report.if.ua Open in urlscan Pro
212.24.97.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://report.if.ua/
Effective URL:
https://report.if.ua/
Submission: On March 23 via api (March 23rd 2022, 11:11:40 am UTC) from GB — Scanned from GB

Summary HTTP 132 Redirects Links 61 Behaviour Indicators

Summary

This website contacted 39 IPs in 9 countries across 30 domains to perform 132 HTTP transactions. The main IP is 212.24.97.24, located in Lithuania and belongs to INTERNETO-VIZIJA, LT. The main domain is report.if.ua.
TLS certificate: Issued by R3 on February 3rd 2022. Valid for: 3 months.

This is the only time report.if.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	212.24.97.24 212.24.97.24	212531 (INTERNETO...) (INTERNETO-VIZIJA)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:226... 2600:9000:2260:9e00:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
5	116.202.115.24 116.202.115.24	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:9000:21f... 2600:9000:21f3:2c00:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
2	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
4	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700:10:... 2606:4700:10::6816:36ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
12	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	147.75.38.124 147.75.38.124	54825 (PACKET) (PACKET)
6	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
4	23.218.208.187 23.218.208.187	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.1.108 151.101.1.108	54113 (FASTLY) (FASTLY)
4	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
2	34.95.69.49 34.95.69.49	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	103.229.205.243 103.229.205.243	() ()
2 2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
4 4	37.157.2.239 37.157.2.239	198622 (ADFORM) (ADFORM)
2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2 4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2	212.77.98.32 212.77.98.32	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
132	39

27 212.24.97.24 (Lithuania) 1 redirects

ASN212531 (INTERNETO-VIZIJA, LT)
PTR: 20371.s.serverhost.name

report.if.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2260:9e00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 116.202.115.24 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.24.115.202.116.clients.your-server.de

ep.umobile.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:2c00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

optad360-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.218.208.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-187.deploy.static.akamaitechnologies.com

acdn.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
crcdn01.adnxs-simple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.108 (United States)

ASN54113 (FASTLY, US)

cdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.62 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

fra1-ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.69.49 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 49.69.95.34.bc.googleusercontent.com

i.clean.gg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.205.243 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.239 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl

std.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	report.if.ua 1 redirects report.if.ua	1 MB
13	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 205 cdn.adnxs.com — Cisco Umbrella Rank: 1232 fra1-ib.adnxs.com — Cisco Umbrella Rank: 8051 acdn.adnxs.com — Cisco Umbrella Rank: 523	77 KB
12	openx.net optad360-d.openx.net — Cisco Umbrella Rank: 54880 eu-u.openx.net — Cisco Umbrella Rank: 1751 us-u.openx.net — Cisco Umbrella Rank: 323	3 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	249 KB
9	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 689 gum.criteo.com — Cisco Umbrella Rank: 347 mug.criteo.com — Cisco Umbrella Rank: 3185	8 KB
8	adform.net 4 redirects adx.adform.net — Cisco Umbrella Rank: 4064 c1.adform.net — Cisco Umbrella Rank: 524	3 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	7 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
5	connectad.io i.connectad.io — Cisco Umbrella Rank: 6650 cdn.connectad.io — Cisco Umbrella Rank: 4108 sync-eu.connectad.io — Cisco Umbrella Rank: 2655	2 KB
5	umobile.pl ep.umobile.pl	5 KB
4	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 22697	969 B
4	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 102340 i.bigmir.net — Cisco Umbrella Rank: 189369	1 KB
4	gstatic.com fonts.gstatic.com	114 KB
3	optad360.io cmp.optad360.io — Cisco Umbrella Rank: 37034 get.optad360.io — Cisco Umbrella Rank: 24237	550 KB
2	wpcdn.pl std.wpcdn.pl — Cisco Umbrella Rank: 29822	67 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 293	529 B
2	quantserve.com 2 redirects pixel.quantserve.com — Cisco Umbrella Rank: 381	985 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 600	59 KB
2	clean.gg i.clean.gg — Cisco Umbrella Rank: 1247	15 B
2	adnxs-simple.com acdn.adnxs-simple.com — Cisco Umbrella Rank: 2477 crcdn01.adnxs-simple.com — Cisco Umbrella Rank: 3298	99 KB
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1055	551 B
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6130	348 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1689	24 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	1 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5368	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	645 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	41 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
132	30

	Domain	Requested by
27	report.if.ua	1 redirects report.if.ua
7	pagead2.googlesyndication.com	report.if.ua pagead2.googlesyndication.com tpc.googlesyndication.com
6	eu-u.openx.net	get.optad360.io eu-u.openx.net
6	ib.adnxs.com	get.optad360.io acdn.adnxs.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com report.if.ua
5	ep.umobile.pl	report.if.ua ep.umobile.pl
4	cm.g.doubleclick.net	2 redirects eu-u.openx.net
4	c1.adform.net	4 redirects
4	us-u.openx.net	eu-u.openx.net
4	gum.criteo.com	2 redirects static.criteo.net
4	fra1-ib.adnxs.com	get.optad360.io acdn.adnxs-simple.com cdn.adnxs.com
4	ssp.wp.pl	get.optad360.io
4	adx.adform.net	get.optad360.io
4	fonts.gstatic.com	fonts.googleapis.com
3	mug.criteo.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	i.bigmir.net	report.if.ua
2	std.wpcdn.pl	ssp.wp.pl
2	match.adsrvr.org	eu-u.openx.net
2	pixel.quantserve.com	2 redirects
2	sync.mathtag.com	2 redirects
2	acdn.adnxs.com	get.optad360.io
2	cdn.connectad.io	get.optad360.io
2	static.criteo.net	get.optad360.io static.criteo.net
2	i.clean.gg	acdn.adnxs-simple.com
2	prebid.a-mo.net	get.optad360.io
2	bidder.criteo.com	get.optad360.io
2	optad360-d.openx.net	get.optad360.io
2	prebid-eu.creativecdn.com	get.optad360.io
2	i.connectad.io	get.optad360.io
2	script.4dex.io	get.optad360.io script.4dex.io
2	stats.g.doubleclick.net	www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	get.optad360.io	report.if.ua get.optad360.io
1	sync-eu.connectad.io	cdn.connectad.io
1	www.google.com	tpc.googlesyndication.com
1	cdn.adnxs.com	get.optad360.io
1	crcdn01.adnxs-simple.com	get.optad360.io
1	acdn.adnxs-simple.com	get.optad360.io
1	cdn.jsdelivr.net	get.optad360.io
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.bigmir.net	report.if.ua
1	www.googletagmanager.com	report.if.ua
1	cmp.optad360.io	report.if.ua
1	fonts.googleapis.com	report.if.ua
132	47

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
radio.z-polus.info
if.gaszbut.com.ua
knyagynyn.if.ua
plus.google.com
pinterest.com
uragan.if.ua
typical.if.ua
www.adamson.ua
stanislaviv.org.ua
www.bigmir.net
my.oe.if.ua

Subject Issuer	Validity	Valid
report.if.ua R3	`2022-02-03` - `2022-05-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
ep.umobile.pl R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
c.bigmir.net R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
img.com.ua R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
*.wp.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-10` - `2023-03-15`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.a-mo.net R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
i.clean.gg GTS CA 1D4	`2022-02-14` - `2022-05-15`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.wpcdn.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-14` - `2022-05-15`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://report.if.ua/
Frame ID: FBCD81CCE8B5D4BC42987E411B7E4909
Requests: 81 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html
Frame ID: 0A87212670E76EAFEB5C6563E3AC120C
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22mpsche9i9onjptd0cr5nro0omej1648033894406%22,%22ac%22:1648033894553}
Frame ID: C567DC44072D7AD1F8BB5D251FEB3444
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22cdvvr53d5v7hfq1cfn29rutfko71648033894406%22,%22ac%22:1648033894608}
Frame ID: 41F8A115BB45236EBDDE6E320A6E35E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1648033894&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648033894495&bpp=65&bdt=271&idt=268&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8045867023681&frm=20&pv=2&ga_vid=1536942145.1648033895&ga_sid=1648033895&ga_hid=1595174910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21065724%2C31063247&oid=2&pvsid=2946172385093669&pem=653&tmod=1822968955&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=282
Frame ID: 8FA711DA2D3AF3DBC4B21CEB197C9699
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/video_player?data[act]=getextplayer&data[id]=300
Frame ID: 373A29221076A2903C6B767C6C6D8BB6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 68A1C945A7632B665D4641329D8A6214
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D8C9C07562F5F9DB210C4811FD65185C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9867401513DE60730201D6BCC47CEC43
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=report.if.ua
Frame ID: 7A12803B692BE22B10498BAF85140014
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: F6665BEF853E2CB3240C1E8CD967C013
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 658CE72A8A51D66DFC75E22AF6DB4FB5
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 58D4E6C25EE1364E029FA8A2C6EA2370
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 7229C76803B3ECC07ABB3A30EB4B36FF
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Frame ID: F144AEC3B3D801876FF1880E8DB3F676
Requests: 7 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 58298208C3EA4D8A365779659C02FBFD
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 134640F4A2C0A7AE091FB1376D62D8A2
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Frame ID: 4FD211D01E083B23873B35ECD76B7E0A
Requests: 7 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: ACD3ABACB386CE7C06D9A2396D6ED936
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Репортер - новини Івано-Франківська та Прикарпаття

Page URL History Show full URLs

http://report.if.ua/ HTTP 301
https://report.if.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

132
Requests

92 %
HTTPS

46 %
IPv6

30
Domains

47
Subdomains

39
IPs

9
Countries

2778 kB
Transfer

5101 kB
Size

22
Cookies

61 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/report.if.ua
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ifreporter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ifreporter
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/ifreporter
Title: YouTube

Search URL Search Domain Scan URL

URL: http://radio.z-polus.info/player/
Title: Західний полюс

Search URL Search Domain Scan URL

URL: https://if.gaszbut.com.ua/information-business/komercijni-propozicii-7?fbclid=IwAR2NaeN5WeY505O7mmQDH06Hw61MJsB8U6qK4LmtoXHAgh5UDsIzjGqfT0Q

Search URL Search Domain Scan URL

URL: https://knyagynyn.if.ua/?utm_source=newsletter&utm_medium=reportif&utm_campaign=reportif

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Favto%2Fvijna-z-rosiyeyu-vodiyam-zaboroneno-vykorystovuvaty-videoreyestratory%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Favto%2Fvijna-z-rosiyeyu-vodiyam-zaboroneno-vykorystovuvaty-videoreyestratory%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Favto%2Fvijna-z-rosiyeyu-vodiyam-zaboroneno-vykorystovuvaty-videoreyestratory%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Favto%2Fvijna-z-rosiyeyu-vodiyam-zaboroneno-vykorystovuvaty-videoreyestratory%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2F1-5.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Favto%2Fu-rogatynskomu-rajoni-legkovyk-vletiv-u-vantazhivku-dvoye-zagyblyh-foto%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Favto%2Fu-rogatynskomu-rajoni-legkovyk-vletiv-u-vantazhivku-dvoye-zagyblyh-foto%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Favto%2Fu-rogatynskomu-rajoni-legkovyk-vletiv-u-vantazhivku-dvoye-zagyblyh-foto%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Favto%2Fu-rogatynskomu-rajoni-legkovyk-vletiv-u-vantazhivku-dvoye-zagyblyh-foto%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fdtp-rohatyn_03.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Favto%2Fpershyj-pishov-u-rivnomu-netverezyj-vodij-vtratyv-avto-na-koryst-zsu%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Favto%2Fpershyj-pishov-u-rivnomu-netverezyj-vodij-vtratyv-avto-na-koryst-zsu%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Favto%2Fpershyj-pishov-u-rivnomu-netverezyj-vodij-vtratyv-avto-na-koryst-zsu%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Favto%2Fpershyj-pishov-u-rivnomu-netverezyj-vodij-vtratyv-avto-na-koryst-zsu%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fscreenshot_1.png

