Submitted URL: http://marieclaire.ua/
Effective URL: https://marieclaire.ua/
Submission: On August 25 via api from GB — Scanned from GB

Summary

This website contacted 19 IPs in 7 countries across 14 domains to perform 84 HTTP transactions. The main IP is 185.149.40.93, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is marieclaire.ua.
TLS certificate: Issued by R3 on August 14th 2022. Valid for: 3 months.
This is the only time marieclaire.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
30 marieclaire.ua
marieclaire.ua
1 MB
20 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
329 KB
6 onthe.io
cdn.onthe.io — Cisco Umbrella Rank: 16174
tt.onthe.io — Cisco Umbrella Rank: 13100
19 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
imasdk.googleapis.com — Cisco Umbrella Rank: 440
129 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
stats.g.doubleclick.net — Cisco Umbrella Rank: 108
bid.g.doubleclick.net — Cisco Umbrella Rank: 474
59 KB
4 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 51836
84 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 970
r1---sn-h0jeened.c.2mdn.net
1 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
2 KB
2 gstatic.com
csi.gstatic.com
381 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8811
914 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
20 KB
2 websitepolicies.io
cdn.websitepolicies.io — Cisco Umbrella Rank: 89589
7 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
646 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
48 KB
84 14
Domain Requested by
30 marieclaire.ua 1 redirects marieclaire.ua
12 pagead2.googlesyndication.com marieclaire.ua
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
8 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
5 tt.onthe.io cdn.onthe.io
4 cdn.admixer.net marieclaire.ua
cdn.admixer.net
3 fonts.googleapis.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 r1---sn-h0jeened.c.2mdn.net
2 csi.gstatic.com imasdk.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdn.websitepolicies.io marieclaire.ua
cdn.websitepolicies.io
1 www.google.com tpc.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 stats.g.doubleclick.net www.google-analytics.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com marieclaire.ua
1 cdn.onthe.io marieclaire.ua
84 21
Subject Issuer Validity Valid
marieclaire.ua
R3
2022-08-14 -
2022-11-12
3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA
2022-06-08 -
2023-06-21
a year crt.sh
*.onthe.io
Sectigo RSA Domain Validation Secure Server CA
2022-06-02 -
2023-07-02
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-27 -
2023-06-26
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2022-08-08 -
2022-10-31
3 months crt.sh
*.google.de
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
www.google.com
GTS CA 1C3
2022-08-01 -
2022-10-24
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2022-08-16 -
2022-10-25
2 months crt.sh

This page contains 9 frames:

Primary Page: https://marieclaire.ua/
Frame ID: D4FC8214EDD239D312104FFC8143F1D1
Requests: 70 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Frame ID: 8015C88027A70C763E589E0EFD2674F3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Frame ID: 02617B1FBF27E9FBB1302DB1C1095C91
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&adk=1812271804&adf=3025194257&lmt=1661412074&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmarieclaire.ua%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661412073997&bpp=3&bdt=535&idt=351&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7715419044554&frm=20&pv=2&ga_vid=1895143533.1661412074&ga_sid=1661412074&ga_hid=652152182&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44768832%2C31069000%2C31069063&oid=2&pvsid=3630789534614077&tmod=1122367386&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=368
Frame ID: B501BE737D41615B9E74C1C6FD7839C5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Frame ID: C5CB6BEF29AFD41DBA7E381351357A46
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js
Frame ID: 1A3D514EFD8B8C43A7F71088FF3AEC59
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 7D17E304BD0B13022DD293B85C6C2988
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: AAF671C28D96870139F9A0E9BC792746
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 988F33B197AA6D108C44E21A0ECBB02C
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Marie Claire — женский журнал — все о моде, звездах и красоте

Page URL History Show full URLs

  1. http://marieclaire.ua/ HTTP 301
    https://marieclaire.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • cookieconsent\.min\.js

Page Statistics

84
Requests

99 %
HTTPS

74 %
IPv6

14
Domains

21
Subdomains

19
IPs

7
Countries

2046 kB
Transfer

3588 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://marieclaire.ua/ HTTP 301
    https://marieclaire.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 81
  • https://gcdn.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1692948075/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/1E42ADDCF546B13500B725CE8595064D685B8A59.AAEC10D8A1F44761BE10E0574C2F02E1E340B0C5/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-h0jeened.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1692948075/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3F36917BC19F031DE2356363A38E6EC3F327468E.177667AC947B385A445F1D48CEC2ED6A1344AA05/key/cms1/cms_redirect/yes/mh/3l/mip/2a01:4a0:2c::6/mm/42/mn/sn-h0jeened/ms/onc/mt/1661411253/mv/u/mvi/1/pl/46/file/file.mp4

84 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
marieclaire.ua/
Redirect Chain
  • http://marieclaire.ua/
  • https://marieclaire.ua/
96 KB
20 KB
Document
General
Full URL
https://marieclaire.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
d2d58ab261c30055d0fbae365b806abbc762efb31d543357d448e034e599a02b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 25 Aug 2022 07:21:13 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
last-modified
Вт, 10 Май 2022 15:39:21 +0300
link
<https://marieclaire.ua/wp-json/>; rel="https://api.w.org/" <https://marieclaire.ua/wp-json/wp/v2/pages/609852>; rel="alternate"; type="application/json" <https://marieclaire.ua/>; rel=shortlink
mc-fastcgi-cache
HIT
pragma
no-cache
server
nginx/1.14.2

Redirect headers

Connection
keep-alive
Content-Length
185
Content-Type
text/html
Date
Thu, 25 Aug 2022 07:21:13 GMT
Location
https://marieclaire.ua/
Server
nginx/1.14.2
autoptimize_901d47d5233b3e2c215fd5c1582875be.css
marieclaire.ua/wp-content/cache/autoptimize/css/
40 KB
10 KB
Stylesheet
General
Full URL
https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
cb87bd1d1a4bda37855cc2a7c581c76d2e802a6d576a7d9d561e631127bf01bb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
content-encoding
gzip
last-modified
Fri, 24 Dec 2021 14:09:53 GMT
server
nginx/1.14.2
etag
W/"61c5d4b1-9ef0"
content-type
text/css
cache-control
max-age=604800
expires
Thu, 01 Sep 2022 07:21:13 GMT
loader2.js
cdn.admixer.net/scripts3/
176 KB
55 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Thu, 25 Aug 2022 07:21:13 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:39 GMT
server
nginx
etag
W/"63049f2f-2c101"
x-cached-since
2022-08-25T07:19:06+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Tue, 23 Aug 2022 09:46:00 GMT
pOVCZgzgqLyO
cdn.onthe.io/io.js/
55 KB
18 KB
Script
General
Full URL
https://cdn.onthe.io/io.js/pOVCZgzgqLyO
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
116.202.11.241 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.241.11.202.116.clients.your-server.de
Software
nginx /
Resource Hash
e3d38fb5ffe322c703c1440a9730812ad2941e262e251c368872b07a8fa69998

