, 22 Mar 2022 11:22:46 GMT
access-control-allow-credentials: true
server: nginx
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary: Origin
accept-ch-lifetime: 604800

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
346 B 477ms
200ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Tue, 22 Mar 2022 11:22:46 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 63
vary: origin, Accept-Encoding

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 146ms
51ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Tue, 22 Mar 2022 11:22:46 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 139 B
827 B 164ms
55ms XHR
application/json 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

9e6e1e8a0d6832a1a8f2aff9236a0f4b539bc3164953dfbcc0bf2afd09af68bc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:46 GMT
X-Proxy-Origin: 82.199.130.42; 82.199.130.42; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 318670a6-5779-48ef-bc2b-ff587d516b63
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 139
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
418 B 185ms
95ms XHR
text/plain 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6efe8d2aa840002a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 dsf2075-1-400x466.jpg
report.if.ua/wp-content/uploads/2022/03/ 67 KB
67 KB 120ms
119ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/dsf2075-1-400x466.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 3414b376c1370bd994dba8bd5f127a6a6044bac1d6449f1e6c5e6c06709c5394

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Mon, 21 Mar 2022 13:19:59 GMT
server: nginx
accept-ranges: bytes
etag: "62387b7f-10cf1"
content-length: 68849
content-type: image/jpeg

GET
H2 200 onlajn-shkola-2-306x466.jpg
report.if.ua/wp-content/uploads/2021/03/ 54 KB
55 KB 120ms
119ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2021/03/onlajn-shkola-2-306x466.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 62bf70ab6ae0ea7e3fad3e3b9d002ea184bb477c846d5737ffcef56e671e30b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Thu, 25 Mar 2021 14:23:02 GMT
server: nginx
accept-ranges: bytes
etag: "605c9cc6-d998"
content-length: 55704
content-type: image/jpeg

GET
H2 200 airbnb-306x466.jpg
report.if.ua/wp-content/uploads/2022/03/ 58 KB
58 KB 120ms
119ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/airbnb-306x466.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 2e21a964827283c90136df48ebb19b20ebfe48896538cba6b11bea23e2524e77

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Mon, 21 Mar 2022 12:32:01 GMT
server: nginx
accept-ranges: bytes
etag: "62387041-e848"
content-length: 59464
content-type: image/jpeg

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 168ms
55ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7446216-8&cid=1120601684.1647948166&jid=1612827167&gjid=1092849146&_gid=1677605187.1647948167&_u=YAjAAEABAAAAAC~&z=1251574487

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Mar 2022 11:22:46 GMT
content-type: text/plain
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 168ms
56ms XHR
text/plain 2a00:1450:400c:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7446216-8&cid=1120601684.1647948166&jid=142415017&gjid=601282693&_gid=1677605187.1647948167&_u=YAhAAEAAAAAAAC~&z=743324943

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 22 Mar 2022 11:22:46 GMT
content-type: text/plain
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 144ms
54ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7108
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txba7f41889d7d4c7899750-0062399411
x-amz-id-2: txba7f41889d7d4c7899750-0062399411
last-modified: Tue, 22 Mar 2022 09:15:19 GMT
server: cloudflare
etag: W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpFTf%2BfqKSishXF87xdftlhQOmV6gQnQd5ZVpvipcoy3yxWWOjkN27AhKK1kbCJj3xIFFL0oH10W%2FbGzK5mhHFB%2FNpuyPwb%2BQ7kdZ3c1eBvPs04k%2FU%2F9oYgsz%2Fv02eWQplGUvyU9aWnw67%2Fx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1647940519211847
cf-ray: 6efe8d2b8c5b7747-LHR
access-control-allow-headers: Authorization

GET
H2 200 photo_2022-03-21_15-41-30-370x247.jpg
report.if.ua/wp-content/uploads/2022/03/ 31 KB
31 KB 158ms
157ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/photo_2022-03-21_15-41-30-370x247.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 96fe5dfb2259a39cded0dda2b241d9877746504d1f3376857134218ff5703496

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Tue, 22 Mar 2022 07:38:04 GMT
server: nginx
accept-ranges: bytes
etag: "62397cdc-7b6b"
content-length: 31595
content-type: image/jpeg

GET
H2 200 60003335_842416096110354_211597374928191488_n.jpg
report.if.ua/wp-content/uploads/2019/05/ 45 KB
46 KB 158ms
158ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2019/05/60003335_842416096110354_211597374928191488_n.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: d0f7a26d388b4186c9b4f3b328cad51913a59278a64ba3f6bcf4f049bebd5893

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:46 GMT
last-modified: Mon, 13 May 2019 13:15:53 GMT
server: nginx
accept-ranges: bytes
etag: "5cd96e09-b5bf"
content-length: 46527
content-type: image/jpeg

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
54ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=658368509&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Promo%20banners&ea=Top%20right%20banner%20view&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=1120601684.1647948166&tid=UA-7446216-8&_gid=1677605187.1647948167&gtm=2wg3e0W8FPFJ7&z=666232773

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:51:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66685
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 54ms
54ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=658368509&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Promo%20banners&ea=Top%20left%20banner%20view&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=1120601684.1647948166&tid=UA-7446216-8&_gid=1677605187.1647948167&gtm=2wg3e0W8FPFJ7&z=721395875

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Mar 2022 16:51:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66685
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 onlajn-shkola-2-370x247.jpg
report.if.ua/wp-content/uploads/2021/03/ 37 KB
37 KB 102ms
102ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2021/03/onlajn-shkola-2-370x247.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: fa271e135b72381d6726848d84bb2ae22468127fb5498f421479e1a383ce577c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:47 GMT
last-modified: Thu, 25 Mar 2021 14:23:02 GMT
server: nginx
accept-ranges: bytes
etag: "605c9cc6-932e"
content-length: 37678
content-type: image/jpeg

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 133ms
71ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220317&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa0c1f186fe41751c67132a62f2f82589cf65734cf5401d83bd2f9e6d33d7834

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 22 Mar 2022 11:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10610
x-xss-protection: 0

GET
H2 200 276022471_10216904391560290_4420346499878389904_n-370x247.jpg
report.if.ua/wp-content/uploads/2022/03/ 35 KB
35 KB 85ms
85ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/276022471_10216904391560290_4420346499878389904_n-370x247.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 5f548027c5ffdb9f8eacfc44b02c171700efdb0582cddee0418f8d70d5a5fe5e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:47 GMT
last-modified: Tue, 22 Mar 2022 08:02:39 GMT
server: nginx
accept-ranges: bytes
etag: "6239829f-8b84"
content-length: 35716
content-type: image/jpeg

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame FB45 2 KB
2 KB 91ms
73ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=53791991;rtbwp=OFSA3vWReYRiQHP7cqBxuazboUFQG3yp0;rtbdata=Bi119AxlmbAYd-eLDxf7-nvKcax9mmV4RgfHs1Xlwqlip7AkSuwzb99zKvYmqj_FNxMrK5VfemSvg4jFumKLS7C53is-viyOivIVs4lhcmJXtgSGcvPC1Yc9CtlVEOGZe1bKYEf9kq57h_Cko5AVCgpWVCgl6K490jD3DAFjK8peT5CqUm1bRIgAw5-Smk_eapE5HxCbGTVgDIZbHfMXRgWBtZS71n-GFfvyievnAIs0aMwml4Zv7BrVPRD1tdxHGNb_ATLhl7THoZ0gxe9O4rftOFdXYAZNkNk7t2M4xJwyqqlYMU0tzywR7P8hmRxJUhDG55qBgjEnQNBEiXc8urCLULNV66XlL0jSnk0otj7ZqbSzEMz2rK0frOVHhDccs1qs5qMgCWQSfs7UZ1nI4to2hKqZB-eEuVjCKAgTY901;csid=16383;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=D3dO9oHMNt142u1ywTJ-2liBlduye4L3urNMmjgiykRG7fjXkzrUDJG4dWAZeGGw7-ItQUX26WT6J5VkPjn01jlZxUeWK0D6IDOloe5xNZmwZ5-gt9Iuo1CkPIp8OsEmfvu0Kil5L7nMAkmGOchprdXiLHTfaW5d3dNyS3qC9lKk6PDMoGN38JWmuAS3fAuTbuwx3WB898xSgvC0HTM99wQaFYhrd-oY0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