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Favto%2Fneh-j-shastat-ukravtodor-zaklykav-znimaty-dorozhni-znaky%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Favto%2Fneh-j-shastat-ukravtodor-zaklykav-znimaty-dorozhni-znaky%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Favto%2Fneh-j-shastat-ukravtodor-zaklykav-znimaty-dorozhni-znaky%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Favto%2Fneh-j-shastat-ukravtodor-zaklykav-znimaty-dorozhni-znaky%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F02%2F1-2.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fvideo%2Fpapa-rymskyj-zaklykav-svitovyh-lideriv-zupynyty-vijnu-v-ukrayini-video%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fvideo%2Fpapa-rymskyj-zaklykav-svitovyh-lideriv-zupynyty-vijnu-v-ukrayini-video%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fvideo%2Fpapa-rymskyj-zaklykav-svitovyh-lideriv-zupynyty-vijnu-v-ukrayini-video%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fvideo%2Fpapa-rymskyj-zaklykav-svitovyh-lideriv-zupynyty-vijnu-v-ukrayini-video%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fe89069cc-48d0-4774-81b2-a5e201b24434_cx0_cy7_cw0_w1023_r1_s.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fsocium%2Fbilshist-rosiyan-za-vijnu-z-ukrayinoyu-i-hochut-shchob-putin-pravyv-dovshe%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fsocium%2Fbilshist-rosiyan-za-vijnu-z-ukrayinoyu-i-hochut-shchob-putin-pravyv-dovshe%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fsocium%2Fbilshist-rosiyan-za-vijnu-z-ukrayinoyu-i-hochut-shchob-putin-pravyv-dovshe%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fsocium%2Fbilshist-rosiyan-za-vijnu-z-ukrayinoyu-i-hochut-shchob-putin-pravyv-dovshe%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2021%2F09%2Frosija.png

Search URL Search Domain Scan URL

URL: https://uragan.if.ua/
Title: <img class="banner-sidebar-1" src="https://report.if.ua/wp-content/uploads/2020/09/120047299_332843587798885_2443198252237337513_n.gif" alt="Ураган" width="300" height="100">

Search URL Search Domain Scan URL

URL: http://typical.if.ua/
Title: <img class="banner-sidebar-2" src="https://report.if.ua/wp-content/uploads/2019/05/60003335_842416096110354_211597374928191488_n.jpg" alt="Типовий Франківськ" width="1280" height="640">

Search URL Search Domain Scan URL

URL: https://www.adamson.ua/
Title: <img class="banner-sidebar-5" src="https://report.if.ua/wp-content/uploads/2022/01/adamson-new.jpg" alt="ADAMSON" width="1080" height="1080">

Search URL Search Domain Scan URL

URL: https://stanislaviv.org.ua/ua/
Title: <img class="banner-sidebar-4" src="https://report.if.ua/wp-content/uploads/2019/11/71790532_811210685963968_3902815547556888576_n.gif" alt="Готель Станіславів" width="468" height="60">

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fkultura%2Ffrankivska-galereya-ryatuye-z-pid-obstriliv-tvory-mystectva-i-dopomagaye-hudozhnykam%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fkultura%2Ffrankivska-galereya-ryatuye-z-pid-obstriliv-tvory-mystectva-i-dopomagaye-hudozhnykam%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fkultura%2Ffrankivska-galereya-ryatuye-z-pid-obstriliv-tvory-mystectva-i-dopomagaye-hudozhnykam%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fkultura%2Ffrankivska-galereya-ryatuye-z-pid-obstriliv-tvory-mystectva-i-dopomagaye-hudozhnykam%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fdsf2075-1.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fsocium%2Furoky-za-rozkladom-zno-pid-pytannyam-yak-uzhe-tyzhden-navchayutsya-frankivski-shkolyari%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fsocium%2Furoky-za-rozkladom-zno-pid-pytannyam-yak-uzhe-tyzhden-navchayutsya-frankivski-shkolyari%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fsocium%2Furoky-za-rozkladom-zno-pid-pytannyam-yak-uzhe-tyzhden-navchayutsya-frankivski-shkolyari%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fsocium%2Furoky-za-rozkladom-zno-pid-pytannyam-yak-uzhe-tyzhden-navchayutsya-frankivski-shkolyari%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2021%2F03%2Fonlajn-shkola-2.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Flyudy%2Fz-volonteriv-nauky-u-volontery-vijny-yak-naukove-mistechko-nova-energiya-stalo-gumanitarnym-habom%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Flyudy%2Fz-volonteriv-nauky-u-volontery-vijny-yak-naukove-mistechko-nova-energiya-stalo-gumanitarnym-habom%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Flyudy%2Fz-volonteriv-nauky-u-volontery-vijny-yak-naukove-mistechko-nova-energiya-stalo-gumanitarnym-habom%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Flyudy%2Fz-volonteriv-nauky-u-volontery-vijny-yak-naukove-mistechko-nova-energiya-stalo-gumanitarnym-habom%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fnova-enerhija3.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fgroshi%2Fbiznes-z-i-shodu-tryvayut-peremovyny-vlady-frankivska-z-troma-velykymy-firmamy%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fgroshi%2Fbiznes-z-i-shodu-tryvayut-peremovyny-vlady-frankivska-z-troma-velykymy-firmamy%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fgroshi%2Fbiznes-z-i-shodu-tryvayut-peremovyny-vlady-frankivska-z-troma-velykymy-firmamy%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fgroshi%2Fbiznes-z-i-shodu-tryvayut-peremovyny-vlady-frankivska-z-troma-velykymy-firmamy%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2020%2F04%2Frobota.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fsocium%2Fzanyattya-majster-klasy-ta-psyholog-de-u-frankivsku-organizovuyut-rozvagy-dlya-ditej%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fsocium%2Fzanyattya-majster-klasy-ta-psyholog-de-u-frankivsku-organizovuyut-rozvagy-dlya-ditej%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fsocium%2Fzanyattya-majster-klasy-ta-psyholog-de-u-frankivsku-organizovuyut-rozvagy-dlya-ditej%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fsocium%2Fzanyattya-majster-klasy-ta-psyholog-de-u-frankivsku-organizovuyut-rozvagy-dlya-ditej%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fvagabundo.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fgazeta%2Fne-sydity-vdoma-yak-frankivky-v-tylu-nablyzhuyut-peremogu-foto%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fgazeta%2Fne-sydity-vdoma-yak-frankivky-v-tylu-nablyzhuyut-peremogu-foto%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fgazeta%2Fne-sydity-vdoma-yak-frankivky-v-tylu-nablyzhuyut-peremogu-foto%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fgazeta%2Fne-sydity-vdoma-yak-frankivky-v-tylu-nablyzhuyut-peremogu-foto%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fvolontery-vijna-1-scaled.jpg

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

URL: https://my.oe.if.ua/
Title: <img src="https://report.if.ua/wp-content/uploads/2018/02/baner_reporter_300h100px-2.jpg" width="118px" height="51px">

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://report.if.ua/ HTTP 301
https://report.if.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 100

https://gum.criteo.com/sid/json?origin=publishertag&domain=report.if.ua&sn=ChromeSyncframe&so=0&topUrl=report.if.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=lfrWA3xwK2NWTDRzVXNLVlpRY01OaDdhRTBvall1TDFwSjdFU0FTTFZMSlovUXpjV25BWlJYTzNVNUNldHNHRFNzSjc1K3NDRFV3aGRFV2Evd09xbWcvUGJoa0xMZksrcFFuakdoNFk4V2krckx0V25odVBCVGVOck9pNlpFdmZhOUsrSktkbDZZNVRzbWxGTmh5c3l0OXUrbzNrRXFkKzV1SEdpYXd4WjB0czFraTFFWkpOR0hIZEt4RkplUHhTZCtET1BIaDEzQnVMcFBLVTR1OGdPRGxtN09zbU1uZjd0RGNRZEJySnJpSUZlY2VaeU1aRlhQL3crQkxxM0g3djAyR1BEZFRmaWM4YUs2amFlZWJscEhhbFhMQT09fA&cppv=2

Request Chain 102

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=DjzAIXxpL0F3UGpyZVZlaEJ4aTdpSmwwSmVBMWZoVTI5MnhDNkh2YWU1MDAwOWpVOXlWTDlwM0tFZ0ZDdkF2aTE5c1lwZU9qTWpJSzN6cjVQRndRZDN5K2J0ZHJ0QWFabHQwZkpONGwyVUNJczYxaHkyYzNrU1AwMVdJcjFSLzJzSVA5ODZ1QUF6dEQvbENRYU5RTGp2QTd1VVJnRERFQkc2Y2ZvdGNXR0NRUXJZb05lZkpxNkVaSDlTWmwrTU1KKzdxL2V1STJxYTVXS3Q3SlRSOTVZK2s2aUVHVzJid0p4MzNtMnZGWC9HcmNHaFRvMkhJQ2VhV01TeFROWlFqeFJac3E1ZTF6dmlRYWF3U2w5TVNzQmF4UjF4Zz09fA&cppv=2

Request Chain 112

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=67f5623b-006b-4a00-8c2a-d9d54bcb7f26

Request Chain 113

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=sanjy7er5siq-uXPtav9kb-u5siqo-ae5qoEv8XU

Request Chain 114

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5078777545963890431

Request Chain 117

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGBfGHLTodLjkBzTcVsdc5I&google_cver=1

Request Chain 118

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8d88623b-006b-4e00-90b5-d45ab983463f

Request Chain 119

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=LE3vjipP6o03HuraLhvx23wb6t43S73fLUueXrNY

Request Chain 120

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8838153095464278427

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENjeluHI4wITPZ3YFVz3F5M&google_cver=1

132 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
report.if.ua/
Redirect Chain

http://report.if.ua/
https://report.if.ua/

183 KB
23 KB

267ms
135ms

Document
text/html

212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 28e70f68e4fb170922e217c3603a7eaf3711481ef147c00e27d96d7954cc337a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

server: nginx
date: Wed, 23 Mar 2022 11:11:34 GMT
content-type: text/html; charset=UTF-8
x-cache-handler: cache-enabler-engine
content-encoding: gzip

Redirect headers

Server: nginx
Date: Wed, 23 Mar 2022 11:11:33 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://report.if.ua/

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
53 KB 156ms
71ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

132a5226602c9315126630a84b521cb0cb058ce5a4c99275135c1942793e0305

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.if.ua/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54624
x-xss-protection: 0
server: cafe
etag: 17369722650844036364
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 11:11:34 GMT

GET
H2 200 autoptimize_cc76c13dcac57a2b855958efed209d77.css
report.if.ua/wp-content/cache/autoptimize/css/ 689 KB
88 KB 69ms
67ms Stylesheet
text/css 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/cache/autoptimize/css/autoptimize_cc76c13dcac57a2b855958efed209d77.css
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: cfb8cf793f234253a8404d4b5221cb675709a3c15c8f5ca5416818c18fa17102

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:34 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 19:06:11 GMT
server: nginx
etag: W/"62323523-ac5da"
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 137ms
48ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

566b34c4d71bc08e2fb2d0bfd37ab4b5962925780224e735ee4b3b4078f32502

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 11:07:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 23 Mar 2022 11:11:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Mar 2022 11:11:34 GMT