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 07:21:13 GMT
Content-Encoding
gzip
Last-Modified
Thu, 08 Jul 2021 13:22:51 GMT
Server
nginx
ETag
W/"60e6fc2b-dd01"
Transfer-Encoding
chunked
Content-Type
text/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Expires
Fri, 26 Aug 2022 07:21:13 GMT
lazysizes.min.js
marieclaire.ua/wp-content/plugins/autoptimize/classes/external/js/
10 KB
10 KB
Script
General
Full URL
https://marieclaire.ua/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.2
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Mon, 25 Oct 2021 10:07:37 GMT
server
nginx/1.14.2
etag
"617681e9-2655"
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
9813
expires
Thu, 01 Sep 2022 07:21:13 GMT
cookieconsent.min.js
cdn.websitepolicies.io/lib/cookieconsent/1.0.3/
11 KB
6 KB
Script
General
Full URL
https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.js
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e9584a34f5a9def65c5c165a7c196d075cffdc2d39337ca8fbd1eed0aa74178
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
content-encoding
br
vary
Accept-Encoding
age
2348604
cdn-pullzone
403741
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.02
etag
W/"60b50a6f-2bec"
x-frame-options
SAMEORIGIN
content-type
application/javascript
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cdn-requestcountrycode
GB
expires
Wed, 27 Jul 2022 17:26:30 GMT
date
Thu, 25 Aug 2022 07:21:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
901
access-control-allow-origin
*
cdn-cachedat
06/27/2022 17:08:00
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 31 May 2021 16:10:23 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKNzbY5ugXk%2Fasp9OpZQ9b%2FDyaxgUrbSf18LwIZwpFo%2F7y7cNWHY%2F%2Fur4O65MAxFHFM4gE0rMFHBG%2FXnr85BPhH4wHFciTbqraQ5Pneo1H1YTWWRse9cKNxzjBcyUQltKozKuVWVReTQ"}],"group":"cf-nel","max_age":604800}
cdn-uid
16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid
1ba1b356190f35287c301825d501b1a5
cf-ray
740291d50802f433-LHR
cdn-status
200
cdn-requestpullsuccess
True
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
165 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5a9dd6e44b95aa65943ad1784bec2c3babc9225a7ca8695e18a1932803df45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marieclaire.ua/
Origin
https://marieclaire.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 07:21:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57485
x-xss-protection
0
server
cafe
etag
11306579386736070675
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 25 Aug 2022 07:21:13 GMT
autoptimize_ea0cdc8dd41fc1f00e5964605d912726.js
marieclaire.ua/wp-content/cache/autoptimize/js/
139 KB
139 KB
Script
General
Full URL
https://marieclaire.ua/wp-content/cache/autoptimize/js/autoptimize_ea0cdc8dd41fc1f00e5964605d912726.js
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
e126cce25941fcdf8ee2886394f7cf7b085c293aba63ed4e6d07a229c3074279

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Thu, 23 Jun 2022 04:50:41 GMT
server
nginx/1.14.2
etag
"62b3f121-22c83"
content-type
application/javascript
cache-control
max-age=604800
accept-ranges
bytes
content-length
142467
expires
Thu, 01 Sep 2022 07:21:13 GMT
gtm.js
www.googletagmanager.com/
131 KB
48 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLRR586
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e4ba2ad8901d3444713da5ebab4cf5d432e7e633fd177812873a6639ef4d12cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 07:21:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48322
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 06:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 25 Aug 2022 07:21:13 GMT
logotype-white.svg
marieclaire.ua/wp-content/themes/mc/images/
9 KB
10 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/themes/mc/images/logotype-white.svg
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
cce38f06c620ce5bc416dc5291b41c649a89cedca03eda2bb377d77115e32494

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Tue, 06 Oct 2020 17:18:16 GMT
server
nginx/1.14.2
etag
"5f7ca6d8-2536"
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
content-length
9526
expires
Thu, 01 Sep 2022 07:21:13 GMT
logotype.svg
marieclaire.ua/wp-content/themes/mc/images/
9 KB
10 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/themes/mc/images/logotype.svg
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
189a88e5775309c7a607d49886d408ce1d3bd58eafcc516bb37d89206437e3bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Tue, 06 Oct 2020 17:18:16 GMT
server
nginx/1.14.2
etag
"5f7ca6d8-2536"
content-type
image/svg+xml
cache-control
max-age=604800
accept-ranges
bytes
content-length
9526
expires
Thu, 01 Sep 2022 07:21:13 GMT
truncated
/
620 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
120cd30c358612de31aa3b601d2c939b9d7f1c2f80734395e1bba09064b4aef9

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
412 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1976ce83e1c769ee8a4fa30cdd6ddc4158c301afebc93d10087906c8b93eff8d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
349 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60845609013996ce006f598ee77711b3720c9eea75901086bfd273acf0aa7852

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
930 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ad1a2999b8422909ae7dd90eacb92af2de19593144aac098a6d28cf683d283db

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
984 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7c53abb10d42c0e0a3df4240ddf160e2ebf1f17153b4e2dc6cb18e8c583cfc6

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
Montserrat-Regular.woff2
marieclaire.ua/wp-content/themes/mc/css/fonts/
87 KB
87 KB
Font
General
Full URL
https://marieclaire.ua/wp-content/themes/mc/css/fonts/Montserrat-Regular.woff2
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
e617708035d1a5f61ca23a9efcaa30f7b65649b560a3dd7477282230a8840879

Request headers

Referer
https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Origin
https://marieclaire.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Tue, 27 Apr 2021 05:09:52 GMT
server
nginx/1.14.2
etag
"60879ca0-15ae4"
content-type
application/octet-stream
cache-control
max-age=604800
accept-ranges
bytes
content-length
88804
expires
Thu, 01 Sep 2022 07:21:13 GMT
Merriweather-Bold.woff2
marieclaire.ua/wp-content/themes/mc/css/fonts/
59 KB
60 KB
Font
General
Full URL
https://marieclaire.ua/wp-content/themes/mc/css/fonts/Merriweather-Bold.woff2
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
1366c8b7bbea9904236b5d269112c04d88f099e50a9ebe143af27ba2643fb7ff