16911269b954d719131e55c9d03ccb94e3f2bd2e3d4660e7b8babc7da0ef2d7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 1442
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame FB45 58 KB
24 KB 254ms
79ms Script
application/x-javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:47 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 11:59:05 GMT
server: nginx
etag: W/"61f13789-e95e"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 3E7C 1 KB
1 KB 74ms
73ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=45708919;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.054979-Vpap9gQZSvbCsGbqFwBckZm0USG3HwOu0;rtbr=2038595194019661215_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Freport.if.ua%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=PeJbDGpokNvQPoDpt6O6FDFzpfhhNDdMG83hrGRvF37NA7LakeySyFHhb52wH9U4uqk7ELp8gbVE1dxl2BZtSZ0LquQ751yI50xj1cXPNTK3-H30iz0Fjn7svJkJRUhoIm-dR_oa_eySDbxvwSWkymBdTpXLHY5CeTqcoE3up6M5DHgPw5vtQJLqBcHmZPtZZPSVCRcBPzE1;rtbtest=0

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

76b6381c1fb8188c866c47b0a35662d78c02635169d0bba07312c24f62727559

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 938
expires: -1

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 3E7C 85 KB
29 KB 277ms
80ms Script
application/x-javascript 184.30.20.185
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.185 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-185.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 22 Mar 2022 11:22:47 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *, *
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29216
Expires: Wed, 22 Mar 2023 11:22:47 GMT

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 3E7C 0
815 B 168ms
54ms Image
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Freport.if.ua%252F&e=wqT_3QK3BOg3AgAAAwDWAAUBCIbj5pEGEJ-L8eLy8KKlHBgAKjYJsKDPXDwmrD8Rl3At31w1qD8ZAAAAgBSu1z8hlw0SACkRJNAxAAAA4FG4rj8wyJzQBzjqUkD2CEhbUIbK-IgBWNfycWAAaNDCiwF43dcFgAEBigEDVVNEkgUG8O2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAJICDENQZnM1UlVRclFvPdgC7tQD4ALQ_FDqAhVodHRwczovL3JlcG9ydC5pZi51YS-AAwCIAwGQAwCYAxegAwGqAycaFTIwMzg1OTUxOTQwMTk2NjEyMTVfMSoENTA2OToINDU3MDg5MTnAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuNDKoBACyBA4IABABGNACIJgCMAA4ArgEAMAEAMgEANoEAggB4AQB8ASGIRBYiAUBmAUAoAWh1L_aw_mXsUrABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYGJRPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq7yAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSUgYACAAMAA4ugZAAMgH3dcF0gcNFXcBOAjaBwYJJ0TgBwDqBwIIAPAH7vYDiggCEAA.&s=7fe0d6ec81fba21e698ae60e42aa6fd9d59e0bc3

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:47 GMT
X-Proxy-Origin: 82.199.130.42; 82.199.130.42; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2e6895dd-33bf-4794-8863-67468dde1da0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 317ms
201ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 22 Mar 2022 11:22:47 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame FB45 33 KB
16 KB 271ms
208ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53791991;rtbwp=OFSA3vWReYRiQHP7cqBxuazboUFQG3yp0;rtbdata=Bi119AxlmbAYd-eLDxf7-nvKcax9mmV4RgfHs1Xlwqlip7AkSuwzb99zKvYmqj_FNxMrK5VfemSvg4jFumKLS7C53is-viyOivIVs4lhcmJXtgSGcvPC1Yc9CtlVEOGZe1bKYEf9kq57h_Cko5AVCgpWVCgl6K490jD3DAFjK8peT5CqUm1bRIgAw5-Smk_eapE5HxCbGTVgDIZbHfMXRgWBtZS71n-GFfvyievnAIs0aMwml4Zv7BrVPRD1tdxHGNb_ATLhl7THoZ0gxe9O4rftOFdXYAZNkNk7t2M4xJwyqqlYMU0tzywR7P8hmRxJUhDG55qBgjEnQNBEiXc8urCLULNV66XlL0jSnk0otj7ZqbSzEMz2rK0frOVHhDccs1qs5qMgCWQSfs7UZ1nI4to2hKqZB-eEuVjCKAgTY901;csid=16383;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=D3dO9oHMNt142u1ywTJ-2liBlduye4L3urNMmjgiykRG7fjXkzrUDJG4dWAZeGGw7-ItQUX26WT6J5VkPjn01jlZxUeWK0D6IDOloe5xNZmwZ5-gt9Iuo1CkPIp8OsEmfvu0Kil5L7nMAkmGOchprdXiLHTfaW5d3dNyS3qC9lKk6PDMoGN38JWmuAS3fAuTbuwx3WB898xSgvC0HTM99wQaFYhrd-oY0;pui=2ShljixBLrber1pltXZUmg2;
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:47 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 23 Mar 2022 14:58:29 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame 3E7C 33 KB
16 KB 287ms
241ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=45708919;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.054979-Vpap9gQZSvbCsGbqFwBckZm0USG3HwOu0;rtbr=2038595194019661215_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Freport.if.ua%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=PeJbDGpokNvQPoDpt6O6FDFzpfhhNDdMG83hrGRvF37NA7LakeySyFHhb52wH9U4uqk7ELp8gbVE1dxl2BZtSZ0LquQ751yI50xj1cXPNTK3-H30iz0Fjn7svJkJRUhoIm-dR_oa_eySDbxvwSWkymBdTpXLHY5CeTqcoE3up6M5DHgPw5vtQJLqBcHmZPtZZPSVCRcBPzE1;rtbtest=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:47 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 23 Mar 2022 14:58:29 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame FB45 2 KB
1 KB 196ms
58ms Script
application/javascript 2a02:26f0:6c00:297::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2609027&plc=53791991&sid=1358733&dvregion=0&unit=728x90
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:297::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 22 Mar 2022 11:22:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 09:42:27 GMT
Server: Microsoft-IIS/10.0
ETag: "95ce63d2d032d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5347 13 KB
5 KB 117ms
54ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Mar 2022 11:21:18 GMT
expires: Wed, 22 Mar 2023 11:21:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 89
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6A39 783 B
1 KB 181ms
64ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

922ff0555d06f7f194eb8dfbcba3457d9817df6e674ee8081d743fe47c03b54e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5WmPyhJ+dGkvNaVeoiHFPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 22 Mar 2022 11:22:47 GMT
date: Tue, 22 Mar 2022 11:22:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-5WmPyhJ+dGkvNaVeoiHFPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame 3E7C 4 KB
3 KB 74ms
74ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=45708919;rtbpid=3;rtbinv=${INV_SRC};rtbwp=0.054979-Vpap9gQZSvbCsGbqFwBckZm0USG3HwOu0;rtbr=2038595194019661215_1;rtbcid=${ENC_CID};rtbtpc=${ENC_TPC};rtburl=https%3A%2F%2Freport.if.ua%2F;rtbcat=${IAB_CATS};rtbdp=${DATA_PROV};rtbdt=${DATA_TYPE};rtbdc=${DATA_FEE_ENC};rtbplc=${ENC_PLC};rtbrmc=${ENC_RMC};rtbdata=PeJbDGpokNvQPoDpt6O6FDFzpfhhNDdMG83hrGRvF37NA7LakeySyFHhb52wH9U4uqk7ELp8gbVE1dxl2BZtSZ0LquQ751yI50xj1cXPNTK3-H30iz0Fjn7svJkJRUhoIm-dR_oa_eySDbxvwSWkymBdTpXLHY5CeTqcoE3up6M5DHgPw5vtQJLqBcHmZPtZZPSVCRcBPzE1;rtbtest=0;js=1;adfxid=2x;5186;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Freport.if.ua%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

86bef215839d394108752a84c58fbfa6f758fc9cfbd1261a1e5d03f0d08a853a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:47 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2278
expires: -1

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 195ms
67ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:47 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 23 Mar 2022 11:22:47 GMT

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 3E7C 0
815 B 53ms
53ms Script
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Freport.if.ua%2F&e=wqT_3QK3Bug3AwAAAwDWAAUBCIbj5pEGEJ-L8eLy8KKlHBgAKjYJsKDPXDwmrD8Rl3At31w1qD8ZAAAAgBSu1z8hlw0SACkRJNAxAAAA4FG4rj8wyJzQBzjqUkD2CEhbUIbK-IgBWNfycWAAaNDCiwF43dcFgAEBigEDVVNEkgUG9LECmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQCSAgxDUGZzNVJVUXJRbz3YAu7UA-AC0PxQ6gIVaHR0cHM6Ly9yZXBvcnQuaWYudWEv8gIsCgdFTkNfQ1BNEiFWcGFwOWdRWlN2YkNzR2JxRndCY2tabTBVU0czSHdPdTDyAt0BCgxFTkNfUlRCX0RBVEESzAFQZUpiREdwb2tOdlFQb0RwdDZPNkZERnpwZmhoTkRkTUc4M2hyR1J2RjM3TkE3TGFrZXlTeUZIaGI1MndIOVU0dXFrN0VMcDhnYlZFMWR4bDJCWnRTWjBMcXVRNzUxeUk1MHhqMWNYUE5USzMtSDMwaXowRmpuN3N2SmtKUlVob0ltLWRSX29hX2V5U0RieHZ3U1dreW1CZFRwWExIWTVDZVRxY29FM3VwNk01REhnUHc1dnRRSkxxQmNIbVpQdFpaUFNWQ1JjQlB6RTHyAgYKBEFESUTyAgsKCUNPT0tJRV9JRIADAIgDAZADAJgDF6ADAaoDAMADrALIAwDYAwDgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQNODIuMTk5LjEzMC40MqgEALIEDggAEAEY0AIgmAIwADgCuAQAwAQAyAQA2gQCCAHgBAHwBIbK-IgBiAUBmAUAoAWh1L_aw_mXsUrABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWBiUT6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGrvIB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcBugcPCAAQABgAIAAwADi6BkAAyAfd1wXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB-72A4oIAhAA&s=de07b02e17dae392df3633d30b2fa6059c1c6de6&bdref=https%3A%2F%2Freport.if.ua%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Freport.if.ua%2F,https%3A%2F%2Freport.if.ua%2F&