GET
H2 200 jquery.min.js Show response
report.if.ua/wp-includes/js/jquery/ 87 KB
31 KB 192ms
191ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:34 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 14:33:11 GMT
server: nginx
etag: W/"60cf51a7-15d98"
content-type: application/javascript

GET
H2 200 4d4a3073-7c40-48e1-bbb9-4487f0b77435.min.js Show response
cmp.optad360.io/items/ 497 B
833 B 250ms
121ms Script
application/javascript 2600:9000:2260:9e00:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/4d4a3073-7c40-48e1-bbb9-4487f0b77435.min.js
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2260:9e00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 01:41:41 GMT
via: 1.1 bdb48db5b688ca8c8dee7661b221599a.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 08:54:56 GMT
server: AmazonS3
age: 34194
etag: "7acdc116a0830ba0aef5e087010246ba"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 497
x-amz-cf-id: 5nJMUFO8b5ryv6Tgl6pJnoKMmnzlslFTj2ORr3qENRBIS3_U1UgJfA==

GET
H/1.1 200
OK js_banner Show response
ep.umobile.pl/ 5 KB
2 KB 187ms
50ms Script
application/javascript 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22load%22}
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 5a3deb0b94a7fe72e5ed8c0b010a0ab9d65d81221f8f9b909e57bf67cb27a949

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 11:11:34 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 1382
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
53 KB 144ms
60ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1934008481619997

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44985d2003d93ff461190719e4f23a4cd0744071aec68d3c9490c01e9bdcb6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.if.ua/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53927
x-xss-protection: 0
server: cafe
etag: 16267757268764873202
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 11:11:34 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/ 371 KB
88 KB 168ms
66ms Script
application/javascript 2600:9000:21f3:2c00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/plugin.min.js
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a455924192c13db118d571bd894b18a4ce83c939708219cef08a7550fcef0d21

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 08:58:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: W/"a1f68c1c7c64925394855df7d8e42aaa"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-id: WIinZuQKaUSivNCrj-qj5g2YSpXD6CqvQf_lCCSyzz-j-K6mVrL8Qw==

GET
H/1.1 200
OK js_banner Show response
ep.umobile.pl/ 5 KB
2 KB 188ms
51ms Script
application/javascript 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22load%22}
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: ced4e3e29ab2a5121e25c0b439b77937278ceaf9ebdb905da9ddc90dc5448534

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 11:11:34 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 1385
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 autoptimize_522ab4cdefb0e46b4bbee965ac6dafce.js Show response
report.if.ua/wp-content/cache/autoptimize/js/ 155 KB
47 KB 74ms
73ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/cache/autoptimize/js/autoptimize_522ab4cdefb0e46b4bbee965ac6dafce.js
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 9bad7feb8f1dc630c9f35a0516ab1998c37c9d37a42afa1b8bab0030e5825e5a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:34 GMT
content-encoding: gzip
last-modified: Wed, 16 Mar 2022 19:06:11 GMT
server: nginx
etag: W/"62323523-26dda"
content-type: application/javascript

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/ 297 KB
107 KB 119ms
72ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3af3be18bbb22f052a409556ddbdb0893e21dfd11026441f518b006a843ef04e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109611
x-xss-protection: 0
server: cafe
etag: 8709437277619766574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Mar 2022 11:11:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/ Frame 0A87 10 KB
5 KB 128ms
38ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Tue, 22 Mar 2022 23:27:16 GMT
expires: Tue, 05 Apr 2022 23:27:16 GMT
cache-control: public, max-age=1209600
age: 42258
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
41 KB 143ms
57ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8FPFJ7

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18e6a6d025a56ddbf54046801d21a8c80e491b54061f027ecf69ba036578c6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41965
x-xss-protection: 0
last-modified: Wed, 23 Mar 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Mar 2022 11:11:34 GMT

GET
H/1.1 200
OK js_banner Show response
ep.umobile.pl/ Frame C567 381 B
730 B 68ms
68ms Document
text/html 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22mpsche9i9onjptd0cr5nro0omej1648033894406%22,%22ac%22:1648033894553}
Requested by: Host: ep.umobile.pl
URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22load%22}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 105cad142e7ae8289eed30619b57c5185a0016fa07976546f98391565c207506

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Server: nginx/1.18.0
Date: Wed, 23 Mar 2022 11:11:34 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 288
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v28/ 24 KB
24 KB 215ms
128ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:48:08 GMT
x-content-type-options: nosniff
age: 44606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:00:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:48:08 GMT

GET
H2 200 fontawesome-webfont.woff2
report.if.ua/wp-content/themes/reporternew/css/fontawesome/fonts/ 70 KB
70 KB 110ms
109ms Font
application/octet-stream 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/themes/reporternew/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: report.if.ua
URL: https://report.if.ua/wp-content/cache/autoptimize/css/autoptimize_cc76c13dcac57a2b855958efed209d77.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://report.if.ua/wp-content/cache/autoptimize/css/autoptimize_cc76c13dcac57a2b855958efed209d77.css
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:34 GMT
last-modified: Sun, 12 Nov 2017 09:46:16 GMT
server: nginx
accept-ranges: bytes
etag: "5a081868-118d8"
content-length: 71896
content-type: application/octet-stream

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v28/ 44 KB
44 KB 122ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:45:30 GMT
x-content-type-options: nosniff
age: 44764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:03:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:45:30 GMT

GET
H2 200 player.png
report.if.ua/wp-content/uploads/2017/12/ 4 KB
4 KB 95ms
95ms Image
image/png 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2017/12/player.png
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 7022ca758ad0b7f4bd8269777b4a697ef25e950e23403b0da91a6857dd1484bc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:34 GMT
last-modified: Tue, 12 Dec 2017 14:50:58 GMT
server: nginx
accept-ranges: bytes
etag: "5a2fecd2-10da"
content-length: 4314
content-type: image/png

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 162ms
95ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:30:55 GMT
x-content-type-options: nosniff
age: 574839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:03 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:30:55 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v22/ 23 KB
23 KB 180ms
115ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 19:31:18 GMT
x-content-type-options: nosniff
age: 574816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23040
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 19:31:18 GMT

GET
H/1.1 200
OK js_banner Show response
ep.umobile.pl/ Frame 41F8 381 B
733 B 64ms
63ms Document
text/html 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22cdvvr53d5v7hfq1cfn29rutfko71648033894406%22,%22ac%22:1648033894608}
Requested by: Host: ep.umobile.pl
URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22load%22}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e4787f71afe2365a1a7fb7c613e7837815e5ad40a855e11220792a97b538816b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Server: nginx/1.18.0
Date: Wed, 23 Mar 2022 11:11:34 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 291
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 133 B
424 B 374ms
97ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n82922&w0&y0&d24&r1600
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: c7210d084c3a4b7d3d98697f815dbc472bc7f1cea46d3bc8933a5cc77176f681

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 11:11:34 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 132ms
47ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=report.if.ua&callback=_gfp_s_&client=ca-pub-4857462492105343

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

240a12bd254203c4327b7ccfc4c4fee15fb6008ed8ce39a9caa570c3cfe6d938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 136ms
49ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=report.if.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
47ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=report.if.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 11:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FA7 603 B
67 B 105ms
58ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1648033894&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648033894495&bpp=65&bdt=271&idt=268&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8045867023681&frm=20&pv=2&ga_vid=1536942145.1648033895&ga_sid=1648033895&ga_hid=1595174910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21065724%2C31063247&oid=2&pvsid=2946172385093669&pem=653&tmod=1822968955&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=282

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 23 Mar 2022 11:11:34 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8FPFJ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4008
date: Wed, 23 Mar 2022 10:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 23 Mar 2022 12:04:46 GMT

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
461 KB 44ms
44ms Script
application/javascript 2600:9000:21f3:2c00:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 14:57:40 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
age: 12082435
etag: "6dd0a13bde35d2daa452bba998871016"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=360000000
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 471445
x-amz-cf-id: 5mCh8npie3VpdsWUfk69LcuWd2wAqH2eRhHVedUuD2AGaFU_sWAcRg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 94ms
47ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1595174910&t=pageview&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1606703745&gjid=690266008&cid=1536942145.1648033895&tid=UA-7446216-8&_gid=808922212.1648033895&_r=1&gtm=2wg3e0W8FPFJ7&z=2123848528

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 83ms
39ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1595174910&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sidebar%20banners&ea=Sidebar%201%20banner%20view&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=1536942145.1648033895&tid=UA-7446216-8&_gid=808922212.1648033895&gtm=2wg3e0W8FPFJ7&z=71149812

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 18:05:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61540
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b59_top.gif
i.bigmir.net/cnt/samples/diagonal/ 65 B
237 B 255ms
79ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_top.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-41"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 65
expires: Sat, 26 Mar 2022 11:11:35 GMT

GET
H2 200 b59_center.gif
i.bigmir.net/cnt/samples/diagonal/ 78 B
249 B 255ms
79ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_center.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-4e"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 78
expires: Sat, 26 Mar 2022 11:11:35 GMT

GET
H2 200 b59_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 66 B
237 B 255ms
79ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_bottom.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-42"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 66
expires: Sat, 26 Mar 2022 11:11:35 GMT

GET
H/1.1 200
OK video_player Show response
ep.umobile.pl/ Frame 373A 0
392 B 50ms
50ms Document
application/javascript 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/video_player?data[act]=getextplayer&data[id]=300
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Server: nginx/1.18.0
Date: Wed, 23 Mar 2022 11:11:35 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 47ms
47ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1595174910&t=pageview&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAEABAAAAAC~&jid=1639705635&gjid=2070598783&cid=1536942145.1648033895&tid=UA-7446216-8&_gid=808922212.1648033895&_r=1&_slc=1&z=175659954

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 logo_r_eu-1.svg
report.if.ua/wp-content/uploads/2017/12/ 9 KB
9 KB 63ms
62ms Image
image/svg+xml 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2017/12/logo_r_eu-1.svg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 1159ba1e605fff6cdf2a2d9b390446ca25df82d99b25cf1c4885ba173991590d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Sat, 09 Dec 2017 15:35:26 GMT
server: nginx
accept-ranges: bytes
etag: "5a2c02be-2369"
content-length: 9065
content-type: image/svg+xml

GET
H2 200 hab-370x247.jpg
report.if.ua/wp-content/uploads/2022/03/ 31 KB
31 KB 64ms
63ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/hab-370x247.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 7b909ee7ba17a6d199b973f03d44df8e2da992939c9b7270acfc91d3b74d5071

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Tue, 22 Mar 2022 17:13:12 GMT
server: nginx
accept-ranges: bytes
etag: "623a03a8-7bf5"
content-length: 31733
content-type: image/jpeg

GET
H2 200 maxresdefault-300x200.jpg
report.if.ua/wp-content/uploads/2016/11/ 6 KB
6 KB 65ms
63ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2016/11/maxresdefault-300x200.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: e96b2b1f95baeba077b14ef27cd51c365cc6356f56024f99ca611d1c7537a22f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Wed, 09 Nov 2016 12:40:09 GMT
server: nginx
accept-ranges: bytes
etag: "58231929-163a"
content-length: 5690
content-type: image/jpeg

GET
H2 200 dsf2075-1-110x73.jpg
report.if.ua/wp-content/uploads/2022/03/ 5 KB
5 KB 65ms
64ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/dsf2075-1-110x73.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 8ae25182d624d7e40f385d089b038904daa8bf98d3d12a31891e4be48019632e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Mon, 21 Mar 2022 13:20:07 GMT
server: nginx
accept-ranges: bytes
etag: "62387b87-1446"
content-length: 5190
content-type: image/jpeg

GET
H2 200 airbnb-110x73.jpg
report.if.ua/wp-content/uploads/2022/03/ 6 KB
6 KB 65ms
64ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/airbnb-110x73.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 80c5b31c4ff01592cb69df17391e5012e03875a606024a21fe01985bc43ea694