Request headers

Referer
https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Origin
https://marieclaire.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Tue, 27 Apr 2021 05:09:48 GMT
server
nginx/1.14.2
etag
"60879c9c-ed20"
content-type
application/octet-stream
cache-control
max-age=604800
accept-ranges
bytes
content-length
60704
expires
Thu, 01 Sep 2022 07:21:13 GMT
Montserrat-SemiBold.woff2
marieclaire.ua/wp-content/themes/mc/css/fonts/
86 KB
87 KB
Font
General
Full URL
https://marieclaire.ua/wp-content/themes/mc/css/fonts/Montserrat-SemiBold.woff2
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
61d8968ed8c08aa50e640cf07b221f92fbc26007d20c68a2cc5412b24c663f68

Request headers

Referer
https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Origin
https://marieclaire.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Tue, 27 Apr 2021 05:09:52 GMT
server
nginx/1.14.2
etag
"60879ca0-159c0"
content-type
application/octet-stream
cache-control
max-age=604800
accept-ranges
bytes
content-length
88512
expires
Thu, 01 Sep 2022 07:21:13 GMT
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
08638c4012d8a9e649467cf50f336fa2c014f4d34c02c12e7d462aa915649b09

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
92fd9a20ea2538ddc6f4eaf6f8d170602643a04ae2eedcb507984083ee463a8d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
57452f5671046a2b2ab27b1f0f37de03760fb2d5d1569ae2e462f90fcf00551d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
178792a2189f59ca9cfc991b788ce695d4fd4e8a6c393026b7529aaae58fd486

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a2b83b9d0f7e952969c55cf7debf49d8fbc76e3d0f3151ad98cb488a570e8162

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
Merriweather-Regular.woff2
marieclaire.ua/wp-content/themes/mc/css/fonts/
61 KB
61 KB
Font
General
Full URL
https://marieclaire.ua/wp-content/themes/mc/css/fonts/Merriweather-Regular.woff2
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
12c212b92bd5e170769ec137562ca7d94a51e4040b65658190f6112d21974867

Request headers

Referer
https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Origin
https://marieclaire.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Tue, 27 Apr 2021 05:09:49 GMT
server
nginx/1.14.2
etag
"60879c9d-f46c"
content-type
application/octet-stream
cache-control
max-age=604800
accept-ranges
bytes
content-length
62572
expires
Thu, 01 Sep 2022 07:21:13 GMT
Montserrat-Bold.woff2
marieclaire.ua/wp-content/themes/mc/css/fonts/
87 KB
87 KB
Font
General
Full URL
https://marieclaire.ua/wp-content/themes/mc/css/fonts/Montserrat-Bold.woff2
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
5e2ac34e292b6f15c645dc4e756f01a452cf63dc0817301ad34b1c9bc6a0afa3

Request headers

Referer
https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Origin
https://marieclaire.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Tue, 27 Apr 2021 05:09:49 GMT
server
nginx/1.14.2
etag
"60879c9d-15a84"
content-type
application/octet-stream
cache-control
max-age=604800
accept-ranges
bytes
content-length
88708
expires
Thu, 01 Sep 2022 07:21:13 GMT
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e42cf2fa6f06d1c9616a82238b1571841c8db339f5a6da831c6c22710c2223d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe87759cfd93a3b4038f67a8b391ac30da0d137c3f8be0f63f51ede0b1aa2ad8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
Montserrat-Medium.woff2
marieclaire.ua/wp-content/themes/mc/css/fonts/
87 KB
87 KB
Font
General
Full URL
https://marieclaire.ua/wp-content/themes/mc/css/fonts/Montserrat-Medium.woff2
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
58b7c61e1b6d4cba2e3ccd1bd081481f7d48a1da5b35e47ef029cb6d28ec52b4

Request headers

Referer
https://marieclaire.ua/wp-content/cache/autoptimize/css/autoptimize_901d47d5233b3e2c215fd5c1582875be.css
Origin
https://marieclaire.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Tue, 27 Apr 2021 05:09:51 GMT
server
nginx/1.14.2
etag
"60879c9f-15a14"
content-type
application/octet-stream
cache-control
max-age=604800
accept-ranges
bytes
content-length
88596
expires
Thu, 01 Sep 2022 07:21:13 GMT
imgonline-com-ua-Resize-RbnBIlfuniTSl-320x180.jpg
marieclaire.ua/wp-content/uploads/2022/08/
33 KB
33 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2022/08/imgonline-com-ua-Resize-RbnBIlfuniTSl-320x180.jpg
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
440a0ecbc312fa419b88b0fc6ae060c533ed44dae398d33734e0191800debcfe

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Tue, 23 Aug 2022 12:33:59 GMT
server
nginx/1.14.2
etag
"6304c937-845e"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
33886
expires
Thu, 01 Sep 2022 07:21:13 GMT
imgonline-com-ua-Resize-7q5pBhCRX1iZ1d-320x180.jpg
marieclaire.ua/wp-content/uploads/2022/08/
30 KB
30 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2022/08/imgonline-com-ua-Resize-7q5pBhCRX1iZ1d-320x180.jpg
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
78e067d99978627583b5ae2a4c0d17d49d30335969e9009f1b7f2dff22a2b1b1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Sun, 21 Aug 2022 20:36:00 GMT
server
nginx/1.14.2
etag
"63029730-779f"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
30623
expires
Thu, 01 Sep 2022 07:21:13 GMT
imgonline-com-ua-Resize-YJv1lQENWyWlKs7J-320x180.jpg
marieclaire.ua/wp-content/uploads/2022/08/
18 KB
19 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2022/08/imgonline-com-ua-Resize-YJv1lQENWyWlKs7J-320x180.jpg
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
1611deed6b0151dd2707792573b6bd1aa4f44f27834eb881ac939d78f44d7c9c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Wed, 24 Aug 2022 16:35:48 GMT
server
nginx/1.14.2
etag
"63065364-4976"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
18806
expires
Thu, 01 Sep 2022 07:21:13 GMT
IMG_8257_mini-1-320x180.png
marieclaire.ua/wp-content/uploads/2022/08/
30 KB
30 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2022/08/IMG_8257_mini-1-320x180.png
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
17c87ccc6a7521b395ebb70420a7f7cd5b36e7ea9fe2bde4b887081f9e1b3e98