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:47 GMT
X-Proxy-Origin: 82.199.130.42; 82.199.130.42; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0f7ee9e2-b0bc-4ebe-81d0-9edd086a0207
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame 3E7C 86 KB
37 KB 93ms
92ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e228592b6eeac47570a78b2a89490390600b75ea4cf15f88893f92f39b3aeb0b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:47 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 23 Mar 2022 15:00:00 GMT

GET
H3 200 w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5347 35 KB
14 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:28:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3275
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13798
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 10:28:12 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 3E7C 0
834 B 84ms
84ms Ping
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Freport.if.ua%2F&e=wqT_3QK3BOg3AgAAAwDWAAUBCIbj5pEGEJ-L8eLy8KKlHBgAKjYJsKDPXDwmrD8Rl3At31w1qD8ZAAAAgBSu1z8hlw0SACkRJNAxAAAA4FG4rj8wyJzQBzjqUkD2CEhbUIbK-IgBWNfycWAAaNDCiwF43dcFgAEBigEDVVNEkgUG8O2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAJICDENQZnM1UlVRclFvPdgC7tQD4ALQ_FDqAhVodHRwczovL3JlcG9ydC5pZi51YS-AAwCIAwGQAwCYAxegAwGqAycaFTIwMzg1OTUxOTQwMTk2NjEyMTVfMSoENTA2OToINDU3MDg5MTnAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuNDKoBACyBA4IABABGNACIJgCMAA4ArgEAMAEAMgEANoEAggB4AQB8ASGIRBYiAUBmAUAoAWh1L_aw_mXsUrABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYGJRPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq7yAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSUgYACAAMAA4ugZAAMgH3dcF0gcNFXcBOAjaBwYJJ0TgBwDqBwIIAPAH7vYDiggCEAA.&s=7fe0d6ec81fba21e698ae60e42aa6fd9d59e0bc3&type=nv&nvt=5&jm=1003&px=1065&py=763&bw=300&bh=250&sid=6849153571434017154&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15994440&sw=1600&sh=1200&pw=1600&ph=6575&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:47 GMT
X-Proxy-Origin: 82.199.130.42; 82.199.130.42; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 38a300e1-acca-4256-9990-287f0b45f754
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal101.js Show response
cdn.doubleverify.com/ Frame FB45 55 KB
18 KB 69ms
68ms Script
application/javascript 2a02:26f0:6c00:297::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2609027&plc=53791991&sid=1358733&dvregion=0&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:297::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 22 Mar 2022 11:22:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 09:42:39 GMT
Server: Microsoft-IIS/10.0
ETag: "80d16fd9d032d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18088

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6A39 0
0 104ms
104ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220317&jk=2270295730644327&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H2 200 /
track.adform.net/csimpr/ Frame 3E7C 35 B
467 B 74ms
73ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=45708919&csi=Gdd_M6lN-ue7ogHcOf0IS8SbRkj4B79x6IyJrIg8ulnrygPkIxxfk-dZ0bhxtkBJF1pSkl2FHY0I10MARYXNf2QBbo50IEXs0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:47 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 44823966.png
s1.adform.net/Banners/44823966/ Frame 3E7C 33 KB
33 KB 92ms
92ms Image
image/png 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/44823966/44823966.png?bv=1

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9e86469b66d2c14b63473462f4ab066d19fcc609d4985b72a5c01be7c46cd92f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:47 GMT
last-modified: Thu, 29 Apr 2021 06:13:51 GMT
server: nginx
etag: "608a4e9f-8378"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 33656

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 3E7C 0
834 B 73ms
73ms Ping
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Freport.if.ua%2F&e=wqT_3QK3BOg3AgAAAwDWAAUBCIbj5pEGEJ-L8eLy8KKlHBgAKjYJsKDPXDwmrD8Rl3At31w1qD8ZAAAAgBSu1z8hlw0SACkRJNAxAAAA4FG4rj8wyJzQBzjqUkD2CEhbUIbK-IgBWNfycWAAaNDCiwF43dcFgAEBigEDVVNEkgUG8O2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAJICDENQZnM1UlVRclFvPdgC7tQD4ALQ_FDqAhVodHRwczovL3JlcG9ydC5pZi51YS-AAwCIAwGQAwCYAxegAwGqAycaFTIwMzg1OTUxOTQwMTk2NjEyMTVfMSoENTA2OToINDU3MDg5MTnAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuNDKoBACyBA4IABABGNACIJgCMAA4ArgEAMAEAMgEANoEAggB4AQB8ASGIRBYiAUBmAUAoAWh1L_aw_mXsUrABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYGJRPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq7yAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSUgYACAAMAA4ugZAAMgH3dcF0gcNFXcBOAjaBwYJJ0TgBwDqBwIIAPAH7vYDiggCEAA.&s=7fe0d6ec81fba21e698ae60e42aa6fd9d59e0bc3&type=nv&nvt=13&jm=1003|1018|1008&px=1065&py=763&bw=300&bh=250&sf=1&sid=6849153571434017154&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15994440&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:47 GMT
X-Proxy-Origin: 82.199.130.42; 82.199.130.42; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dbbdd9d4-9f05-48db-a16e-46496c66da86
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame FB45 1 KB
902 B 199ms
60ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_192392253498&jsTagObjCallback=__tagObject_callback_192392253498&num=6&ctx=11655933&cmp=2609027&plc=53791991&sid=1358733&advid=&adsrv=&unit=728x90&isdvvid=&uid=192392253498&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=99&bridua=3&dup=null&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=1&htmlmsging=1&m1=13&noc=4&fcifrms=7&brh=2&fwc=0&fcl=265&flt=0&fec=1386&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2Tar9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2&dvp_exetime=4.60&callbackName=__verify_callback_192392253498
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 34131197a1a7924b4b11a25dc95c26c702361197c525864b2c869f884bfede53

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:48 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 0
Connection: keep-alive
Expires: 03/21/2022 11:22:48

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5347 0
9 B 54ms
53ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XaaDrw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8CE9 13 KB
5 KB 201ms
64ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=report.if.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2175
date: Tue, 22 Mar 2022 11:22:47 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 190ms
64ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:48 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 02:42:25 GMT
server: nginx
etag: W/"6226c291-1834f"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 23 Mar 2022 11:22:48 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame FB45 0
267 B 166ms
56ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=9cb5954e84474c05babed79a7eb7ab0e&vfdur=200&cbust=1647948168124488
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:48 GMT
Vary: Origin
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 03/21/2022 11:22:48

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame FB45 7 KB
4 KB 74ms
74ms Script
text/javascript 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?CC=1&bn=53791991;rtbwp=OFSA3vWReYRiQHP7cqBxuazboUFQG3yp0;rtbdata=Bi119AxlmbAYd-eLDxf7-nvKcax9mmV4RgfHs1Xlwqlip7AkSuwzb99zKvYmqj_FNxMrK5VfemSvg4jFumKLS7C53is-viyOivIVs4lhcmJXtgSGcvPC1Yc9CtlVEOGZe1bKYEf9kq57h_Cko5AVCgpWVCgl6K490jD3DAFjK8peT5CqUm1bRIgAw5-Smk_eapE5HxCbGTVgDIZbHfMXRgWBtZS71n-GFfvyievnAIs0aMwml4Zv7BrVPRD1tdxHGNb_ATLhl7THoZ0gxe9O4rftOFdXYAZNkNk7t2M4xJwyqqlYMU0tzywR7P8hmRxJUhDG55qBgjEnQNBEiXc8urCLULNV66XlL0jSnk0otj7ZqbSzEMz2rK0frOVHhDccs1qs5qMgCWQSfs7UZ1nI4to2hKqZB-eEuVjCKAgTY901;csid=16383;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=D3dO9oHMNt142u1ywTJ-2liBlduye4L3urNMmjgiykRG7fjXkzrUDJG4dWAZeGGw7-ItQUX26WT6J5VkPjn01jlZxUeWK0D6IDOloe5xNZmwZ5-gt9Iuo1CkPIp8OsEmfvu0Kil5L7nMAkmGOchprdXiLHTfaW5d3dNyS3qC9lKk6PDMoGN38JWmuAS3fAuTbuwx3WB898xSgvC0HTM99wQaFYhrd-oY0;pui=2ShljixBLrber1pltXZUmg2;;js=1;adfxid=1x;502;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Freport.if.ua%2F