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Mon, 21 Mar 2022 12:32:08 GMT
server: nginx
accept-ranges: bytes
etag: "62387048-196e"
content-length: 6510
content-type: image/jpeg

GET
H2 200 nova-enerhija3-110x73.jpg
report.if.ua/wp-content/uploads/2022/03/ 5 KB
5 KB 66ms
65ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/nova-enerhija3-110x73.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: c8c0bf2a9db044ac1805b7fb5e1fbc5a02eafb48edb084a548755445bf11155f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Sun, 20 Mar 2022 14:25:09 GMT
server: nginx
accept-ranges: bytes
etag: "62373945-14e5"
content-length: 5349
content-type: image/jpeg

GET
H2 200 120047299_332843587798885_2443198252237337513_n.gif
report.if.ua/wp-content/uploads/2020/09/ 163 KB
164 KB 124ms
123ms Image
image/gif 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2020/09/120047299_332843587798885_2443198252237337513_n.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: cf1bf5bcae950b994962c4a3ba91a3746f1e08a651440e2e4d07c858ce5591a8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Wed, 23 Sep 2020 05:46:05 GMT
server: nginx
accept-ranges: bytes
etag: "5f6ae11d-28d3e"
content-length: 167230
content-type: image/gif

GET
H2 200 pozhezha-1-370x247.jpg
report.if.ua/wp-content/uploads/2022/03/ 52 KB
52 KB 126ms
126ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/pozhezha-1-370x247.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: eee108d4add238a62874e89b0a02173d2e1c3865ed2a65b5f4f281e69b2880de

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Wed, 23 Mar 2022 10:41:19 GMT
server: nginx
accept-ranges: bytes
etag: "623af94f-ce33"
content-length: 52787
content-type: image/jpeg

GET
H2 200 %D0%B0%D1%80%D0%BC%D1%96%D1%8F.jpg
report.if.ua/wp-content/uploads/2016/02/ 69 KB
69 KB 127ms
126ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2016/02/%D0%B0%D1%80%D0%BC%D1%96%D1%8F.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 752f1897c3888b60de89bca97c4910a0275fee33957e2c7f2ddc6449aacb578a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Mon, 01 Feb 2016 06:26:00 GMT
server: nginx
accept-ranges: bytes
etag: "56aefa78-11396"
content-length: 70550
content-type: image/jpeg

GET
H2 200 gazzbut-02122021.jpg
report.if.ua/wp-content/uploads/2021/12/ 32 KB
32 KB 124ms
123ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2021/12/gazzbut-02122021.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: af31788831e6fba62fd7280d994fb8bec5a115c95bdb9dcee4001e7dc6b1786e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Thu, 02 Dec 2021 10:31:55 GMT
server: nginx
accept-ranges: bytes
etag: "61a8a09b-7ed8"
content-length: 32472
content-type: image/jpeg

GET
H2 200 spilka-zabudivnykiv_580x96.gif
report.if.ua/wp-content/uploads/2021/11/ 275 KB
275 KB 124ms
123ms Image
image/gif 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2021/11/spilka-zabudivnykiv_580x96.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 133974970cd7dafaa652f6cff32bc1a0dafd5ccd58e428ff06edd3c74e31833e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Mon, 08 Nov 2021 16:45:18 GMT
server: nginx
accept-ranges: bytes
etag: "6189541e-44b9e"
content-length: 281502
content-type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 105ms
34ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7446216-8&cid=1536942145.1648033895&jid=1606703745&gjid=690266008&_gid=808922212.1648033895&_u=YAhAAEAAAAAAAC~&z=1675698985

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 23 Mar 2022 11:11:35 GMT
content-type: text/plain
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 100ms
35ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7446216-8&cid=1536942145.1648033895&jid=1639705635&gjid=2070598783&_gid=808922212.1648033895&_u=aAjAAEABAAAAAC~&z=952923972

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 23 Mar 2022 11:11:35 GMT
content-type: text/plain
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 164ms
50ms Preflight 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://report.if.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 23 Mar 2022 11:11:35 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://report.if.ua
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 154ms
51ms Preflight 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://report.if.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Wed, 23 Mar 2022 11:11:35 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://report.if.ua
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 95ms
34ms XHR
application/json 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220323

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a86b5d98958f8e84be939c5eb37f3fb09dddaa31ed15f5cf2d646b525ed6c1bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 25739
x-jsd-version: 1.0.1288
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19156-FRA, cache-itm18827-ITM
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"66c-Hn5uxGoumVf6IJoFTRyQ7OdtV9k"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6f06ba24ffb57599-LHR

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
940 B 107ms
42ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 93340
x-amz-request-id: txfc1bd4799a454239acb1c-00623993ca
x-amz-id-2: txfc1bd4799a454239acb1c-00623993ca
last-modified: Tue, 22 Mar 2022 09:15:21 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3pG7XIAtEpX21CqJgyXYJ9GDAdvsQ%2BSKrtdVU1rXuP3Qw00flVX6G5YoTk%2F2wm7PiY9oVosK557ES2yQDcOfhQv2M7bRzIXtyLr6BKarNzC6YtXVr%2BROTNiNYIUUqsNOrjw%2BeAKCVtgViSq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1647940521027959
cf-ray: 6f06ba250d45f3e7-LHR

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
406 B 209ms
106ms XHR
text/plain 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:35 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
38 B 154ms
83ms XHR
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6f06ba251c470702-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
17 B 183ms
59ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Wed, 23 Mar 2022 11:11:35 GMT
access-control-allow-credentials: true
server: nginx
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary: Origin
accept-ch-lifetime: 604800

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 108ms
34ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Wed, 23 Mar 2022 11:11:35 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 arj Show response
optad360-d.openx.net/w/1.0/ 173 B
592 B 120ms
43ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Freport.if.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=9eb7943c-9871-44f3-9a86-224468105bf7&nocache=1648033895135&gdpr=0&schain=1.0%2C1!optad360.com%2C4214681%2C1%2C%2C%2C&aus=336x280%2C360x300%2C300x250&divids=oa-360-1648033895030_t9dwzxgj3-0&aucs=&auid=543540636
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 3a235e36c2f598dda7192fc0d88b13cd2d14f0bac0dc91e83243cc368da1db7c

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:35 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://report.if.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
213 B 302ms
36ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=25436592678

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://report.if.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
346 B 300ms
104ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Wed, 23 Mar 2022 11:11:34 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 11
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 201ms
114ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3d73e417f23488387eb10a1e26d855fe883c2bebbb8e4f94a23c55955368572f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 11:11:35 GMT
X-Proxy-Origin: 5.187.21.99; 5.187.21.99; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fd244a6b-22af-4831-8c65-203542054145
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
205 B 328ms
135ms XHR
text/plain 147.75.38.124
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Wed, 23 Mar 2022 11:11:34 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 42
vary: origin, Accept-Encoding

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
172 B 176ms
58ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Wed, 23 Mar 2022 11:11:35 GMT
access-control-allow-credentials: true
server: nginx
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary: Origin
accept-ch-lifetime: 604800

GET
H2 200 arj Show response
optad360-d.openx.net/w/1.0/ 173 B
361 B 115ms
44ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Freport.if.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=2da6e29d-cfbf-4b35-bd5a-e12d0119945a&nocache=1648033895142&gdpr=0&schain=1.0%2C1!optad360.com%2C4214681%2C1%2C%2C%2C&aus=728x90%2C750x100%2C970x90&divids=oa-360-1648033895029_fljppaed7-undefined&aucs=&auid=543540636
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 27110463f91ef90dba793174f289d5cec4cf32bf1af68e6c122854d1ab0f986e

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:35 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://report.if.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
407 B 196ms
93ms XHR
text/plain 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:35 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 11 KB
6 KB 264ms
179ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

d2d90e68108a0659b74a2560729c78e6f152f795496cf75150ba1c6a295f320a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 23 Mar 2022 11:11:35 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 5.187.21.99; 5.187.21.99; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 856a0d70-3591-426b-95af-4afaced801bc
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 100ms
35ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Wed, 23 Mar 2022 11:11:35 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
418 B 136ms
75ms XHR
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6f06ba251c4b0702-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
214 B 293ms
35ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=21722209013

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://report.if.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 96ms
39ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 92837
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txba7f41889d7d4c7899750-0062399411
x-amz-id-2: txba7f41889d7d4c7899750-0062399411
last-modified: Tue, 22 Mar 2022 09:15:19 GMT
server: cloudflare
etag: W/"f6062b9ed3c12dab430d5d33afafadb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gR%2FSOc0Gbkyfwvyk4SR5OJjmUX6oXkX3kpBz12lGCXlx6Ie5B32luEU%2BIHmv1ufK07WNykxPqAcxWpyeH4XZXSiKSxuIbYyiGfrIG59zKLewztJ61nR6dFGK74MdWbqz0Q0ZmKQW1E7NbcWa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1647940519211847
cf-ray: 6f06ba25aa7a88b5-LHR
access-control-allow-headers: Authorization

GET
H2 200 hab-554x466.jpg
report.if.ua/wp-content/uploads/2022/03/ 70 KB
70 KB 101ms
101ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/hab-554x466.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 00fa48b94907001103991c3d0ac76d42065de4fa6f5bd97cf4e2f61135183bf5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Tue, 22 Mar 2022 17:13:09 GMT
server: nginx
accept-ranges: bytes
etag: "623a03a5-11698"
content-length: 71320
content-type: image/jpeg

GET
H2 200 ukryttja-306x466.jpg
report.if.ua/wp-content/uploads/2022/03/ 28 KB
28 KB 103ms
103ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/ukryttja-306x466.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 4acfed50af613d0b87e56449b9d8c8f593db9a099bc1c7800b36fac51bde28fa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Tue, 22 Mar 2022 12:48:53 GMT
server: nginx
accept-ranges: bytes
etag: "6239c5b5-6ea4"
content-length: 28324
content-type: image/jpeg

GET
H2 200 dsf2075-1-306x466.jpg
report.if.ua/wp-content/uploads/2022/03/ 54 KB
54 KB 104ms
104ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/dsf2075-1-306x466.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: b7c671a87daa0011ac2046cbc6c2245cd57c73ffb06949547c3544bf13b8d42e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Mon, 21 Mar 2022 13:20:01 GMT
server: nginx
accept-ranges: bytes
etag: "62387b81-d761"
content-length: 55137
content-type: image/jpeg

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1595174910&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Promo%20banners&ea=Top%20left%20banner%20view&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=1536942145.1648033895&tid=UA-7446216-8&_gid=808922212.1648033895&gtm=2wg3e0W8FPFJ7&z=11089247

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 18:05:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61540
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1595174910&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Promo%20banners&ea=Top%20right%20banner%20view&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=1536942145.1648033895&tid=UA-7446216-8&_gid=808922212.1648033895&gtm=2wg3e0W8FPFJ7&z=994864614

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Mar 2022 18:05:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 61540
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 101ms
54ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220317&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

163646283640d53ed194185f8b50624a65cb673a46e4b398bc436959b2bf4b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 23 Mar 2022 11:11:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10655
x-xss-protection: 0

GET
H2 200 photo_2022-03-21_15-41-30-370x247.jpg
report.if.ua/wp-content/uploads/2022/03/ 31 KB
31 KB 63ms
63ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/photo_2022-03-21_15-41-30-370x247.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 96fe5dfb2259a39cded0dda2b241d9877746504d1f3376857134218ff5703496

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Tue, 22 Mar 2022 07:38:04 GMT
server: nginx
accept-ranges: bytes
etag: "62397cdc-7b6b"
content-length: 31595
content-type: image/jpeg