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:13 GMT
last-modified
Tue, 23 Aug 2022 18:15:11 GMT
server
nginx/1.14.2
etag
"6305192f-777d"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
30589
expires
Thu, 01 Sep 2022 07:21:13 GMT
cookieconsent.min.css
cdn.websitepolicies.io/lib/cookieconsent/1.0.3/
4 KB
1 KB
Stylesheet
General
Full URL
https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.css
Requested by
Host: cdn.websitepolicies.io
URL: https://cdn.websitepolicies.io/lib/cookieconsent/1.0.3/cookieconsent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
444ff8a57d95f220f3fb20f69164345fb4e571ce6f75b3cd9c750df1ea4364d0
Security Headers
Name Value
Content-Security-Policy default-src * data: 'unsafe-eval' 'unsafe-inline'
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy
default-src * data: 'unsafe-eval' 'unsafe-inline'
content-encoding
br
vary
Accept-Encoding
age
2348584
cdn-pullzone
403741
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
referrer-policy
no-referrer-when-downgrade
cdn-proxyver
1.02
etag
W/"60a7e46d-ffa"
x-frame-options
SAMEORIGIN
content-type
text/css
cdn-cache
HIT
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cdn-requestcountrycode
GB
expires
Wed, 27 Jul 2022 17:17:13 GMT
date
Thu, 25 Aug 2022 07:21:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cdn-edgestorageid
901
access-control-allow-origin
*
cdn-cachedat
06/27/2022 17:10:29
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 21 May 2021 16:48:45 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1hXNx7jXSD52DABtnO2j15ScB%2FDXFpMv8qm6Nz6hs1TD91NYPQe%2B8WUruP1ZhqPhb9nWmCsUqNg3aSLLjhX3FQqvDz7dYyO9ckjZyfQ3aqJZ527HkMbrs9RfTtqSDkUPitmRmnwiq7D"}],"group":"cf-nel","max_age":604800}
cdn-uid
16d357c7-5d61-4073-b136-11d78241bb5e
cdn-requestid
1c621f343aac655655c89146742a2fe6
cf-ray
740291d5686ef433-LHR
cdn-status
200
cdn-requestpullsuccess
True
c.html
cdn.admixer.net/scripts3/49044/ Frame 8015
738 B
519 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/49044/c.html?b=49044
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://marieclaire.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Thu, 25 Aug 2022 07:21:13 GMT
etag
W/"63049f42-2e2"
expires
Fri, 25 Aug 2023 16:15:55 GMT
last-modified
Tue, 23 Aug 2022 09:34:58 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-08-24T16:15:55+00:00
x-id
cec-up-gc12
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/49044/
23 KB
8 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/49044/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Thu, 25 Aug 2022 07:21:13 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:56 GMT
server
nginx
etag
W/"63049f40-5d41"
vary
Accept-Encoding
x-cached-since
2022-08-23T09:36:01+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 24 Aug 2023 09:36:01 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/49044/
75 KB
20 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/49044/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:e1:2801::254 Prague, Czech Republic, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
cec-up-gc12
date
Thu, 25 Aug 2022 07:21:13 GMT
content-encoding
gzip
last-modified
Tue, 23 Aug 2022 09:34:45 GMT
server
nginx
etag
W/"63049f35-12c39"
vary
Accept-Encoding
x-cached-since
2022-08-23T09:36:01+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 24 Aug 2023 09:36:01 GMT
/
tt.onthe.io/
0
287 B
XHR
General
Full URL
https://tt.onthe.io/?k[]=12616:uniques_instantly[url:%2F,domain:marieclaire.ua,page:%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20Marie%20Claire%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%BE%D0%B4%D0%B5%2C%20%D0%B7%D0%B2%D0%B5%D0%B7%D0%B4%D0%B0%D1%85%2C%20%D0%BA%D1%80%D0%B0%D1%81%D0%BE%D1%82%D0%B5%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%D1%85,page_type:main,language:uk,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:aaf88464b.c33a02b2f_1661412073916,session_id:00dd0cd23.61241f458_1661412073917,cdn_version:11]&s=c9883fcb9256bcaea6f231c16430ac28&1661412073922
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pOVCZgzgqLyO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-5-37.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 07:21:14 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/uniques/
33 B
559 B
Script
General
Full URL
https://tt.onthe.io/uniques/?current=25&holding=a6a85e8b8a3a49782382de2f9949a9f0&hash_user=aaf88464b.c33a02b2f_1661412073916&1661412073923
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pOVCZgzgqLyO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-5-37.clients.your-server.de
Software
nginx /
Resource Hash
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 07:21:14 GMT
Server
nginx
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
33
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/
0
287 B
XHR
General
Full URL
https://tt.onthe.io/?k[]=12616:visits_instantly[url:%2F,domain:marieclaire.ua,page:%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20Marie%20Claire%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%BE%D0%B4%D0%B5%2C%20%D0%B7%D0%B2%D0%B5%D0%B7%D0%B4%D0%B0%D1%85%2C%20%D0%BA%D1%80%D0%B0%D1%81%D0%BE%D1%82%D0%B5%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%D1%85,page_type:main,language:uk,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:aaf88464b.c33a02b2f_1661412073916,session_id:00dd0cd23.61241f458_1661412073917,cdn_version:11]&s=c9883fcb9256bcaea6f231c16430ac28&__io=aaf88464b.c33a02b2f_1661412073916&1661412073925
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pOVCZgzgqLyO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-5-37.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 07:21:14 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
/
tt.onthe.io/
0
287 B
XHR
General
Full URL
https://tt.onthe.io/?k[]=12616:pageviews[url:%2F,domain:marieclaire.ua,page:%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20Marie%20Claire%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%BE%D0%B4%D0%B5%2C%20%D0%B7%D0%B2%D0%B5%D0%B7%D0%B4%D0%B0%D1%85%2C%20%D0%BA%D1%80%D0%B0%D1%81%D0%BE%D1%82%D0%B5%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%D1%85,page_type:main,language:uk,user_agent:Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36,device:desktop,browser_version:Chrome%2099,browser:Chrome,depth:1,user_type:new,user_id:aaf88464b.c33a02b2f_1661412073916,session_id:00dd0cd23.61241f458_1661412073917,cdn_version:11]&s=c9883fcb9256bcaea6f231c16430ac28&1661412073929
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pOVCZgzgqLyO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-5-37.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 07:21:14 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLRR586
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1154
date
Thu, 25 Aug 2022 07:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 25 Aug 2022 09:02:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/
341 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa9c76ffeb56e65f15e8b9f9e450234fad7c4b5abb33dc212a3d620d0f08d47f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 07:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122736
x-xss-protection
0
server
cafe
etag
3591138630523457297
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 25 Aug 2022 07:21:14 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame 0261
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7141688687918598
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marieclaire.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
46670
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 18:23:24 GMT
etag
8616628553774171045
expires
Wed, 07 Sep 2022 18:23:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=652152182&t=pageview&_s=1&dl=https%3A%2F%2Fmarieclaire.ua%2F&ul=en-us&de=UTF-8&dt=Marie%20Claire%20%E2%80%94%20%D0%B6%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%E2%80%94%20%D0%B2%D1%81%D0%B5%20%D0%BE%20%D0%BC%D0%BE%D0%B4%D0%B5%2C%20%D0%B7%D0%B2%D0%B5%D0%B7%D0%B4%D0%B0%D1%85%20%D0%B8%20%D0%BA%D1%80%D0%B0%D1%81%D0%BE%D1%82%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=686385118&gjid=99868695&cid=1895143533.1661412074&tid=UA-59638469-4&_gid=1832876195.1661412074&_r=1&gtm=2wg8m0TLRR586&z=245863633
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://marieclaire.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 07:21:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://marieclaire.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
3ms-1440x460.jpg
marieclaire.ua/wp-content/uploads/2022/05/
50 KB
50 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2022/05/3ms-1440x460.jpg
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
acf8e5989fab2d171a341895c483c179f9bed8b2ef3c907804440e87c15e0efd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:14 GMT
last-modified
Mon, 23 May 2022 12:06:18 GMT
server
nginx/1.14.2
etag
"628b78ba-c66d"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
50797
expires
Thu, 01 Sep 2022 07:21:14 GMT
BANNER-1440x460.jpg
marieclaire.ua/wp-content/uploads/2022/05/
61 KB
61 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2022/05/BANNER-1440x460.jpg
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
ef93662bf61ccb660a9297d8912fa78e6512859fc25c2b7d779684d05031702b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:14 GMT
last-modified
Mon, 23 May 2022 12:05:43 GMT
server
nginx/1.14.2
etag
"628b7897-f31c"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
62236
expires
Thu, 01 Sep 2022 07:21:14 GMT
/
tt.onthe.io/
0
287 B
XHR
General
Full URL
https://tt.onthe.io/?k[]=12552:uniques_holding&s=c9883fcb9256bcaea6f231c16430ac28&__io=aaf88464b.c33a02b2f_1661412073916&1661412074173
Requested by
Host: cdn.onthe.io
URL: https://cdn.onthe.io/io.js/pOVCZgzgqLyO
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.99.5.37 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-99-5-37.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 25 Aug 2022 07:21:14 GMT
Server
nginx
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:01 GMT
cookie.js
partner.googleadservices.com/gampad/
218 B
646 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=marieclaire.ua&callback=_gfp_s_&client=ca-pub-7141688687918598
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
886a187c0bf501eff7585ff908358f539d0db77fd418d74d16c388eb1e04b143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 07:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=marieclaire.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 07:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=marieclaire.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 07:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B501
125 KB
33 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7141688687918598&output=html&adk=1812271804&adf=3025194257&lmt=1661412074&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmarieclaire.ua%2F&ea=0&pra=5&wgl=1&easpf=1&easpi=1&easai=1&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=300&asna=5&asnd=5&asnp=5&asns=5&asmat=0.4&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661412073997&bpp=3&bdt=535&idt=351&shv=r20220822&mjsv=m202208170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7715419044554&frm=20&pv=2&ga_vid=1895143533.1661412074&ga_sid=1661412074&ga_hid=652152182&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44768832%2C31069000%2C31069063&oid=2&pvsid=3630789534614077&tmod=1122367386&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=368
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd73fa9ca1e88c990a4f861094234583f95ad9238fca09c477151bf3befc11ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marieclaire.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33991
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 07:21:14 GMT