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

df6b8c313e6f8bedaecff057821bef45395fec20d5a546cbd404beb739e59658

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:48 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3791
expires: -1

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8CE9
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=report.if.ua&sn=ChromeSyncframe&so=0&topUrl=report.if.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=hROgSXxwSUR0czNEZmJtdk5PUE5Ockt0VTN0c0dyOHFmZzArNy9GaVBXbTZLVVRZVDFNQVFKUnJSemdwaGdEdE4ybGI4WG5QVURvM3BMOE9VRnNSc1IyQW9GSGhRSVdMMlBzcjZERGtFWnhadGtYV1R4b2dlalYrbWlRa2...

438 B
637 B

184ms
59ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=hROgSXxwSUR0czNEZmJtdk5PUE5Ockt0VTN0c0dyOHFmZzArNy9GaVBXbTZLVVRZVDFNQVFKUnJSemdwaGdEdE4ybGI4WG5QVURvM3BMOE9VRnNSc1IyQW9GSGhRSVdMMlBzcjZERGtFWnhadGtYV1R4b2dlalYrbWlRa24welo0dEdRV1ZHN1Q1cDVlL2thWnB1YmlRT0w5ZFk1bnNqOWpZOVIvaFRXM2FBNC84dkpzandySFpWMEFqbVZtKzNINXlXeVFoMDF2eldZWEY2WE93NnJKOFdPbktYNDkyWGtBM2xGbDhkNFVHaDJraFM3c0VxMWREZ3ZqYjhpeXBkNDFIVElBb0ZVVVlYdFBVdkNueTE4bVFMZ2dlQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b40167fe65c2c59c276cd5f1dc808d45f23dd173b6635ab1ae94b2e6695a5a0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:48 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4832
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:47 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=hROgSXxwSUR0czNEZmJtdk5PUE5Ockt0VTN0c0dyOHFmZzArNy9GaVBXbTZLVVRZVDFNQVFKUnJSemdwaGdEdE4ybGI4WG5QVURvM3BMOE9VRnNSc1IyQW9GSGhRSVdMMlBzcjZERGtFWnhadGtYV1R4b2dlalYrbWlRa24welo0dEdRV1ZHN1Q1cDVlL2thWnB1YmlRT0w5ZFk1bnNqOWpZOVIvaFRXM2FBNC84dkpzandySFpWMEFqbVZtKzNINXlXeVFoMDF2eldZWEY2WE93NnJKOFdPbktYNDkyWGtBM2xGbDhkNFVHaDJraFM3c0VxMWREZ3ZqYjhpeXBkNDFIVElBb0ZVVVlYdFBVdkNueTE4bVFMZ2dlQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1998
content-length: 541
expires: 0

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame FB45 8 KB
4 KB 59ms
59ms Script
application/javascript 2a02:26f0:6c00:297::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=2609027&sid=1358733&plc=53791991&advid=165376&app=&sup=optAd360&adsrv=178&region=40&btreg=53791991&btadserv=adform&crt=52150204&crtname=cablemax_1000_220214_1456x180&dvtagver=6.1.src&turl=if.ua&DVP_ADTYPE=Image&DVP_LINE=8780949&DVPX_IMPID=40882306218977349&DVPX_GUID=8869034054910701405&DVPX_CDID=&DVPX_LAT=49.4544&DVPX_LONG=11.074&DVPX_PAGE=https%3a%2f%2freport.if.ua%2f
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:297::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7d14bf064d807a7df16b7b1e9c8681411495529f87ac134f94ad8f79ce8f04a5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 22 Mar 2022 11:22:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Mar 2022 11:17:09 GMT
Server: Microsoft-IIS/10.0
ETag: "80a8cd5ede3dd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3290

GET
H2 200 csp.php
vfd2dyn.vodafone.de/csp/ Frame FB45 0
0 197ms
61ms Image
text/html 18.196.61.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1791&r_id=htlp&rnd=34254
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.61.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-61-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame FB45 43 B
1 KB 271ms
70ms Image
image/gif 213.202.235.8
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extPu=75114-adform&extCr=52150204&extPm=8780949&extLi=8780949&extProvId=319&keyword=optAd360&c_id=display_cic_213:fq0_F_kip_max_pre_&rnd=64309

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

213.202.235.8 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Di, 22 Mrz 2022 11:22:48 GMT
Server: Microsoft-IIS/8.5
Date: Tue, 22 Mar 2022 11:22:47 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1756
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK dv-measurements2410.js Show response
cdn.doubleverify.com/ Frame F0B9 514 KB
95 KB 74ms
74ms Script
application/javascript 2a02:26f0:6c00:297::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2410.js
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:297::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: db1335289c05fcb5f3e8101af1228cc33885e85b9e90b1580c02d68b38669e07

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Tue, 22 Mar 2022 11:22:48 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Mar 2022 09:31:41 GMT
Server: Microsoft-IIS/10.0
ETag: "807c5a3cf3dd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 97077

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame FB45 86 KB
37 KB 92ms
92ms Script
text/javascript 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/.gSBgiDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: e228592b6eeac47570a78b2a89490390600b75ea4cf15f88893f92f39b3aeb0b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:48 GMT
content-encoding: gzip
last-modified: Thu, 10 Feb 2022 15:16:56 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 23 Mar 2022 15:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame FB45 35 B
467 B 74ms
73ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=53791991&csi=a0BQOP9mI8xvftZaui7t1P0RuDURqJN-_S9M55E9eFFLlA1cXL1hJUshhL91PgruVKT9HOD8xS1VUJ0Pu-YUgbQ8JIJob1sX0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:48 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 52150204.gif
s1.adform.net/Banners/52150204/ Frame FB45 29 KB
30 KB 96ms
96ms Image
image/gif 37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/52150204/52150204.gif?bv=3

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

c324541a58aa87fb3b5e89d3e50d0fce0ad7b527f64d19a90c192e7450f25098

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:48 GMT
last-modified: Fri, 11 Mar 2022 10:44:47 GMT
server: nginx
etag: "622b281f-7571"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 30065

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame F0B9 2 KB
1 KB 250ms
61ms Script
text/javascript 213.254.244.105
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=185&ttfrms=26&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2Tar9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2&srcurlD=0&aUrlD=0&ssl=https:&sup=optAd360&dfs=980&ddur=61&uid=1647948168481226&jsCallback=dvCallback_1647948168481946&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2410&tgjsver=2410&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Freport.if.ua%2F&fwc=0&fcl=265&flt=0&fec=1388&fcifrms=8&brh=2&sdf=2&dvp_epl=133&noc=4&ctx=11655933&cmp=2609027&sid=1358733&plc=53791991&crt=52150204&btreg=53791991&adsrv=178&advid=165376&crtname=cablemax_1000_220214_1456x180&turl=if.ua&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=40&btadserv=adform&DVP_ADTYPE=Image&DVP_LINE=8780949&DVPX_IMPID=40882306218977349&DVPX_GUID=8869034054910701405&DVPX_LAT=49.4544&DVPX_LONG=11.074&DVPX_PAGE=https%253a%252f%252freport.if.ua%252f&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1564.1554089899726&dvp_tukv=26027069414.10356&dvp_uuid=1414153491.9494958&dvp_tuid=635346741103
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2410.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.105 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 4f6a247abfff8876f6abfd38bfb34af9c9be78ff590d09673fa5432caf3d412e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:21:59 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 03/21/2022 11:22:48