GET
H2 200 60003335_842416096110354_211597374928191488_n.jpg
report.if.ua/wp-content/uploads/2019/05/ 45 KB
46 KB 64ms
64ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2019/05/60003335_842416096110354_211597374928191488_n.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: d0f7a26d388b4186c9b4f3b328cad51913a59278a64ba3f6bcf4f049bebd5893

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Mon, 13 May 2019 13:15:53 GMT
server: nginx
accept-ranges: bytes
etag: "5cd96e09-b5bf"
content-length: 46527
content-type: image/jpeg

GET
H2 200 vijna-8-370x247.jpg
report.if.ua/wp-content/uploads/2022/03/ 45 KB
45 KB 66ms
66ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/vijna-8-370x247.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: a0264638508487d9d7261928bd5cb12ebaa6dd2913dc20dd6d5a06afc59064c2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Wed, 23 Mar 2022 08:39:52 GMT
server: nginx
accept-ranges: bytes
etag: "623adcd8-b42e"
content-length: 46126
content-type: image/jpeg

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 139ms
47ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Mar 2022 11:11:35 GMT

GET
H/1.1 200
OK script.js Show response
acdn.adnxs-simple.com/strikeforce/ Frame 68A1 112 KB
39 KB 210ms
45ms Script
application/javascript 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 158ea3f9e71cc4bfeef3e274fc9ab9d29a2d1d24cdb94b5ee86664eef4cabf29

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 11:11:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Jan 2022 12:36:35 GMT
Server: nginx/1.18.0 (Ubuntu)
ETag: "61e805d3-1c12c"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Length: 39847
Expires: Thu, 24 Mar 2022 11:11:37 GMT

GET
H/1.1 200
OK 30ac5be5-4d1c-445c-9551-084df55b4ccc.jpg
crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981880/ Frame 68A1 59 KB
59 KB 200ms
45ms Image
image/jpeg 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://crcdn01.adnxs-simple.com/creative/p/806/2021/9/1/27981880/30ac5be5-4d1c-445c-9551-084df55b4ccc.jpg
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.19.0 /
Resource Hash: f5d85408365bdb06d11e13755763890a75959a726005fac641f95c8d63028f2c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 11:11:35 GMT
Last-Modified: Wed, 01 Sep 2021 11:27:27 GMT
Server: nginx/1.19.0
x-amz-request-id: ad633dd5-32fa-45f4-a349-8c7b30f3ff17
X-Clv-Request-Id: ad633dd5-32fa-45f4-a349-8c7b30f3ff17
ETag: "d0fca45b1c558d4b9b0ee882be347be1"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: max-age=3888000
X-Clv-S3-Version: 2.5
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 60281
Expires: Sat, 07 May 2022 11:11:35 GMT

GET
H/1.1 200
OK trk.js Show response
cdn.adnxs.com/v/s/224/ Frame 68A1 85 KB
29 KB 106ms
26ms Script
application/x-javascript 151.101.1.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adnxs.com/v/s/224/trk.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 23 Mar 2022 11:11:35 GMT
Content-Encoding: gzip
Age: 2340785
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 29216
X-Served-By: cache-lga21933-LGA, cache-lcy19242-LCY
Access-Control-Allow-Origin: *, *
Last-Modified: Thu, 24 Feb 2022 08:58:20 GMT
Server: AkamaiNetStorage
X-Timer: S1648033896.594880,VS0,VE0
ETag: "80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 24 Feb 2023 08:58:29 GMT
Cache-Control: max-age=31536000
Accept-Ranges: bytes
X-Cache-Hits: 2, 835513

GET
H/1.1 200
OK it
fra1-ib.adnxs.com/ Frame 68A1 0
811 B 136ms
43ms Image
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Freport.if.ua%252F&e=wqT_3QL-Cej-BAAAAwDWAAUBCOeA7JEGEJ2x18qZ_rCOCRgAKjYJ8WjjiLX49D4R_rH3f2E78D4ZAAAAgBSu1z8h_g0SACkRJNAxAAAA4FG4rj8wyJzQBzjqUkCmBkgCUJ7lwZMBWNfycWAAaNDCiwF42NYFgAEBigEDVVNEkgUG8FKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJYdWYoJ2EnLCAxODE1MTg3LCAxNjQ4MDMzODk1KTt1ZignaScsIDU2NjQxMiwgMTocADByJywgMzA5MzU5MjYyNh8A8JCSAvUDIUhWaEszQWlfbHBVUkVKN2x3Wk1CR0FBZzFfSnhNQVE0QUVBQVNLWUdVTWljMEFkWUFHRF9fX19fRDJnQWNBRjRBWUFCQVlnQkFaQUJBWmdCQWFBQkVxZ0JBN0FCQUxrQnI2OUtOYmI0OUQ3QkFhLXZTalcyLVBRLXlRRUFBQUFBQUFEd1A5a0JBQUFBAQ9sOERfZ0FZekpJdlVCck1Vbk41Z0NBS0FDQUxVQwEgCEFMMAkI8ExNQUNBY2dDQWRBQ0FkZ0NBZUFDQU9nQ0FQZ0NBSUFEQVpnREFib0RDVVpTUVRFNk5EWTFOLUFEOUMyQUJBQ0lCQUNRQkFDWUJBSEJCQQVaBQEIeVFRBQgFARhOZ0VBUEVFBQwFASBDSUJiRWtxUVUFDhxBQUR3UDdFRg0NARAEQkIdPwB5FSgMQUFBTjIoAABaLigA8Dw0QVVDOEFXamhJWUMtQVdUNVc2Q0JnTlZVMFNJQmdDUUJnR1lCZ0NoQnZGbzQ0aTEtT1EtcUFZQnNnWWtDHXAARR0MAEcdDABJHQw4dUFZS5oCmQEhWnhYUGt3OvkBWE5meWNTQUFLQUF4OFdqamlMWDQ1RDQ2MkUBFDBEMExVawHTAEElAQAxPSAARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRHRDwpEEuLtgC7tQD4ALQ_FDqAhVodHRwczovL3JlcG9ydC5pZi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIECzUuMTg3LjIxLjk5qAQAsgQNCAAQARjYBSBaMAA4ArgEAMAEAMgEANIEDTgwNiNGUkExOjQ2NTfaBAIIAeAEAfAEnmHXIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADiiCkAAyAfY1gXSBw0VdgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=90f9662751e227c56341ae44b11c6d7af45c808b

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 11:11:35 GMT
X-Proxy-Origin: 5.187.21.99; 5.187.21.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 84a586d6-4b1c-4b7f-8751-b7c8a64c997b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 dsf2075-1-370x247.jpg
report.if.ua/wp-content/uploads/2022/03/ 34 KB
34 KB 63ms
63ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/dsf2075-1-370x247.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 83497fd3890520391837404256ed7766c72bc68ffbfee224cd61e0bd8ab051d6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Mon, 21 Mar 2022 13:20:02 GMT
server: nginx
accept-ranges: bytes
etag: "62387b82-86dc"
content-length: 34524
content-type: image/jpeg

GET
H2 200 znimok-ekrana-136-370x247.png
report.if.ua/wp-content/uploads/2022/03/ 166 KB
166 KB 64ms
64ms Image
image/png 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/znimok-ekrana-136-370x247.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 7c8f42c1e11945703b065bd742b133c0ee04de68263b9e9ce57a2caa257a426d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
last-modified: Sun, 20 Mar 2022 07:14:16 GMT
server: nginx
accept-ranges: bytes
etag: "6236d448-2968b"
content-length: 169611
content-type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D8C9 13 KB
5 KB 88ms
39ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Mar 2022 10:37:37 GMT
expires: Thu, 23 Mar 2023 10:37:37 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9867 783 B
1 KB 135ms
48ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f1ba22db96df3c44278af7c983fe040d53b37e4715440c71e659a8726e70e014

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-h4yz2X/S8ytOTP8gwwJgkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 23 Mar 2022 11:11:35 GMT
date: Wed, 23 Mar 2022 11:11:35 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-h4yz2X/S8ytOTP8gwwJgkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

OPTIONS
H2 204 1a
i.clean.gg/ Frame 0
0 171ms
106ms Preflight
text/plain 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://report.if.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.21.6
date: Wed, 23 Mar 2022 11:11:35 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-max-age: 1728000
content-type: text/plain; charset=utf-8
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 200 1a Show response
i.clean.gg/ Frame 68A1 0
15 B 136ms
106ms XHR
application/octet-stream 34.95.69.49
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://i.clean.gg/1a
Requested by: Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.95.69.49 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 49.69.95.34.bc.googleusercontent.com
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 23 Mar 2022 11:11:36 GMT
via: 1.1 google
server: nginx/1.21.6
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Range
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK rd_log Show response
fra1-ib.adnxs.com/ Frame 68A1 0
811 B 43ms
43ms Script
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Freport.if.ua%2F&e=wqT_3QKKDOgKBgAAAwDWAAUBCOeA7JEGEJ2x18qZ_rCOCRgAKjYJ8WjjiLX49D4R_rH3f2E78D4ZAAAAgBSu1z8h_g0SACkRJNAxAAAA4FG4rj8wyJzQBzjqUkCmBkgCUJ7lwZMBWNfycWAAaNDCiwF42NYFgAEBigEDVVNEkgUG8FKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJYdWYoJ2EnLCAxODE1MTg3LCAxNjQ4MDMzODk1KTt1ZignaScsIDU2NjQxMiwgMTocADByJywgMzA5MzU5MjYyNh8A8JCSAvUDIUhWaEszQWlfbHBVUkVKN2x3Wk1CR0FBZzFfSnhNQVE0QUVBQVNLWUdVTWljMEFkWUFHRF9fX19fRDJnQWNBRjRBWUFCQVlnQkFaQUJBWmdCQWFBQkVxZ0JBN0FCQUxrQnI2OUtOYmI0OUQ3QkFhLXZTalcyLVBRLXlRRUFBQUFBQUFEd1A5a0JBQUFBAQ9sOERfZ0FZekpJdlVCck1Vbk41Z0NBS0FDQUxVQwEgCEFMMAkI8ExNQUNBY2dDQWRBQ0FkZ0NBZUFDQU9nQ0FQZ0NBSUFEQVpnREFib0RDVVpTUVRFNk5EWTFOLUFEOUMyQUJBQ0lCQUNRQkFDWUJBSEJCQQVaBQEIeVFRBQgFARhOZ0VBUEVFBQwFASBDSUJiRWtxUVUFDhxBQUR3UDdFRg0NARAEQkIdPwB5FSgMQUFBTjIoAABaLigA8Dw0QVVDOEFXamhJWUMtQVdUNVc2Q0JnTlZVMFNJQmdDUUJnR1lCZ0NoQnZGbzQ0aTEtT1EtcUFZQnNnWWtDHXAARR0MAEcdDABJHQw4dUFZS5oCmQEhWnhYUGt3OvkBWE5meWNTQUFLQUF4OFdqamlMWDQ1RDQ2MkUBFDBEMExVawHTAEElAQAxPSAARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRHRDgQS4u2ALu1APgAtD8UOoCFWh0dHBzOi8vcmVwb3J0LmlmLnVhL_ICEQoGQURWX0lEEgcxODE1MTg3BRQIQ1BHBRQYNDI5MzE1NQEUCAVDUAETYAgzNTk5ODUyN_ICDQoIQURWX0ZSRVESATAFEBxSRU1fVVNFUgUQAAwJIBhDT0RFEgDyAQ8BVxEPEAsKB0NQFQ4QDwoFSU8BYAAGaX8A8gEgBElPFSA4EwoPQ1VTVE9NX01PREVMASoUAPICGgoWMhYAHExFQUZfTkFNBXAIHgoaNh0ACEFTVAE-EElGSUVEAT4cDQoIU1BMSVQBTfCBATCAAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIECzUuMTg3LjIxLjk5qAQAsgQNCAAQARjYBSBaMAA4ArgEAMAEAMgEANIEDTgwNiNGUkExOjQ2NTfaBAIIAeAEAfAEnoHjIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADiiCkAAyAfY1gXSBw0VdgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=c51f1e33d464bfe7c0cb4eb39f2bbcb3eac41ed7&bdref=https%3A%2F%2Freport.if.ua%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Freport.if.ua%2F,https%3A%2F%2Freport.if.ua%2F&