expires
Thu, 25 Aug 2022 07:21:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/
1 B
438 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-59638469-4&cid=1895143533.1661412074&jid=686385118&gjid=99868695&_gid=1832876195.1661412074&_u=YEBAAAAAAAAAAC~&z=1111760350
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://marieclaire.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 25 Aug 2022 07:21:14 GMT
content-type
text/plain
access-control-allow-origin
https://marieclaire.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/
150 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7cb9242c463dc54aedda50be754d6f6eebc2b0cc81a39d046665dc054ed3e6ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 07:21:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54625
x-xss-protection
0
server
cafe
etag
2039974363310765006
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Thu, 25 Aug 2022 07:21:14 GMT
css2
fonts.googleapis.com/
606 B
890 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Google+Material+Icons:wght@400;500;700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a3a37423b5ac786af7b9a905ab9cb84ce756cc350f7e2c8329f2558a7164f04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 07:21:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 07:21:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 07:21:14 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=adfil-imp&wp=ca-pub-7141688687918598&c=3&e=31069000&h=marieclaire.ua&ld=ru&lx=ru&m=15&n=0&o=a&p=190&t=0&w=1667&x=14&sap=1&tap=1&bap=1&nsr=0&im=0&mo=0&ae=1&fs=1&eid=44759876%2C44759927%2C44759842%2C44768832%2C31069000%2C31069063
Requested by
Host: marieclaire.ua
URL: https://marieclaire.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 07:21:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=marieclaire.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 07:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=marieclaire.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 07:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/ Frame C5CB
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marieclaire.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
36690
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 21:09:44 GMT
etag
8616628553774171045
expires
Wed, 07 Sep 2022 21:09:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame C5CB
4 KB
636 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 06:00:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 07:21:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 07:21:15 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/ Frame C5CB
19 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 07:14:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
398
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8368
x-xss-protection
0
server
cafe
etag
5162546928090487746
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 07:14:37 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C5CB
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=rsra&context=grsl&params=0-%26adk%3D1812271808%26client%3Dca-pub-7141688687918598%26fa%3D8%26ifi%3D2%26uci%3Da!2%26xpc%3DxQchuDEKCf%26p%3Dhttps%3A%2F%2Fmarieclaire.ua
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 07:21:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 1A3D
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 07:13:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
463
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 07:13:32 GMT
css
fonts.googleapis.com/ Frame 1A3D
8 KB
716 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 25 Aug 2022 06:45:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 25 Aug 2022 07:21:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 25 Aug 2022 07:21:15 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/ Frame 1A3D
14 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 13:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 10:41:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 13:39:12 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/ Frame 1A3D
357 KB
123 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f32dffd9527dbaf143a31a4d853ae7ef258ce4ef6f2de04b9cbe7e838473887
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 13:39:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
236523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126294
x-xss-protection
0
last-modified
Mon, 22 Aug 2022 10:41:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 13:39:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 1A3D
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 07:16:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 08 Sep 2022 07:16:22 GMT
csi
csi.gstatic.com/ Frame 1A3D
0
327 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l78pupz3&c=7576481822734&slotId=3788240911367&qqid=CKD1m6S64fkCFdPuuwgdvJkKUQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:81b::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 07:21:16 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A3D
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CsCqA6iIHY6DYH9Pd7_UPvLOqiAWmkLDwa43es5qgEPGv6uKiMhABIIulu44BYJX68IGMB6ABgr2bxCjIAQWpAhqErphkk20-qAMByAObBKoEpwJP0Lcxc_JjDKKk9iTP59kBLoKit8y9B2xie7P8Eg62HBoW1bK0epsc5ncfD8zoRksVp-NPObhD-U8p9cI0LGkcMW2r_YpVD2g-eayAH0FgtF-gIARkrT-bAnQDoZYIuQyLKKoV9SWU4tow27I3QsgBeqARyFq8TNQtBLlW_qxIQ72OV__5gC6QQoPhR5n_Z22DyjUwEGe2gJlJoVQ9Kdb_LXIenv6Dlf9bon0HLygZ72DczhcBuBk1XWKd-TRqKuaV4LfoWKwqHtQCLEcpC97rl0NFL1CdJ2pueg8m-35pU7C9NQ5bXtCC8uWVny_fbkya54i3o-JuuIa6y8iW7Dy6N21i4oBEgp2y3Arvkfj3yNEV6_jeDqc1-05loA0Zbmyd7Zoxdp3nwASD8KnYlQTgBAOQBgGgBnaAB4L166MDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBP_kpkQyBOGmILhA9gTCogUAtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1661412075527&ai=CsCqA6iIHY6DYH9Pd7_UPvLOqiAWmkLDwa43es5qgEPGv6uKiMhABIIulu44BYJX68IGMB6ABgr2bxCjIAQWpAhqErphkk20-qAMByAObBKoEpwJP0Lcxc_JjDKKk9iTP59kBLoKit8y9B2xie7P8Eg62HBoW1bK0epsc5ncfD8zoRksVp-NPObhD-U8p9cI0LGkcMW2r_YpVD2g-eayAH0FgtF-gIARkrT-bAnQDoZYIuQyLKKoV9SWU4tow27I3QsgBeqARyFq8TNQtBLlW_qxIQ72OV__5gC6QQoPhR5n_Z22DyjUwEGe2gJlJoVQ9Kdb_LXIenv6Dlf9bon0HLygZ72DczhcBuBk1XWKd-TRqKuaV4LfoWKwqHtQCLEcpC97rl0NFL1CdJ2pueg8m-35pU7C9NQ5bXtCC8uWVny_fbkya54i3o-JuuIa6y8iW7Dy6N21i4oBEgp2y3Arvkfj3yNEV6_jeDqc1-05loA0Zbmyd7Zoxdp3nwASD8KnYlQTgBAOQBgGgBnaAB4L166MDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB4AsBgAwBsBP_kpkQyBOGmILhA9gTCogUAtgUAdAVAfgWAYAXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 07:21:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 1A3D
27 KB
16 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AVZxWtLQdU8hMK-CF9HfIfXLuIROW-qG3wXP3FM3mAVgTSzUkSs7IUE47GSlab7AjB5mVpLUPfMz_86Ehl-aiiX_eiaQ&cry=1&dbm_d=AKAmf-Djupcd4QxLsM3IRnbJ72ejtSfoseiM7V4flwEy2Ha4LuDeqNdtGL-vlzrMhLts4hdQrju7SxzoRBXFAC0dwnp67iHjy70SMndRpOeBP__ajhG8g8dVoMxkVkU7qwqRPseR89AKB2uE60G2ukxXedIuCOeJC8HJlAOP6ppaju32xMawAfDfo2phqn5e3ar7jZ_q39EQCy0_jt_Vt4-RaYFdZ-c5J_WOtdMiUPqIaCpHnDZO1jZQ_ehEeq_iW3y2wgzni6kgbGBfIB-_bpMg2CUgwok8DSaxK9JDFPOyG6spU8l_4_Tc_fqbmfaFu-JCFIse9x2kpqqrYrmNVSijRazrA0-m-3rhX3Jli8Jy9Y55Id13aQZkd_F5wPbKNH3ivv4AteIhsxIgKxMmdXzt8GF17bm7fqn9Xv_4fV5ZaBP7YUC7dyV-OUyRha47Qwg02ZhoT6if8Hhf-DXqASkVTwVbZGqNA44CBackezYOTflWKP3AKvE2a7kbN5mfYTUoaRtPn43vpSi3heeYYcZFOWhvPZ1_PUcd0TnAVylZQoJsyYwx_16LUphc8dUZS2S77xb0KGrBYwe3MMRdGH_J89jb6dIOyFAfUjtuZ84P5D-RxnNV-zip6ZaQ7xgcEP_frHXTaAlodhO0RwJ9S3ALrotOYeyqVqYN80rFwv-xkZnQoT08SBMvT40BeoizgSmLkyv80Ix6txiVZ5WBu-B_LvEG3hYofnzWej6a0bNLmNaqeg60jCeKM8uM_RFoF-bLRXVE-yubh10pnVgWLnf_ItYOoQtmpJOCc8Gbt0lIknE2OCFbFPu5uQS3cNubxGk7eahZU2dbRjTQLCEFtyROARB1g4HPpOgPVk7BJBqGPuxkErZGXSpxmBnerZtZfIdbczcZVG9a63ds889HpVesGiNb8_XFqNenR_XlxPAO-D_hIbXbqR2vrst-brAl4sr1_odiEJzJ-_3HyCWFNSKfChDulwV81bEsJv-U-DlkVacgD9V5hjldJjz0P8wVb3-sgdK5PPCqGB81urBpf5lQpcExguM41UgZQ-h4tbfKb93grjA-LTrnRY6ZZojDgtfNJwCsnJViqXH3VZ5ldQGdt0hsmh8HYhdkObsD68Lvzk9H5CTOBARVESdPPMIKz1xIgJtzBhjQ7-P9JpuZLdBoK6t4Rai8mREIHgwXZ8K_0djajo0-pqquBH4u9j-2YugX0GxjFZsNTBB98lA2Z-U2EXoytBiz6paDjiUcAft2uYss_gY9FkgAYIdYiMZpVlm8Rm0H1xmUxAkdoyNI16bIJ37PORF1q_DZtXJRKHc1WErFj60sCEVCRDtxag5Bt7O3AkqgtBdhOBk7txe_B4qIfpbN6sKJK0Mis05wIfC4l3GC13F-_O9XWhMWiMgNCvzfw_BtbL0-bE9H187qHRv8pd7jUat7W9C4aUN8_uMJMsgs6sNKjBQEzBnc1UHAR5QPJUufHfCPRSoRM7K3MEcluiYaXMdJem-AXUgAOY6NUBefvhkWU9v_8pJVTphiHQa6EcI-2tUrx6vbz8alxoknuNyoDSyAHg4_CZLMoB-FndJi35p6YDc4-RgF80uyAGwJUoqJGX3qgrSemkEyhSOO81qjgze7cpFU3AGuFvuWcJpDhBuncKVHjZYUoHV5XvsbWt84Z8IYybFEqeS4nw9ePLxIHqD13cf_rk25Uvi7oStpx0bvnol1TRzDacZks-9PcXBizxqBVpOROH34STEreOvgv-iCE7k098dCO0nFzHwLLtn3IlumN2hF705anY6QR5QIrz8JvdGH0TrHAXBvt0neof6rhXbCfLnkZmQmoqqGxr_knWiY9kj1asYP6a1qZhwacNUfIV_jfCybYv4nkUYMAMmF1S_FJMcPoLCuZo3qGP4P5kk9tUlI4_jLlQUCAWNWyPeTuEhXlkcgXmiBDQu_v2PxSC9lpaQI5tZF6_a-fS9pthUlvXkH7A_1fs6DZs0H_uUMX5UAh6MrZwSwARIsN80mkA7ehTm0Nq6DvN7Jb8fOhVsuHweD1xM9aOcI8SESxOvkDeV6d8768vm65tTiDyxUCc7uh85wYm3frnC9_YaaE7GsvmHpS6ZRQUbeCWhwke_tKuyq0qYGKdLa_UKdbHsMII-DDqL3OBuvp-l_jWczo3X_IJpmIpmG3-Fyq1iB5TgDS_6EhU85tUshREy2S5vpeGb52OuJu6xUqYTuKgsoq0poPR6IvAgs1Pr8N5-kIKuQ59ztAgo_MsH6UeociTpVZgOtyANazzwTJsS-PBFjb_YmwZBslZBL2NfiNIb28dNzPeTc_fXfBWaJwXXwShthZ_G733LVML5eE3WHCkaYIw-cSYnyHJGdqEi1Tze2i3Lpo3o-18n52dgt544o-LV-HmfyYDvsVgTGxbttLeJIST53poDXCOALBTcBeX8rBbITunADOEEwad0nej2tLTutCgs-2BUVj-46nYJzp-qi-s8Qg-ectZQ7krJ1o4zIa4RU0dsnK26Voq68ytlFBHNLpQtV4QVKBoDfQvbzifFBBuy-jkAfDN03fQWcSIoISDmivNvcxsVsNSO1nttQZOKgS7wHkNSHpPPHeK8VYCgsN_Qa4e0dcI8Hz32Yw0U3Xwi2ON4k-TXnmRpJ_CLnZRjZqqc5B7AXEuzx8oOqPzV_cD8t9QXw2BVxiJ7ffJOSkEszHCscCwSiyQ9F0cYKn-Er_tqe7AcYRPO3r08HnjzaWi-yzzhkP9CfBLQwsvdXq0Abthl9K8LJ87Nh2spqg3TzNE5mojUmDKNDxJenBxtBeiC2JfO4xeXhAHricl_OTw-lqQAN5V3OuVbmH5jCImtXb2PixJtbOr-XlEf7mZjzojZ-5DqyMq2dE07HoJ-XouVnhIanpEMwC1pa-pf9JsKGceM7RVYCNXUG7OBITY0OiQS8ifR4cOwE7Rfhcx1FuJiFOsiJUxQyrvAnJbgJnoxgr_NOb9-DIXaPzwBJhlKRXJQVqYdfT0hf7cVXkalTMBSbHLgpEW9ytwxV5EeqBclULMK-SmUr7JIin3fzo4__hYzDl4ecKr7n5B-0kj5UXOohnOmb2R6sVH0uPj9RGYSCbhwqZIK0_UALR6v22WihycUtF2qXtgzK0zy3aXW5Sn8nwCueq-PxrCQgpAznzsSiopAjZ_hjWC_NbNRajQXBjJjA2hgbEAwLDONhsqEziUmpMkZqVNPSdhHEacnuKAI6m_QuMZDr_twyua4AnlsNGOCzrxLYpjHA2-RY3-ET-CUyAR8UvxmcHRGJwx0MBJd9LagUyzBaSUcqqznNzXL_vozbfeLt9yAlmstO97fFoiZAO1pDOduNn1t4fDQ3W3B97U9b9kB7JmzWhDfjnJiQtuafykPnF9UCPgpDzDGev-YlwPXgIoD-eyDpu9Ttk9_T6XMt-ks4xqNj9rQwMN8SDeX2-euq5kwK5SCl6g_FiyrcXyQHO5FuOPHJB9MdSGe-6earrPUakgzANw2L4uhTsCxXYuprePZ1lDkw1A4wpyVv6LepfHL564zHg1sbsLs6iNEVshw4iJBoLvvd-uSy8yTGzPKIANfU31oPZpI6Wmb7bhQS2Vgala-ktUyek2nk7BkGIXjtoWfrfTD6qOzz7Nw1Bi5-fEKmzOBvo8y0FJGWsTxWBGJ-gHPoCmDCpOKptw&cid=CAASBORoaaM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f155.1e100.net
Software
cafe /
Resource Hash
a1868910229b3aca79c6d0d7ceb70a954676a48108db5267755582cbc113c4ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 07:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15618
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dd995ac2ee631a7ebc494894e1d8a95f476ed6d89a2ea416d601e709724f4f56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 25 Aug 2022 07:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11104
x-xss-protection
0
Miniatyura-320x180.jpg
marieclaire.ua/wp-content/uploads/2022/02/
12 KB
13 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2022/02/Miniatyura-320x180.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
aebd85b227472959f618c1e9f850eb73be612265ea9bd3445964fc3a3694419a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:15 GMT
last-modified
Wed, 02 Feb 2022 06:20:47 GMT
server
nginx/1.14.2
etag
"61fa22bf-3179"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
12665
expires
Thu, 01 Sep 2022 07:21:15 GMT
600-400-320x180.jpg
marieclaire.ua/wp-content/uploads/2021/12/
16 KB
16 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2021/12/600-400-320x180.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
20ef45c47f11570b75069c25764a252fa67eab07a746f8c031b68353ea1ec387