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 91ms
90ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220317&jk=2270295730644327&bg=!7O-l76vNAAba2mK92to7ACkAdvg8Wlan8P_M1ks4cam2rqzGTA3Buhl5SsQpM4obCX8g6oiDHTIsmAIAAABoUgAAAAJoAQcKACNMRlf7RYm7ekluM9U63aPrQIL4e0RZQ_JZtY7racF5L2jtipkC0A5A-WCCLX9j_IX21QWEpUlIIGufsRPIc5R-qQE-n3o9ohakQnkrZjn0iDja709zWqCHtX-QXaoV5okchAeD3JYc4leR_G-9lf1y47Afbs2jKbEd_ZlWf81yalcwzcBz-y2F6qlIu8xFal4BZCqFy3_yKlL8cqIgtDKghepQnt8b3Xj2fndzEUYsGqWPj2HNW8ajk-cRIEciYP756Vx6fnQGIIyH1dUDShThb26P9GuCbjJUOhX58IC_H-1ve9LJBBbITsIomIGL1K1HnLkjYMv5Q9w6Wuryspy1vdwTdE3k_w7XUcRfaH6_nX9vtwHAXp50yFzaGD1SlDJT7ZBG1LSZRhnjFOjdR73G2xGI29hbpu8rla_49MDxlxDU7I7zm3_8wltGhsbfZJBdolp4u_JWumiP64CRKR9jamym6SyCSym8UJSs2RRW67uRLbYRmTDkhi2yre__YxEcel72UmDy9HeVBz6HQYDUZFS4rathxp28SkD8qp_jymo_ef7oEhMU3mVCP86vo4uvuA8oRS8qUlKImz0fp4XBd8VePjLBlLzsu12BZWZoy3OAi6sAZ0VcB1JNBkHj9kBMNHlVU1ErpzOEjbz3ShDeiDIOHvqapzDTX5Qh_aLkMMg-uKgSQUHhbxbUH-gsR3tOhIN-wJZxP2sax0yHHYgNJNSECx4Nkewz53i0UAa0JjADR9tvCepubSVZONil3nEkp9ARWtxreUVK7oROBEgZgUUisVfzZo7wU6bao1DNMKnIKF_SLF-ofz6LGVYRb0pe_iYYUyZgBCUxguA-uvUEp15zndDD2Nq6YJaFbsZTR0ymBtQZZhxOf8bpMzydpD2-YqXUoI6DoA_1LJQDUcyM-81KchkYk8sZvLaLQ60OFWVaaK8ZTQwNdNRB4g-7xwg_Wg54zgiFG0eP64BQTxZasOgO7_yF-ErwLJoqOscucuoamOhUZQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 3E7C 0
834 B 59ms
58ms Ping
text/html 37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Freport.if.ua%2F&e=wqT_3QK3BOg3AgAAAwDWAAUBCIbj5pEGEJ-L8eLy8KKlHBgAKjYJsKDPXDwmrD8Rl3At31w1qD8ZAAAAgBSu1z8hlw0SACkRJNAxAAAA4FG4rj8wyJzQBzjqUkD2CEhbUIbK-IgBWNfycWAAaNDCiwF43dcFgAEBigEDVVNEkgUG8O2YAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABAJICDENQZnM1UlVRclFvPdgC7tQD4ALQ_FDqAhVodHRwczovL3JlcG9ydC5pZi51YS-AAwCIAwGQAwCYAxegAwGqAycaFTIwMzg1OTUxOTQwMTk2NjEyMTVfMSoENTA2OToINDU3MDg5MTnAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDTgyLjE5OS4xMzAuNDKoBACyBA4IABABGNACIJgCMAA4ArgEAMAEAMgEANoEAggB4AQB8ASGIRBYiAUBmAUAoAWh1L_aw_mXsUrABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBYGJRPoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBq7yAdoGFgoQCRIZAVwQABgA4AYB8gYCCACABwGIBwCgBwG6Bw8BSUgYACAAMAA4ugZAAMgH3dcF0gcNFXcBOAjaBwYJJ0TgBwDqBwIIAPAH7vYDiggCEAA.&s=7fe0d6ec81fba21e698ae60e42aa6fd9d59e0bc3&type=pv&jm=1003|1018|1008&px=1065&py=763&bw=300&bh=250&sf=1&sid=6849153571434017154&vd=ct~0|rr~5&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15994440&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:48 GMT
X-Proxy-Origin: 82.199.130.42; 82.199.130.42; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6d4ffcf0-c902-4942-98e7-543fc33eecfd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame 3E7C 35 B
458 B 74ms
73ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8869034054910701405@@45708919,7561956560984356707,100|1100|0|0|0|0|0|0|0||43|0|1325|5359951837297371681_2038595194019661215_1|||1|0|0|BfddHHUdNipX7EYoWZQhUSDiu58hfepeRUnhtKODRAJbnevAl1RFyxhpnBRkvb3lA7z_uuw_WOM1|||11|0|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:49 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame 3E7C 35 B
303 B 73ms
73ms Image
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=45708919&event=178&time=2&baid=44823966&name=Viewable%20impressions&imprid=7561956560984356707&icid=8869034054910701405&eData=Gdd_M6lN-udyKgpN6OE7OkLefXOBh2p24fn4X_ACi5jAcNP7bJ8Z7WLLQyewWcVgdDgoXbQl91Eau94oJsHc8Q2&rtbdata=PeJbDGpokNvQPoDpt6O6FDFzpfhhNDdMG83hrGRvF37NA7LakeySyFHhb52wH9U4uqk7ELp8gbVE1dxl2BZtSZ0LquQ751yI50xj1cXPNTK3-H30iz0Fjn7svJkJRUhoIm-dR_oa_eySDbxvwSWkymBdTpXLHY5CeTqcoE3up6M5DHgPw5vtQJLqBcHmZPtZZPSVCRcBPzE1&rtbwp=0.054979-Vpap9gQZSvbCsGbqFwBckZm0USG3HwOu0&rnd=854629475

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:49 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame FB45 35 B
458 B 74ms
73ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&pud=D5lxjiTzwYFkqa29_xr8wOL0YFUtsQoHxr2_g7HvafvfbYTx0jZuJOOkOcIT1vGqc1O4rnZx1VepGLYq89a2NvTNuB5hOSyG9K1BlRhboTdM8fScu7wJJPC5s599VGZOb7OYKhZ0eNRJgz43tv4LGxN_Du9_LYauVpx9kHk7RcU1&unload=8869034054910701405@@53791991,40882306218977349,100|1200|0|0|0|0|0|0|0||41|0|1109|1b828b4d45d9440e85df2dccb2fcede2-1-1109_4053788d72a343d2855b4e063555c202|||1|0|0|PSWUrD3TYZC48M5tcwHHbSDiu58hfepenuZUyYXhaeFpIAxjCkqjwBhpnBRkvb3lA7z_uuw_WOM1|D3dO9oHMNt142u1ywTJ-2liBlduye4L3urNMmjgiykRG7fjXkzrUDJG4dWAZeGGw7-ItQUX26WT6J5VkPjn01jlZxUeWK0D6IDOloe5xNZmwZ5-gt9Iuo1CkPIp8OsEmfvu0Kil5L7nMAkmGOchprdXiLHTfaW5d3dNyS3qC9lKk6PDMoGN38JWmuAS3fAuTbuwx3WB898xSgvC0HTM99wQaFYhrd-oY0||11|0|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:49 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame FB45 35 B
467 B 74ms
73ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=8869034054910701405@@53791991,40882306218977349,100|1200|0|0|0|0|0|0|0||41|0|1109|1b828b4d45d9440e85df2dccb2fcede2-1-1109_4053788d72a343d2855b4e063555c202|||1|0|0|PSWUrD3TYZC48M5tcwHHbSDiu58hfepenuZUyYXhaeFpIAxjCkqjwBhpnBRkvb3lA7z_uuw_WOM1|D3dO9oHMNt142u1ywTJ-2liBlduye4L3urNMmjgiykRG7fjXkzrUDJG4dWAZeGGw7-ItQUX26WT6J5VkPjn01jlZxUeWK0D6IDOloe5xNZmwZ5-gt9Iuo1CkPIp8OsEmfvu0Kil5L7nMAkmGOchprdXiLHTfaW5d3dNyS3qC9lKk6PDMoGN38JWmuAS3fAuTbuwx3WB898xSgvC0HTM99wQaFYhrd-oY0||01|0|0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:49 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 /
track.adform.net/Serving/Event/ Frame FB45 35 B
303 B 74ms
74ms Image
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/Serving/Event/?bn=53791991&event=178&time=2&baid=52150204&name=Viewable%20impressions&imprid=40882306218977349&icid=8869034054910701405&eData=a0BQOP9mI8w4PQHznIeHfnh9ErTV8WMWYaJU2uM20NnAcNP7bJ8Z7Wf-7NXYyzg6C94phTAyA08au94oJsHc8Q2&adxvars=D3dO9oHMNt142u1ywTJ-2liBlduye4L3urNMmjgiykRG7fjXkzrUDJG4dWAZeGGw7-ItQUX26WT6J5VkPjn01jlZxUeWK0D6IDOloe5xNZmwZ5-gt9Iuo1CkPIp8OsEmfvu0Kil5L7nMAkmGOchprdXiLHTfaW5d3dNyS3qC9lKk6PDMoGN38JWmuAS3fAuTbuwx3WB898xSgvC0HTM99wQaFYhrd-oY0&rtbdata=Bi119AxlmbAYd-eLDxf7-nvKcax9mmV4RgfHs1Xlwqlip7AkSuwzb99zKvYmqj_FNxMrK5VfemSvg4jFumKLS7C53is-viyOivIVs4lhcmJXtgSGcvPC1Yc9CtlVEOGZe1bKYEf9kq57h_Cko5AVCgpWVCgl6K490jD3DAFjK8peT5CqUm1bRIgAw5-Smk_eapE5HxCbGTVgDIZbHfMXRgWBtZS71n-GFfvyievnAIs0aMwml4Zv7BrVPRD1tdxHGNb_ATLhl7THoZ0gxe9O4rftOFdXYAZNkNk7t2M4xJwyqqlYMU0tzywR7P8hmRxJUhDG55qBgjEnQNBEiXc8urCLULNV66XlL0jSnk0otj7ZqbSzEMz2rK0frOVHhDccs1qs5qMgCWQSfs7UZ1nI4to2hKqZB-eEuVjCKAgTY901&rtbwp=OFSA3vWReYRiQHP7cqBxuazboUFQG3yp0&rnd=353302651