Requested by

Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 11:11:35 GMT
X-Proxy-Origin: 5.187.21.99; 5.187.21.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1b793a91-90a4-4043-be2d-9066ad35b416
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js Show response
pagead2.googlesyndication.com/bg/ Frame D8C9 35 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13798
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 08:58:54 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9867 0
0 87ms
86ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220317&jk=2946172385093669&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 68A1 0
830 B 50ms
50ms Ping
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Freport.if.ua%2F&e=wqT_3QL-Cej-BAAAAwDWAAUBCOeA7JEGEJ2x18qZ_rCOCRgAKjYJ8WjjiLX49D4R_rH3f2E78D4ZAAAAgBSu1z8h_g0SACkRJNAxAAAA4FG4rj8wyJzQBzjqUkCmBkgCUJ7lwZMBWNfycWAAaNDCiwF42NYFgAEBigEDVVNEkgUG8FKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJYdWYoJ2EnLCAxODE1MTg3LCAxNjQ4MDMzODk1KTt1ZignaScsIDU2NjQxMiwgMTocADByJywgMzA5MzU5MjYyNh8A8JCSAvUDIUhWaEszQWlfbHBVUkVKN2x3Wk1CR0FBZzFfSnhNQVE0QUVBQVNLWUdVTWljMEFkWUFHRF9fX19fRDJnQWNBRjRBWUFCQVlnQkFaQUJBWmdCQWFBQkVxZ0JBN0FCQUxrQnI2OUtOYmI0OUQ3QkFhLXZTalcyLVBRLXlRRUFBQUFBQUFEd1A5a0JBQUFBAQ9sOERfZ0FZekpJdlVCck1Vbk41Z0NBS0FDQUxVQwEgCEFMMAkI8ExNQUNBY2dDQWRBQ0FkZ0NBZUFDQU9nQ0FQZ0NBSUFEQVpnREFib0RDVVpTUVRFNk5EWTFOLUFEOUMyQUJBQ0lCQUNRQkFDWUJBSEJCQQVaBQEIeVFRBQgFARhOZ0VBUEVFBQwFASBDSUJiRWtxUVUFDhxBQUR3UDdFRg0NARAEQkIdPwB5FSgMQUFBTjIoAABaLigA8Dw0QVVDOEFXamhJWUMtQVdUNVc2Q0JnTlZVMFNJQmdDUUJnR1lCZ0NoQnZGbzQ0aTEtT1EtcUFZQnNnWWtDHXAARR0MAEcdDABJHQw4dUFZS5oCmQEhWnhYUGt3OvkBWE5meWNTQUFLQUF4OFdqamlMWDQ1RDQ2MkUBFDBEMExVawHTAEElAQAxPSAARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRHRDwpEEuLtgC7tQD4ALQ_FDqAhVodHRwczovL3JlcG9ydC5pZi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIECzUuMTg3LjIxLjk5qAQAsgQNCAAQARjYBSBaMAA4ArgEAMAEAMgEANIEDTgwNiNGUkExOjQ2NTfaBAIIAeAEAfAEnmHXIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADiiCkAAyAfY1gXSBw0VdgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=90f9662751e227c56341ae44b11c6d7af45c808b&type=nv&nvt=5&jm=1003&px=436&py=1110&bw=728&bh=90&sid=8874240341947806577&vd=ct~0|rr~0&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15994440&cid=3&cr=nv&sw=1600&sh=1200&pw=1600&ph=6565&ww=1600&wh=1200&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 11:11:35 GMT
X-Proxy-Origin: 5.187.21.99; 5.187.21.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 249e7f5d-2f6e-448d-b2e3-e77c9c5b729f
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D8C9 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?B0PmOg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 109ms
40ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:36 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Mar 2022 11:11:36 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 7A12 13 KB
5 KB 210ms
37ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=report.if.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2340
date: Wed, 23 Mar 2022 11:11:35 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 110ms
43ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:36 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 02:42:25 GMT
server: nginx
etag: W/"6226c291-1834f"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 24 Mar 2022 11:11:36 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220317&jk=2946172385093669&bg=!8_Cl8LTNAAba2mK92to7ACkAdvg8WrukMhSwAL6vwTVgmDhCaDKk4rR-NoeZQqXxl1rM3IH7fQ8fBwIAAABcUgAAAAJoAQeZAtTNuSpTNVKwwfzaE8G8qtkAakJ_weJcarvkaZPpZA7KRgTTugkaGGrGYbLYybroBywtVUZ6RBlWP2pBfBuTMDXD-sFZe6ksOpkbYsgTaQ_xON0uiHgh25ovLT5Q_l2vMUrhppy31t4nsbaiz2jK7b5nfHOXF0DTlj6GnD85M7uBkradSDbxL_kEK-89rCxUKKdddY_1xCYkUztS7yyvdjmhNH7THJMz--moh8kAOuJ6fOkxEP3qhEdkHIzGeE88CyLrGKMpGI_Y3y02h8UKOziXsI_kWJ5qr4ecR7gGYJCIWyzquUNLcYw2gugRP19cp3cpCMc6HSBAEIwQIQ3KAHBScXNR7cE_A_RVq1dMIXIRO_Yl95AXXAYi7b7shKowY-9wLNqdqOucQLK6zIxeixe7YnIrbUQorFnT9m1B8LknwA3QFcvpy-P-l3IuqG_CSOWuh8DyBLMCymXUKFmDg0JXmbfMgw9ZCkbCWDfL2ytIP6Mi3mURsZOhC1t9Y-ZvQDz2TIqIvqFIv4Di9ZY5iJWFnevLs3wuFuTRdE9A5b9op43ZmqvpAaFCCIjNYLq1BfuhAZBCQ2kdoizKaNpv0cnrH0bBNCSADNPFJJmfZGJAHYmH7nRB6UCNNCBWyzz5YfTQv6zahdO95rIr4lZ3O_5vXuFOkTxyocWHRm7DHXoFZ9bcFvSQED0oexEaoeWD8eYXe1GXTlXj77x8-og6cueYQpzh8HAVNzdce0rqwzf1XDSN4Wj5AgSLftxkfmgwfvC6-rzXlDxiygHhVgdAWnA3nw-4kGciZmflnkx8GGZWiU09h_jpgnDBhCS4Gs2-UP8ZRea80EBgaIYwIBtBCyeRBV2LBGNus5RkcGlE9j7kD49flNcVTp9zMErOzTPlQZs75K0gReHIgAHWTN-n1vsBWPvcjODBPeIz_JfgVW3gVcL1wOW08rVrVUtjvBdw8Dy9zkrS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adamson-new.jpg
report.if.ua/wp-content/uploads/2022/01/ 53 KB
53 KB 64ms
63ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/01/adamson-new.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: d32e7e5cf2cfc593cce176e05f9e737cac07fd325be7e16d3a5e94dfb291d9c7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:36 GMT
last-modified: Sun, 30 Jan 2022 12:41:00 GMT
server: nginx
accept-ranges: bytes
etag: "61f6875c-d522"
content-length: 54562
content-type: image/jpeg

GET
H2

200

sid Show response
mug.criteo.com/ Frame 7A12
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=report.if.ua&sn=ChromeSyncframe&so=0&topUrl=report.if.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=lfrWA3xwK2NWTDRzVXNLVlpRY01OaDdhRTBvall1TDFwSjdFU0FTTFZMSlovUXpjV25BWlJYTzNVNUNldHNHRFNzSjc1K3NDRFV3aGRFV2Evd09xbWcvUGJoa0xMZksrcFFuakdoNFk4V2krckx0V25odVBCVGVOck9pNl...

441 B
636 B

256ms
37ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=lfrWA3xwK2NWTDRzVXNLVlpRY01OaDdhRTBvall1TDFwSjdFU0FTTFZMSlovUXpjV25BWlJYTzNVNUNldHNHRFNzSjc1K3NDRFV3aGRFV2Evd09xbWcvUGJoa0xMZksrcFFuakdoNFk4V2krckx0V25odVBCVGVOck9pNlpFdmZhOUsrSktkbDZZNVRzbWxGTmh5c3l0OXUrbzNrRXFkKzV1SEdpYXd4WjB0czFraTFFWkpOR0hIZEt4RkplUHhTZCtET1BIaDEzQnVMcFBLVTR1OGdPRGxtN09zbU1uZjd0RGNRZEJySnJpSUZlY2VaeU1aRlhQL3crQkxxM0g3djAyR1BEZFRmaWM4YUs2amFlZWJscEhhbFhMQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

6a2ad3a82145af305ac0b9b1fa4cce2e24ba17c53a7cb7e4321b9815f957c110

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:36 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 5101
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:36 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=lfrWA3xwK2NWTDRzVXNLVlpRY01OaDdhRTBvall1TDFwSjdFU0FTTFZMSlovUXpjV25BWlJYTzNVNUNldHNHRFNzSjc1K3NDRFV3aGRFV2Evd09xbWcvUGJoa0xMZksrcFFuakdoNFk4V2krckx0V25odVBCVGVOck9pNlpFdmZhOUsrSktkbDZZNVRzbWxGTmh5c3l0OXUrbzNrRXFkKzV1SEdpYXd4WjB0czFraTFFWkpOR0hIZEt4RkplUHhTZCtET1BIaDEzQnVMcFBLVTR1OGdPRGxtN09zbU1uZjd0RGNRZEJySnJpSUZlY2VaeU1aRlhQL3crQkxxM0g3djAyR1BEZFRmaWM4YUs2amFlZWJscEhhbFhMQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1865
content-length: 541
expires: 0