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:15 GMT
last-modified
Mon, 06 Dec 2021 15:12:31 GMT
server
nginx/1.14.2
etag
"61ae285f-3fe9"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
16361
expires
Thu, 01 Sep 2022 07:21:15 GMT
320-180-320x180.jpg
marieclaire.ua/wp-content/uploads/2021/11/
12 KB
12 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2021/11/320-180-320x180.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
06708e14c753511c24443f3dff3fc3e98252763f281dabd58033db52af7f139e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:15 GMT
last-modified
Tue, 23 Nov 2021 08:48:54 GMT
server
nginx/1.14.2
etag
"619caaf6-30ae"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
12462
expires
Thu, 01 Sep 2022 07:21:15 GMT
knopka_MS.jpg
marieclaire.ua/wp-content/uploads/2021/02/
40 KB
40 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2021/02/knopka_MS.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
e3a453954fdb268bfd0958a6ca66c4117cc56788ebca950b793870f2bfd549b9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:15 GMT
last-modified
Fri, 26 Feb 2021 09:19:34 GMT
server
nginx/1.14.2
etag
"6038bd26-9f97"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
40855
expires
Thu, 01 Sep 2022 07:21:15 GMT
Knopka-Spetsproekty-MC.jpg
marieclaire.ua/wp-content/uploads/2021/02/
74 KB
74 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2021/02/Knopka-Spetsproekty-MC.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
7e5cc7ba90a4fc724cc0337e5d5a6be3b8ff5ae0ad4f964ca0d3f86c68c4e875