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:49 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame FB45 35 B
486 B 73ms
73ms Ping
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1647948170092

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame FB45 0
267 B 55ms
55ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=9cb5954e84474c05babed79a7eb7ab0e&nav_pltfrm=Linux%20x86_64&cbust=1647948170125436
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:50 GMT
Vary: Origin
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 03/21/2022 11:22:50

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=8RRE-HxDRWwvMk9vT1pFRlBwbFhnbVlDOGdxMFN1K0dYUy9xTGlYeW5sNWtqUDJJNGNsTnhlekFOSUNFeVJvZFVDY05qQVJ0WkE3VzFVaG5PejFoLzk3bXBtcWtYQW9LUkRKeFo3SldlU0xvTXpOTlpDeGlqbjIwdVVyV0...

409 B
664 B

59ms
59ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=8RRE-HxDRWwvMk9vT1pFRlBwbFhnbVlDOGdxMFN1K0dYUy9xTGlYeW5sNWtqUDJJNGNsTnhlekFOSUNFeVJvZFVDY05qQVJ0WkE3VzFVaG5PejFoLzk3bXBtcWtYQW9LUkRKeFo3SldlU0xvTXpOTlpDeGlqbjIwdVVyV0Y3RDBoZlVsUWFiaDd4QnN6bFRLWEJjSXFyNEFueHA0bnhsV3h6RTBSbG1HWmEvbkJkSzNvVWpUN2hPQ2szWC9wRnV6S0J4MjZwdGdLRDFWRjdXdEk2RGJrVmZvb2s1OEhVV0JlSStMV2c3diszd2VQY3A2NVJOcjlwdCtMNzFqbDJNSmlLQnNqYlNSRE9WMnROMzZVYlhmUnRJWWxldz09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b4c3a9017231028a66f4ae3b540cf93c480ffc2952dd2182905c5d0e5852a53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3970
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
location: https://mug.criteo.com/sid?cpp=8RRE-HxDRWwvMk9vT1pFRlBwbFhnbVlDOGdxMFN1K0dYUy9xTGlYeW5sNWtqUDJJNGNsTnhlekFOSUNFeVJvZFVDY05qQVJ0WkE3VzFVaG5PejFoLzk3bXBtcWtYQW9LUkRKeFo3SldlU0xvTXpOTlpDeGlqbjIwdVVyV0Y3RDBoZlVsUWFiaDd4QnN6bFRLWEJjSXFyNEFueHA0bnhsV3h6RTBSbG1HWmEvbkJkSzNvVWpUN2hPQ2szWC9wRnV6S0J4MjZwdGdLRDFWRjdXdEk2RGJrVmZvb2s1OEhVV0JlSStMV2c3diszd2VQY3A2NVJOcjlwdCtMNzFqbDJNSmlLQnNqYlNSRE9WMnROMzZVYlhmUnRJWWxldz09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1678
content-length: 541
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 187ms
63ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://report.if.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://report.if.ua
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1512
date: Tue, 22 Mar 2022 11:22:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 0820 668 B
715 B 87ms
81ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: ebe40dbad8e27ffceb7ed3c5a83c28297b78e2f088c86c6578f0a82acfa2fe7c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 22 Mar 2022 11:22:50 GMT
content-type: text/html
content-length: 415
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 6ABD 1 KB
703 B 90ms
82ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

date: Tue, 22 Mar 2022 11:22:50 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6efe8d403b6e002a-LHR
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 25BC 1 KB
749 B 83ms
75ms Document
text/html 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

date: Tue, 22 Mar 2022 11:22:50 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6efe8d403b6c002a-LHR
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4B66 52 KB
17 KB 177ms
56ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Mar 2022 06:19:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 22 Mar 2022 11:22:50 GMT
Age: 18215
X-Served-By: cache-lga21955-LGA, cache-hhn4078-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 371885
X-Timer: S1647948170.394741,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2CF3 52 KB
17 KB 173ms
53ms Document
text/html 151.101.129.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.18.0 (Ubuntu)
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Thu, 17 Mar 2022 06:19:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 22 Mar 2022 11:22:50 GMT
Age: 18216
X-Served-By: cache-lga21955-LGA, cache-hhn4069-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 1, 372763
X-Timer: S1647948170.392464,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame EBB3 442 B
436 B 76ms
76ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

server: nginx
date: Tue, 22 Mar 2022 11:22:50 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 13:01:00 GMT
vary: Accept-Encoding

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame BDAE 442 B
344 B 76ms
76ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

server: nginx
date: Tue, 22 Mar 2022 11:22:50 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 13:01:00 GMT
vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 9EB0 668 B
727 B 66ms
66ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: ebe40dbad8e27ffceb7ed3c5a83c28297b78e2f088c86c6578f0a82acfa2fe7c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 22 Mar 2022 11:22:50 GMT
content-type: text/html
content-length: 415
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 9EB0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7b106239-b18a-4f00-8d06-9989ca2c0c21

43 B
61 B

64ms
63ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7b106239-b18a-4f00-8d06-9989ca2c0c21
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 22 Mar 2022 11:22:50 GMT
Server: MT3 4267 dd20a5c master cdg-pixel-x29 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=7b106239-b18a-4f00-8d06-9989ca2c0c21
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 22 Mar 2022 11:22:49 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9EB0
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=EqKI0Uahg4kJp4KMRvWW2RWnj4wJ8dqOQaJa3wi3

43 B
122 B

64ms
64ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=EqKI0Uahg4kJp4KMRvWW2RWnj4wJ8dqOQaJa3wi3
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=EqKI0Uahg4kJp4KMRvWW2RWnj4wJ8dqOQaJa3wi3
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 9EB0
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8869034054910701405

43 B
61 B

125ms
67ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8869034054910701405
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8869034054910701405
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 9EB0 70 B
264 B 174ms
56ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=6ed75caa-b9ef-3d9d-6c72-aa80d16b782a&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 9EB0 170 B
502 B 197ms
65ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDJiODhmNjAtNzA5OC02MzM5LTc5OTItZjAzOTFiODliNjRh

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 9EB0
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC94pe6YwQJrMEnFQkLQjnw&google_cver=1

43 B
106 B

65ms
65ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC94pe6YwQJrMEnFQkLQjnw&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEC94pe6YwQJrMEnFQkLQjnw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame EBB3 129 KB
34 KB 315ms
147ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 4f912a3cb60fe3a6da330f1fad768fb44b1179c8053111a429893d6ad74952ee

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:50 GMT
content-encoding: br
last-modified: Thu, 17 Mar 2022 13:22:25 GMT
server: nginx
etag: W/"029104da982797af53d68b5ffdc62e8c"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 0820
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5cb86239-b18a-4f00-bac9-aa157ed2cebb

43 B
61 B

64ms
64ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5cb86239-b18a-4f00-bac9-aa157ed2cebb
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 22 Mar 2022 11:22:50 GMT
Server: MT3 4267 dd20a5c master cdg-pixel-x28 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=5cb86239-b18a-4f00-bac9-aa157ed2cebb
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 22 Mar 2022 11:22:49 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0820
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=LOVSvXjmWeU34FjifuJM5i2zA-Y34ViyIrF_-wwC

43 B
106 B

67ms
67ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=LOVSvXjmWeU34FjifuJM5i2zA-Y34ViyIrF_-wwC
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=LOVSvXjmWeU34FjifuJM5i2zA-Y34ViyIrF_-wwC
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 0820
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8869034054910701405