POST
H/1.1 200
OK vevent
fra1-ib.adnxs.com/ Frame 68A1 0
830 B 43ms
43ms Ping
text/html 37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Freport.if.ua%2F&e=wqT_3QL-Cej-BAAAAwDWAAUBCOeA7JEGEJ2x18qZ_rCOCRgAKjYJ8WjjiLX49D4R_rH3f2E78D4ZAAAAgBSu1z8h_g0SACkRJNAxAAAA4FG4rj8wyJzQBzjqUkCmBkgCUJ7lwZMBWNfycWAAaNDCiwF42NYFgAEBigEDVVNEkgUG8FKYAdgFoAFaqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEAigJYdWYoJ2EnLCAxODE1MTg3LCAxNjQ4MDMzODk1KTt1ZignaScsIDU2NjQxMiwgMTocADByJywgMzA5MzU5MjYyNh8A8JCSAvUDIUhWaEszQWlfbHBVUkVKN2x3Wk1CR0FBZzFfSnhNQVE0QUVBQVNLWUdVTWljMEFkWUFHRF9fX19fRDJnQWNBRjRBWUFCQVlnQkFaQUJBWmdCQWFBQkVxZ0JBN0FCQUxrQnI2OUtOYmI0OUQ3QkFhLXZTalcyLVBRLXlRRUFBQUFBQUFEd1A5a0JBQUFBAQ9sOERfZ0FZekpJdlVCck1Vbk41Z0NBS0FDQUxVQwEgCEFMMAkI8ExNQUNBY2dDQWRBQ0FkZ0NBZUFDQU9nQ0FQZ0NBSUFEQVpnREFib0RDVVpTUVRFNk5EWTFOLUFEOUMyQUJBQ0lCQUNRQkFDWUJBSEJCQQVaBQEIeVFRBQgFARhOZ0VBUEVFBQwFASBDSUJiRWtxUVUFDhxBQUR3UDdFRg0NARAEQkIdPwB5FSgMQUFBTjIoAABaLigA8Dw0QVVDOEFXamhJWUMtQVdUNVc2Q0JnTlZVMFNJQmdDUUJnR1lCZ0NoQnZGbzQ0aTEtT1EtcUFZQnNnWWtDHXAARR0MAEcdDABJHQw4dUFZS5oCmQEhWnhYUGt3OvkBWE5meWNTQUFLQUF4OFdqamlMWDQ1RDQ2MkUBFDBEMExVawHTAEElAQAxPSAARhEYDEFBQUcdGABHHRgASB0YEEhnQWlRHRDwpEEuLtgC7tQD4ALQ_FDqAhVodHRwczovL3JlcG9ydC5pZi51YS-AAwCIAwGQAwCYAxegAwGqAwDAA6wCyAMA2AMA4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIECzUuMTg3LjIxLjk5qAQAsgQNCAAQARjYBSBaMAA4ArgEAMAEAMgEANIEDTgwNiNGUkExOjQ2NTfaBAIIAeAEAfAEnmHXIIgFAZgFAKAF_xEBGAHABQDJBQAFARTwP9IFCQkFC3wAAADYBQHgBQHwBeGoHPoFBAgAEACQBgCYBgC4BgDBBgEhMAAA8D_QBvgB2gYWChAJERkBXBAAGADgBgHyBgIIAIAHAYgHAKAHAboHDwFISBgAIAAwADiiCkAAyAfY1gXSBw0VdgE4CNoHBgknROAHAOoHAggA8AequRGKCAIQAA..&s=90f9662751e227c56341ae44b11c6d7af45c808b&type=pv&jm=1003&px=436&py=1110&bw=728&bh=90&sf=1&sid=8874240341947806577&vd=ct~0|rr~6&sv=224&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=15994440&cid=3&cr=pv&ft=2

Requested by

Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 11:11:36 GMT
X-Proxy-Origin: 5.187.21.99; 5.187.21.99; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0135650b-4abc-4d97-b364-892cd571be06
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=DjzAIXxpL0F3UGpyZVZlaEJ4aTdpSmwwSmVBMWZoVTI5MnhDNkh2YWU1MDAwOWpVOXlWTDlwM0tFZ0ZDdkF2aTE5c1lwZU9qTWpJSzN6cjVQRndRZDN5K2J0ZHJ0QWFabHQwZkpONGwyVUNJczYxaHkyYzNrU1AwMVdJcj...

427 B
670 B

35ms
34ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=DjzAIXxpL0F3UGpyZVZlaEJ4aTdpSmwwSmVBMWZoVTI5MnhDNkh2YWU1MDAwOWpVOXlWTDlwM0tFZ0ZDdkF2aTE5c1lwZU9qTWpJSzN6cjVQRndRZDN5K2J0ZHJ0QWFabHQwZkpONGwyVUNJczYxaHkyYzNrU1AwMVdJcjFSLzJzSVA5ODZ1QUF6dEQvbENRYU5RTGp2QTd1VVJnRERFQkc2Y2ZvdGNXR0NRUXJZb05lZkpxNkVaSDlTWmwrTU1KKzdxL2V1STJxYTVXS3Q3SlRSOTVZK2s2aUVHVzJid0p4MzNtMnZGWC9HcmNHaFRvMkhJQ2VhV01TeFROWlFqeFJac3E1ZTF6dmlRYWF3U2w5TVNzQmF4UjF4Zz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1c605fbeacf565a871fba0c610881f2f8826248547b4640b3f8de3f8916d9564

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:37 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2919
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
location: https://mug.criteo.com/sid?cpp=DjzAIXxpL0F3UGpyZVZlaEJ4aTdpSmwwSmVBMWZoVTI5MnhDNkh2YWU1MDAwOWpVOXlWTDlwM0tFZ0ZDdkF2aTE5c1lwZU9qTWpJSzN6cjVQRndRZDN5K2J0ZHJ0QWFabHQwZkpONGwyVUNJczYxaHkyYzNrU1AwMVdJcjFSLzJzSVA5ODZ1QUF6dEQvbENRYU5RTGp2QTd1VVJnRERFQkc2Y2ZvdGNXR0NRUXJZb05lZkpxNkVaSDlTWmwrTU1KKzdxL2V1STJxYTVXS3Q3SlRSOTVZK2s2aUVHVzJid0p4MzNtMnZGWC9HcmNHaFRvMkhJQ2VhV01TeFROWlFqeFJac3E1ZTF6dmlRYWF3U2w5TVNzQmF4UjF4Zz09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1910
content-length: 541
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 103ms
35ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://report.if.ua
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://report.if.ua
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1774
date: Wed, 23 Mar 2022 11:11:37 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame F666 1 KB
712 B 67ms
59ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

date: Wed, 23 Mar 2022 11:11:38 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6f06ba39c94a0702-LHR
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 658C 52 KB
17 KB 169ms
44ms Document
text/html 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 24 Mar 2022 11:11:40 GMT
Date: Wed, 23 Mar 2022 11:11:38 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 58D4 1 KB
749 B 64ms
57ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

date: Wed, 23 Mar 2022 11:11:38 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6f06ba39c9480702-LHR
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 7229 442 B
436 B 59ms
58ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

server: nginx
date: Wed, 23 Mar 2022 11:11:38 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 13:01:00 GMT
vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame F144 668 B
720 B 41ms
35ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 5654da61ce77b3e21454d6fc1366a1c55724d21f5742088d628a52cec4cd4d1c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 23 Mar 2022 11:11:38 GMT
content-type: text/html
content-length: 420
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 5829 442 B
344 B 59ms
58ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

server: nginx
date: Wed, 23 Mar 2022 11:11:38 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 13:01:00 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 1346 52 KB
17 KB 171ms
45ms Document
text/html 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Thu, 24 Mar 2022 11:11:40 GMT
Date: Wed, 23 Mar 2022 11:11:38 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 4FD2 668 B
731 B 35ms
31ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 5654da61ce77b3e21454d6fc1366a1c55724d21f5742088d628a52cec4cd4d1c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Wed, 23 Mar 2022 11:11:38 GMT
content-type: text/html
content-length: 420
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 4FD2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=67f5623b-006b-4a00-8c2a-d9d54bcb7f26

43 B
61 B

33ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=67f5623b-006b-4a00-8c2a-d9d54bcb7f26
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:39 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 23 Mar 2022 11:11:39 GMT
Server: MT3 4267 dd20a5c master nrt-pixel-x18 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=67f5623b-006b-4a00-8c2a-d9d54bcb7f26
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 23 Mar 2022 11:11:38 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4FD2
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=sanjy7er5siq-uXPtav9kb-u5siqo-ae5qoEv8XU

43 B
106 B

33ms
32ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=sanjy7er5siq-uXPtav9kb-u5siqo-ae5qoEv8XU
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=sanjy7er5siq-uXPtav9kb-u5siqo-ae5qoEv8XU
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 4FD2
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5078777545963890431

43 B
61 B

62ms
31ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5078777545963890431
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5078777545963890431
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 4FD2 70 B
265 B 125ms
39ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=860af618-b3a6-3166-45e7-49e728c6ade6&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 4FD2 170 B
502 B 138ms
49ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWE2NTI1ZDItN2FkMS02ZmMyLTUwMDctMTM1ZWUyMjQ2Mzg2

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 4FD2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGBfGHLTodLjkBzTcVsdc5I&google_cver=1

43 B
122 B

31ms
30ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGBfGHLTodLjkBzTcVsdc5I&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGBfGHLTodLjkBzTcVsdc5I&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame F144
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8d88623b-006b-4e00-90b5-d45ab983463f

43 B
61 B

31ms
31ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8d88623b-006b-4e00-90b5-d45ab983463f
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:39 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Wed, 23 Mar 2022 11:11:39 GMT
Server: MT3 4267 dd20a5c master nrt-pixel-x5 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8d88623b-006b-4e00-90b5-d45ab983463f
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 23 Mar 2022 11:11:38 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F144
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=LE3vjipP6o03HuraLhvx23wb6t43S73fLUueXrNY

43 B
106 B

31ms
31ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=LE3vjipP6o03HuraLhvx23wb6t43S73fLUueXrNY
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=LE3vjipP6o03HuraLhvx23wb6t43S73fLUueXrNY
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame F144
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8838153095464278427

43 B
61 B

64ms
35ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8838153095464278427
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8838153095464278427
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame F144 70 B
264 B 137ms
53ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=860af618-b3a6-3166-45e7-49e728c6ade6&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame F144 170 B
232 B 137ms
50ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YWE2NTI1ZDItN2FkMS02ZmMyLTUwMDctMTM1ZWUyMjQ2Mzg2

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F144
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENjeluHI4wITPZ3YFVz3F5M&google_cver=1

43 B
106 B

33ms
31ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENjeluHI4wITPZ3YFVz3F5M&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Mar 2022 11:11:38 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESENjeluHI4wITPZ3YFVz3F5M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 7229 128 KB
34 KB 415ms
117ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: f2cff1100cc71ad3125e8bd749d88c5534aeea023f7a73a78bde9b0b1df4ffbb

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:38 GMT
content-encoding: br
last-modified: Wed, 23 Mar 2022 10:07:13 GMT
server: nginx
etag: W/"97cd7b3b5d3edb3d6c8c3c419d3b78e5"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 5829 128 KB
33 KB 415ms
118ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: f2cff1100cc71ad3125e8bd749d88c5534aeea023f7a73a78bde9b0b1df4ffbb

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:11:38 GMT
content-encoding: br
last-modified: Wed, 23 Mar 2022 10:07:13 GMT
server: nginx
etag: W/"97cd7b3b5d3edb3d6c8c3c419d3b78e5"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame ACD3 0
0 71ms
62ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.connectad.io/

Response headers

date: Wed, 23 Mar 2022 11:11:38 GMT
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6f06ba3a5a3b0702-LHR