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:15 GMT
last-modified
Mon, 01 Feb 2021 14:11:10 GMT
server
nginx/1.14.2
etag
"60180bfe-12854"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
75860
expires
Thu, 01 Sep 2022 07:21:15 GMT
527h274-320x180.jpg
marieclaire.ua/wp-content/uploads/2020/12/
14 KB
14 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2020/12/527h274-320x180.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
683bfcc37024ceb018abb89b645e0bf4bf087abc877223007aa1fe5a5637d067

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:15 GMT
last-modified
Thu, 31 Dec 2020 19:17:01 GMT
server
nginx/1.14.2
etag
"5fee23ad-3722"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
14114
expires
Thu, 01 Sep 2022 07:21:15 GMT
d0bad0bdd0bed0bfd0bad0b0d09cd0a1.jpg
marieclaire.ua/wp-content/uploads/2020/12/
76 KB
76 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2020/12/d0bad0bdd0bed0bfd0bad0b0d09cd0a1.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
b5adf1f6c2b6f34e4dbbe4738d5347e72951fc4988b9d9007c74b4630cd49bcd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:15 GMT
last-modified
Mon, 28 Dec 2020 12:59:19 GMT
server
nginx/1.14.2
etag
"5fe9d6a7-12eef"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
77551
expires
Thu, 01 Sep 2022 07:21:15 GMT
photo_2020-12-24_19-10-28.jpg
marieclaire.ua/wp-content/uploads/2020/12/
10 KB
10 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2020/12/photo_2020-12-24_19-10-28.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
4d87b22392bf566a6716d7343bb609ca35b68f451a237f8bb61cc4004768e116