43 B
61 B

123ms
65ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8869034054910701405
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8869034054910701405
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 0820 70 B
265 B 161ms
55ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=6ed75caa-b9ef-3d9d-6c72-aa80d16b782a&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 0820 170 B
232 B 185ms
66ms Image
image/png 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDJiODhmNjAtNzA5OC02MzM5LTc5OTItZjAzOTFiODliNjRh

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0820
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHRsyiqwvQJ1Knnfh4WOQLU&google_cver=1

43 B
106 B

64ms
64ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHRsyiqwvQJ1Knnfh4WOQLU&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 22 Mar 2022 11:22:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHRsyiqwvQJ1Knnfh4WOQLU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame BDAE 129 KB
33 KB 315ms
147ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 4f912a3cb60fe3a6da330f1fad768fb44b1179c8053111a429893d6ad74952ee

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:22:50 GMT
content-encoding: br
last-modified: Thu, 17 Mar 2022 13:22:25 GMT
server: nginx
etag: W/"029104da982797af53d68b5ffdc62e8c"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame 0AB1 0
0 88ms
79ms Document
text/plain 2606:4700:10::ac43:8ae
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.connectad.io/

Response headers

date: Tue, 22 Mar 2022 11:22:50 GMT
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6efe8d40ec84002a-LHR

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2CF3 0
743 B 67ms
67ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:50 GMT
X-Proxy-Origin: 82.199.130.42; 82.199.130.42; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d6e47715-bd94-4f41-82f3-11fd0a72eaf1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4B66 0
743 B 53ms
53ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:50 GMT
X-Proxy-Origin: 82.199.130.42; 82.199.130.42; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0f5861be-c1bf-4d1a-8ac3-3b4f7ebb523d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 170ms
57ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1125
date: Tue, 22 Mar 2022 11:22:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame F0B9 0
243 B 174ms
58ms Ping
text/plain 213.254.244.105
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=4788a22f31f14b57b0a6d834a630082b&gdpr=&gdpr_consent=&dvp_atali=1&vdur=251&eoid=8&msrjs=2410&nav_pltfrm=Linux%20x86_64&sdf=2&vit=2&isvelg=1&tltms=61&tetms=9&msltms=166&vltms=251&sei=289&vetms=6&engms=1&engisel=1&ttfurm=2281&cbust=1647948170739811
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2410.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.105 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://report.if.ua
Pragma: no-cache
Date: Tue, 22 Mar 2022 11:21:50 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 03/21/2022 11:22:50

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2CF3 0
743 B 54ms
53ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:51 GMT
X-Proxy-Origin: 82.199.130.42; 82.199.130.42; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f29df1cd-db68-4556-b93c-8c7aacfa0982
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4B66 0
743 B 59ms
59ms Script
text/html 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:51 GMT
X-Proxy-Origin: 82.199.130.42; 82.199.130.42; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a572a47c-92a5-4926-93bd-e4b193fc07d8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame F0B9 0
243 B 58ms
58ms Ping
text/plain 213.254.244.105
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=4788a22f31f14b57b0a6d834a630082b&gdpr=&gdpr_consent=&msrcanlm=456&msrcannum=3&eoid=10&ismms=35&isumms=34&isvelg=1&nvr=6&elmtp=6&isbxdms=2334&b11=2408&adhgt=90&adwdth=728&norwdth=728&norhgt=90&engisel=1&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&lftb=2408&sftb=2408&msrdp=3&naral=192&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=934&isuiabvms=934&ispmxpms=934&iscvmvms=934&engalms=33&dvp_hdnAd=0&dvp_dpr=1&cbust=1647948171739207
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2410.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.105 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://report.if.ua
Pragma: no-cache
Date: Tue, 22 Mar 2022 11:22:51 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 03/21/2022 11:22:51

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
report.if.ua/	1969-12-31 23:59:59	Name: b Value: b
report.if.ua/	1970-01-20 01:55:52	Name: __oagr Value: true
.report.if.ua/	1970-01-20 11:07:24	Name: __gads Value: ID=1c955384cde60aac-22f9890a63cd00a2:T=1647948166:RT=1647948166:S=ALNI_MZoLjLZE0lxdo4mIW5-38eIe1tqQw
.report.if.ua/	1970-01-20 19:17:00	Name: _ga Value: GA1.3.1120601684.1647948166
.report.if.ua/	1970-01-20 01:47:14	Name: _gid Value: GA1.3.1677605187.1647948167
.report.if.ua/	1970-01-20 01:45:48	Name: _gat_UA-7446216-8 Value: 1
.report.if.ua/	1970-01-20 01:45:48	Name: _gat Value: 1
report.if.ua/	1970-01-20 02:29:00	Name: _pbjs_userid_consent_data Value: 6683316680106290
.openx.net/	1970-01-20 10:31:24	Name: i Value: bd7b63f3-1068-026a-36a4-6268b54c4bd7\|1647948166
.adnxs.com/	1970-01-20 03:55:24	Name: icu Value: ChgIqupbEAoYASABKAEwh-PmkQY4AUABSAEQh-PmkQYYAA..
.adnxs.com/	1970-01-20 03:55:24	Name: uuid2 Value: 6229278451961943479
prebid.a-mo.net/	1970-01-20 10:31:24	Name: __amc Value: 1_1647948167_1647948167
.adform.net/	1970-01-20 02:30:22	Name: C Value: 1
.adform.net/	1970-01-20 03:12:12	Name: uid Value: 8869034054910701405
.adform.net/	1970-01-20 01:55:49	Name: TPC Value: 1647948167697
.criteo.com/	1970-01-20 11:07:24	Name: uid Value: fa2c96c7-1f2f-4617-a012-f5658c07494d
.vodafone.de/	1970-01-20 01:55:52	Name: oshop Value: queryparams\|\|b_id\|\|1791\|\|queryparams\|\|shopid\|\|2653
m.exactag.com/	1970-01-20 03:55:24	Name: exactag_new_gk Value: 994c79b163054e8892243e7f0b78232d%7c21.05.2022+11%3a22%3a48
m.exactag.com/	1970-01-20 06:05:00	Name: exactag_new_uk Value: 59b6fa84e5f44113b77ab157673e93bb%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 7247856f9ff44b6a981fbeb5
.report.if.ua/	1970-01-20 11:07:24	Name: cto_bundle Value: N7ZvzF9tVGZyY3FjJTJCZTJGNW0zVk9iNlVicW1RZThnTVB5MjlvSjVuTjQ1VTUlMkZEJTJCU3d1M3VIbXZldlUxVHNzYXZySGNUTGNxb2RaJTJGR05XTEl1bE9nWk15QmRFZGFoeGpGVXVleGVSRkRxJTJCektaM3E2c0tCQjB5U0tMR1huRVlTZUk3bTI4ZCUyRlEwdWNGa0wyREVDY05IUUgySlElM0QlM0Q
.openx.net/	1970-01-20 02:07:24	Name: pd Value: v2\|1647948170\|gekin0vNiygu
.mathtag.com/	1970-01-20 11:11:43	Name: uuid Value: 5cb86239-b18a-4f00-bac9-aa157ed2cebb
.quantserve.com/	1970-01-20 03:55:24	Name: d Value: EPMBDAHcJYqsMA
.quantserve.com/	1970-01-20 11:16:02	Name: mc Value: 6239b18a-79fd5-b7dbb-6968f
.doubleclick.net/	1970-01-20 11:07:24	Name: IDE Value: AHWqTUlonCbBA-EGQzpsxJ4PeFqCuYhnbB9PoOBounPxob5ctMdlLP8XRGK2YUeTiz8
report.if.ua/	1970-01-20 11:07:24	Name: cto_bundle Value: qmnfcV9na0E3VzExNzBDSkhwQ1JiSE9OeTZkRTcwcyUyQk56Rzh6bGE4TVZaRXFjelJpVnNlVkdIR2NzN0g1ZUJ6OVhodW1jZExOJTJCSUM5YSUyQjZSRmxSdHVRdUR3OGlXVEV2MU9VMmZHSEF4bWg1OUFnZjFjNWtON3dTT1BVUk1SQThlclFvRllCZyUyRkhpZHdIWms2THJvbTVKS0VrUSUzRCUzRA
report.if.ua/	1970-01-20 11:07:24	Name: cto_bidid Value: Buk7yl93N3FuZFJGYVA2aEtlSlFQOHJZM0xFUW9NeFB6ZFNwU0VTa09SYkgyYWhCWWN1MzM3STF1WGJqQWhQQnZEUEFWZlU4aVJjQWclMkZJcFRmOElqT3ljYU9TR05DTGc1MHBUV2NjJTJGdUtVS3JhSWMlM0Q