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 101ms
33ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1053
date: Wed, 23 Mar 2022 11:11:37 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 658C 0
739 B 43ms
43ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 11:11:38 GMT
X-Proxy-Origin: 5.187.21.99; 5.187.21.99; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7928e924-105b-43fe-b91f-25142731dc15
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1346 0
739 B 58ms
57ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 11:11:38 GMT
X-Proxy-Origin: 5.187.21.99; 5.187.21.99; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ac125ba8-092a-4767-82a6-6c094009afb0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 658C 0
739 B 52ms
52ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 11:11:39 GMT
X-Proxy-Origin: 5.187.21.99; 5.187.21.99; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7348e2df-8902-43ac-853c-70a2d73af448
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 1346 0
739 B 98ms
97ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Mar 2022 11:11:39 GMT
X-Proxy-Origin: 5.187.21.99; 5.187.21.99; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 07830c11-d398-4424-b4c2-7b08fb950196
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
report.if.ua/	1969-12-31 23:59:59	Name: b Value: b
report.if.ua/	1970-01-20 01:57:18	Name: __oagr Value: true
.report.if.ua/	1970-01-20 11:08:49	Name: __gads Value: ID=b9de332192fba687-2249585864cd000f:T=1648033894:RT=1648033894:S=ALNI_Mbt2ykA5YqOfNONB2qAPfwH65HapQ
.report.if.ua/	1970-01-20 19:18:25	Name: _ga Value: GA1.3.1536942145.1648033895
.report.if.ua/	1970-01-20 01:48:40	Name: _gid Value: GA1.3.808922212.1648033895
.report.if.ua/	1970-01-20 01:47:13	Name: _gat_UA-7446216-8 Value: 1
.report.if.ua/	1970-01-20 01:47:13	Name: _gat Value: 1
report.if.ua/	1970-01-20 02:30:25	Name: _pbjs_userid_consent_data Value: 6683316680106290
.openx.net/	1970-01-20 10:32:49	Name: i Value: 55a6c941-1a21-0e91-1f31-810f4ce19e1b\|1648033895
.adnxs.com/	1970-01-20 03:56:49	Name: icu Value: ChgIqupbEAoYASABKAEw54DskQY4AUABSAEQ54DskQYYAA..
.adnxs.com/	1970-01-20 03:56:49	Name: uuid2 Value: 2205069652451747051
prebid.a-mo.net/	1970-01-20 10:32:49	Name: __amc Value: 1_1648033895_1648033895
.criteo.com/	1970-01-20 11:08:49	Name: uid Value: ae7c08a2-bdc4-4aa5-a274-2e39953a3f94
.report.if.ua/	1970-01-20 11:08:49	Name: cto_bundle Value: 4C7bx19la243RWlPcktDNnQ5amhENWYlMkZhREluJTJGWDVQRmw5RiUyQkxRRk9PT2wybmd1JTJGSUtKNU5SMUpSNGl0UG54aHdNS3V2NGk3ZkhMRVY3TlBObnc5a29UU0dBRXJVa2cxamxZalJpNkJGU21mYmlPVktGOGolMkJmaWklMkYzT0ZBNFpzd0JueEt6bmM5cktsb0hpUnM2d285TTRLemclM0QlM0Q
.openx.net/	1970-01-20 02:08:49	Name: pd Value: v2\|1648033898\|gekin0vNiygu
.doubleclick.net/	1970-01-20 11:08:49	Name: IDE Value: AHWqTUksv40FIudtaxlrrZjyGmWJHnvlW78JVtyeoakw0cAO1nE8UqrTS9XVI3CWYUk
.quantserve.com/	1970-01-20 03:56:49	Name: d Value: EPIBDAHdJYqsMA
.quantserve.com/	1970-01-20 11:17:28	Name: mc Value: 623b006a-a664d-7fd62-4a374
.adform.net/	1970-01-20 02:31:52	Name: C Value: 1
.adform.net/	1970-01-20 03:13:37	Name: uid Value: 8838153095464278427
report.if.ua/	1970-01-20 11:08:49	Name: cto_bundle Value: VFogS19pMTA1OWEyQSUyQjdJJTJGMDUwUTNNTjJhWWE3bVJqNGYlMkJ4VkdzN0dEUW5GbVdEVUlPTXNaaXZRVSUyQkpBcTgwcGgwJTJCVFJwTFh3TWRCY2sydmlVb3U0MHJOaCUyQlJyTzF4OVZ5TSUyQll3U05teXh2MmJycHI5JTJCOW9vN3RQaHY1b05xSkI4ZHZmbmY1VXJEYjJjdHN6dXRTS0NsSXRnJTNEJTNE
report.if.ua/	1970-01-20 11:08:49	Name: cto_bidid Value: U6Efzl83QUZ5c1ZDZHFtNnNHdGx6TSUyRjVFeCUyRkpWcGMlMkZsOVBXajVaZTU0b1NvSHQlMkZiekNzemJhS3FPOFlmeFRnOVdOVFo2TzRzcXJSZFQ4SUlBJTJGQzlDMUdzNmxUY0pCQlBsWWlmUkVGdGZPZEtReVUlM0Q

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://report.if.ua/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n82922&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://report.if.ua/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n82922&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1648033894&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648033894495&bpp=65&bdt=271&idt=268&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8045867023681&frm=20&pv=2&ga_vid=1536942145.1648033895&ga_sid=1648033895&ga_hid=1595174910&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21065724%2C31063247&oid=2&pvsid=2946172385093669&pem=653&tmod=1822968955&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=282 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs-simple.com
acdn.adnxs.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
bidder.criteo.com
c.bigmir.net
c1.adform.net
cdn.adnxs.com
cdn.connectad.io
cdn.jsdelivr.net
cm.g.doubleclick.net
cmp.optad360.io
crcdn01.adnxs-simple.com
ep.umobile.pl
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
i.bigmir.net
i.clean.gg
i.connectad.io
ib.adnxs.com
match.adsrvr.org
mug.criteo.com
optad360-d.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
prebid-eu.creativecdn.com
prebid.a-mo.net
report.if.ua
script.4dex.io
ssp.wp.pl
static.criteo.net
stats.g.doubleclick.net
std.wpcdn.pl
sync-eu.connectad.io
sync.mathtag.com
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
103.229.205.243
116.202.115.24
142.250.186.162
142.250.186.98
147.75.38.124
151.101.1.108
178.250.2.131
178.250.2.146
185.184.8.65
193.239.68.97
193.239.71.100
212.24.97.24
212.77.98.32
212.77.99.29
23.218.208.187
2600:9000:21f3:2c00:11:a4de:2580:93a1
2600:9000:2260:9e00:6:b871:4f00:93a1
2606:4700:10::6816:36ce
2606:4700:20::681a:8a9
2606:4700::6810:5814
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:809::2001
2a00:1450:4001:812::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2004
2a00:1450:400c:c0c::9d
2a02:2638:1::3
2a02:2638::1c
3.33.220.150
34.95.69.49
34.98.64.218
37.157.2.239
37.157.4.25
37.252.172.249
37.252.173.62
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
00fa48b94907001103991c3d0ac76d42065de4fa6f5bd97cf4e2f61135183bf5
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
105cad142e7ae8289eed30619b57c5185a0016fa07976546f98391565c207506
1159ba1e605fff6cdf2a2d9b390446ca25df82d99b25cf1c4885ba173991590d
132a5226602c9315126630a84b521cb0cb058ce5a4c99275135c1942793e0305
133974970cd7dafaa652f6cff32bc1a0dafd5ccd58e428ff06edd3c74e31833e
158ea3f9e71cc4bfeef3e274fc9ab9d29a2d1d24cdb94b5ee86664eef4cabf29
163646283640d53ed194185f8b50624a65cb673a46e4b398bc436959b2bf4b35
18e6a6d025a56ddbf54046801d21a8c80e491b54061f027ecf69ba036578c6a8
1c605fbeacf565a871fba0c610881f2f8826248547b4640b3f8de3f8916d9564
240a12bd254203c4327b7ccfc4c4fee15fb6008ed8ce39a9caa570c3cfe6d938
27110463f91ef90dba793174f289d5cec4cf32bf1af68e6c122854d1ab0f986e
278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523
28e70f68e4fb170922e217c3603a7eaf3711481ef147c00e27d96d7954cc337a
3373dca69883fd4d5298c955d822359a23e9c3658b63e06b483e251c10024f21
35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575
3a235e36c2f598dda7192fc0d88b13cd2d14f0bac0dc91e83243cc368da1db7c
3af3be18bbb22f052a409556ddbdb0893e21dfd11026441f518b006a843ef04e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3d73e417f23488387eb10a1e26d855fe883c2bebbb8e4f94a23c55955368572f
3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5
44985d2003d93ff461190719e4f23a4cd0744071aec68d3c9490c01e9bdcb6dc
4acfed50af613d0b87e56449b9d8c8f593db9a099bc1c7800b36fac51bde28fa
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5654da61ce77b3e21454d6fc1366a1c55724d21f5742088d628a52cec4cd4d1c
566b34c4d71bc08e2fb2d0bfd37ab4b5962925780224e735ee4b3b4078f32502
5a3deb0b94a7fe72e5ed8c0b010a0ab9d65d81221f8f9b909e57bf67cb27a949
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a2ad3a82145af305ac0b9b1fa4cce2e24ba17c53a7cb7e4321b9815f957c110
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7022ca758ad0b7f4bd8269777b4a697ef25e950e23403b0da91a6857dd1484bc
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
752f1897c3888b60de89bca97c4910a0275fee33957e2c7f2ddc6449aacb578a
7b909ee7ba17a6d199b973f03d44df8e2da992939c9b7270acfc91d3b74d5071
7c8f42c1e11945703b065bd742b133c0ee04de68263b9e9ce57a2caa257a426d
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
80c5b31c4ff01592cb69df17391e5012e03875a606024a21fe01985bc43ea694
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83497fd3890520391837404256ed7766c72bc68ffbfee224cd61e0bd8ab051d6
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8ae25182d624d7e40f385d089b038904daa8bf98d3d12a31891e4be48019632e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96fe5dfb2259a39cded0dda2b241d9877746504d1f3376857134218ff5703496
9bad7feb8f1dc630c9f35a0516ab1998c37c9d37a42afa1b8bab0030e5825e5a
a0264638508487d9d7261928bd5cb12ebaa6dd2913dc20dd6d5a06afc59064c2
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a455924192c13db118d571bd894b18a4ce83c939708219cef08a7550fcef0d21
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a86b5d98958f8e84be939c5eb37f3fb09dddaa31ed15f5cf2d646b525ed6c1bf
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af31788831e6fba62fd7280d994fb8bec5a115c95bdb9dcee4001e7dc6b1786e
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a
b7c671a87daa0011ac2046cbc6c2245cd57c73ffb06949547c3544bf13b8d42e
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c7210d084c3a4b7d3d98697f815dbc472bc7f1cea46d3bc8933a5cc77176f681
c8c0bf2a9db044ac1805b7fb5e1fbc5a02eafb48edb084a548755445bf11155f
ced4e3e29ab2a5121e25c0b439b77937278ceaf9ebdb905da9ddc90dc5448534
cf1bf5bcae950b994962c4a3ba91a3746f1e08a651440e2e4d07c858ce5591a8
cfb8cf793f234253a8404d4b5221cb675709a3c15c8f5ca5416818c18fa17102
d0f7a26d388b4186c9b4f3b328cad51913a59278a64ba3f6bcf4f049bebd5893
d2d90e68108a0659b74a2560729c78e6f152f795496cf75150ba1c6a295f320a
d32e7e5cf2cfc593cce176e05f9e737cac07fd325be7e16d3a5e94dfb291d9c7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4787f71afe2365a1a7fb7c613e7837815e5ad40a855e11220792a97b538816b
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e96b2b1f95baeba077b14ef27cd51c365cc6356f56024f99ca611d1c7537a22f
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
eee108d4add238a62874e89b0a02173d2e1c3865ed2a65b5f4f281e69b2880de
f1ba22db96df3c44278af7c983fe040d53b37e4715440c71e659a8726e70e014
f2cff1100cc71ad3125e8bd749d88c5534aeea023f7a73a78bde9b0b1df4ffbb
f5d85408365bdb06d11e13755763890a75959a726005fac641f95c8d63028f2c
fcbd587432f5e88fc926d1cde0d375084b7f3e711f9ff34571dec52f70fb27cf
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

report.if.ua Open in urlscan Pro 212.24.97.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

132 Requests

92 %HTTPS

46 %IPv6

30 Domains

47 Subdomains

39 IPs

9 Countries

2778 kBTransfer

5101 kBSize

22 Cookies

61 Outgoing links

Page URL History

Redirected requests

132 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

report.if.ua Open in urlscan Pro
212.24.97.24 Public Scan

Screenshot
Live screenshot

Full Image

132
Requests

92 %
HTTPS

46 %
IPv6

30
Domains

47
Subdomains

39
IPs

9
Countries

2778 kB
Transfer

5101 kB
Size

22
Cookies

132 HTTP transactions
1 data transactions