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://report.if.ua/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n638604&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://report.if.ua/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n638604&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1647948166&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647948166092&bpp=20&bdt=363&idt=287&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1390938128287&frm=20&pv=2&ga_vid=1120601684.1647948166&ga_sid=1647948166&ga_hid=658368509&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44760494%2C31064019&oid=2&pvsid=2270295730644327&pem=509&tmod=1745958221&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=302 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
bidder.criteo.com
c.bigmir.net
c1.adform.net
cdn.adnxs.com
cdn.connectad.io
cdn.doubleverify.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cmp.optad360.io
ep.umobile.pl
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
i.bigmir.net
i.connectad.io
ib.adnxs.com
m.exactag.com
match.adsrvr.org
mug.criteo.com
optad360-d.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
prebid-eu.creativecdn.com
prebid.a-mo.net
report.if.ua
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s1.adform.net
script.4dex.io
ssp.wp.pl
static.criteo.net
stats.g.doubleclick.net
std.wpcdn.pl
sync-eu.connectad.io
sync.mathtag.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
track.adform.net
us-u.openx.net
vfd2dyn.vodafone.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
116.202.115.24
142.250.186.98
145.40.89.200
151.101.129.108
178.250.0.157
178.250.2.131
18.196.61.57
184.30.20.185
185.184.8.65
185.29.134.248
193.239.68.97
193.239.71.100
212.24.97.24
212.77.98.32
212.77.99.29
213.202.235.8
213.254.244.105
216.58.212.130
2600:9000:2156:4600:11:a4de:2580:93a1
2600:9000:2156:8600:6:b871:4f00:93a1
2606:4700:10::ac43:8ae
2606:4700:20::681a:8a9
2606:4700::6810:5914
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:810::2002
2a00:1450:4001:812::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c1b::9d
2a02:2638::1c
2a02:2638::3
2a02:26f0:6c00:297::4469
34.149.12.213
35.244.159.8
37.157.4.25
37.157.5.73
37.252.172.250
37.252.172.37
52.223.40.198
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
1159ba1e605fff6cdf2a2d9b390446ca25df82d99b25cf1c4885ba173991590d
133974970cd7dafaa652f6cff32bc1a0dafd5ccd58e428ff06edd3c74e31833e
16911269b954d719131e55c9d03ccb94e3f2bd2e3d4660e7b8babc7da0ef2d7d
184deb86b295fd4d8bfa8831a98d80a927ecc6cca0c462ed7420a9f9775244c4
278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523
27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3
29e52d6b0e533f52222bf28d0aae2a8d35fcbcabceb43bb2530a8f5fe513363e
2b927269b7dc1de2e01e58f1961d50703804f6864d10cc378fbd45789a0bbe62
2e21a964827283c90136df48ebb19b20ebfe48896538cba6b11bea23e2524e77
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21
34131197a1a7924b4b11a25dc95c26c702361197c525864b2c869f884bfede53
3414b376c1370bd994dba8bd5f127a6a6044bac1d6449f1e6c5e6c06709c5394
35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575
392acc767fde3c94ae694ecf5d67bf3b5c67b12a1672f965a6cd7d5e2cd58a92
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5
40d52db54572a46c77a536ec00af3f87c7a5c6801cf6eee4da803160413e4666
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f6a247abfff8876f6abfd38bfb34af9c9be78ff590d09673fa5432caf3d412e
4f912a3cb60fe3a6da330f1fad768fb44b1179c8053111a429893d6ad74952ee
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566b34c4d71bc08e2fb2d0bfd37ab4b5962925780224e735ee4b3b4078f32502
5f548027c5ffdb9f8eacfc44b02c171700efdb0582cddee0418f8d70d5a5fe5e
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bf70ab6ae0ea7e3fad3e3b9d002ea184bb477c846d5737ffcef56e671e30b1
69242e9bb1aa9b1e5673970355a91e0343515771d5997634ec52e905156d1268
698d1c8b6895c4f9b464679593f5f3b788663e6d838bb2464717be764f1f8f41
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7022ca758ad0b7f4bd8269777b4a697ef25e950e23403b0da91a6857dd1484bc
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
76b6381c1fb8188c866c47b0a35662d78c02635169d0bba07312c24f62727559
776a52401ee01b1b32d1932f3b96e1c14aa6b41dfa02733b9b0ed7de0f7b3291
780802a25a1ee957b780c4225d602f7a9b743508a34b3ffe377972a4f19e0c33
7d14bf064d807a7df16b7b1e9c8681411495529f87ac134f94ad8f79ce8f04a5
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
80c5b31c4ff01592cb69df17391e5012e03875a606024a21fe01985bc43ea694
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86bef215839d394108752a84c58fbfa6f758fc9cfbd1261a1e5d03f0d08a853a
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88f3277a59899e2907f9bea69198d0f8b56ca1ce7ea41f6ec03e6fdd22e09606
8ac4bcc0313de9992ab7162eb615c404fb8808546af077f6ea64ec5254096b4c
8ae25182d624d7e40f385d089b038904daa8bf98d3d12a31891e4be48019632e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
922ff0555d06f7f194eb8dfbcba3457d9817df6e674ee8081d743fe47c03b54e
96fe5dfb2259a39cded0dda2b241d9877746504d1f3376857134218ff5703496
975120889cf431a23296fe30f190ec09e1117f8c771a62fdf6b13279c9f1a990
9bad7feb8f1dc630c9f35a0516ab1998c37c9d37a42afa1b8bab0030e5825e5a
9e6e1e8a0d6832a1a8f2aff9236a0f4b539bc3164953dfbcc0bf2afd09af68bc
9e86469b66d2c14b63473462f4ab066d19fcc609d4985b72a5c01be7c46cd92f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a455924192c13db118d571bd894b18a4ce83c939708219cef08a7550fcef0d21
a49a067ee6341744a4ff3db5441bff086963f3b38f161c541ce35a888d4eebdd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa0c1f186fe41751c67132a62f2f82589cf65734cf5401d83bd2f9e6d33d7834
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af31788831e6fba62fd7280d994fb8bec5a115c95bdb9dcee4001e7dc6b1786e
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a
b1ae9380fd51b15a8c48a056377860cdceb08bb60bd5bdd7ca229205cb4c101b
b40167fe65c2c59c276cd5f1dc808d45f23dd173b6635ab1ae94b2e6695a5a0f
b4c3a9017231028a66f4ae3b540cf93c480ffc2952dd2182905c5d0e5852a53a
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd25eda849836afa13c28db2f6cb0b7fd05a9c9f98ac7bba46fb54057ee3e780
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99
c324541a58aa87fb3b5e89d3e50d0fce0ad7b527f64d19a90c192e7450f25098
c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c8c0bf2a9db044ac1805b7fb5e1fbc5a02eafb48edb084a548755445bf11155f
cf1bf5bcae950b994962c4a3ba91a3746f1e08a651440e2e4d07c858ce5591a8
cfb8cf793f234253a8404d4b5221cb675709a3c15c8f5ca5416818c18fa17102
d0f7a26d388b4186c9b4f3b328cad51913a59278a64ba3f6bcf4f049bebd5893
d11994b9b0fe7ed20562f92629ee185772092671f5384918a2a0157e9db9900e
d3fea00c6c209c7892450e3d136f577270cc62010c38bb523f44da8558cf3fba
db1335289c05fcb5f3e8101af1228cc33885e85b9e90b1580c02d68b38669e07
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df6b8c313e6f8bedaecff057821bef45395fec20d5a546cbd404beb739e59658
e1e87b6deeb4dc26ab010a89388a93ab3a8119e1e0b3b207f4611a2672180f99
e228592b6eeac47570a78b2a89490390600b75ea4cf15f88893f92f39b3aeb0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
ebe40dbad8e27ffceb7ed3c5a83c28297b78e2f088c86c6578f0a82acfa2fe7c
edfde0b9fc743affdd7a09a95d1781d4db81e39249cfad9e1b19c944e21d66e8
fa271e135b72381d6726848d84bb2ae22468127fb5498f421479e1a383ce577c
fb9c1f346f27118e9c12f3134c1d7046555698dd752aeeb600ecab781ec34a7e
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

report.if.ua Open in urlscan Pro 212.24.97.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

158 Requests

94 %HTTPS

43 %IPv6

31 Domains

53 Subdomains

43 IPs

10 Countries

2418 kBTransfer

5621 kBSize

28 Cookies

61 Outgoing links

Page URL History

Redirected requests

158 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

report.if.ua Open in urlscan Pro
212.24.97.24 Public Scan

Screenshot
Live screenshot

Full Image

158
Requests

94 %
HTTPS

43 %
IPv6

31
Domains

53
Subdomains

43
IPs

10
Countries

2418 kB
Transfer

5621 kB
Size

28
Cookies

158 HTTP transactions
1 data transactions