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:15 GMT
last-modified
Thu, 24 Dec 2020 17:12:11 GMT
server
nginx/1.14.2
etag
"5fe4cbeb-28f2"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
10482
expires
Thu, 01 Sep 2022 07:21:15 GMT
Knopka-320x180.jpg
marieclaire.ua/wp-content/uploads/2020/12/
14 KB
14 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2020/12/Knopka-320x180.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
ec970ff736b922f3d4a24bb8bd2000e7cc75aea07697364b8b9f1a4b36dfd6fb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:15 GMT
last-modified
Tue, 22 Dec 2020 14:36:42 GMT
server
nginx/1.14.2
etag
"5fe2047a-3806"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
14342
expires
Thu, 01 Sep 2022 07:21:15 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 1A3D
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 08:58:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
80576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Aug 2023 08:58:19 GMT
file.mp4
r1---sn-h0jeened.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1692948075/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1A3D
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1692948075/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-h0jeened.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1692948075/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
Fetch
General
Full URL
https://r1---sn-h0jeened.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1692948075/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3F36917BC19F031DE2356363A38E6EC3F327468E.177667AC947B385A445F1D48CEC2ED6A1344AA05/key/cms1/cms_redirect/yes/mh/3l/mip/2a01:4a0:2c::6/mm/42/mn/sn-h0jeened/ms/onc/mt/1661411253/mv/u/mvi/1/pl/46/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:4016:d::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Thu, 25 Aug 2022 07:21:16 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
6389289
Last-Modified
Tue, 05 Jul 2022 12:12:01 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Thu, 25 Aug 2022 07:21:16 GMT

Redirect headers

date
Thu, 25 Aug 2022 07:21:16 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
644
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
location
https://r1---sn-h0jeened.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1692948075/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3F36917BC19F031DE2356363A38E6EC3F327468E.177667AC947B385A445F1D48CEC2ED6A1344AA05/key/cms1/cms_redirect/yes/mh/3l/mip/2a01:4a0:2c::6/mm/42/mn/sn-h0jeened/ms/onc/mt/1661411253/mv/u/mvi/1/pl/46/file/file.mp4
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 7D17
23 KB
9 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
48694
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 24 Aug 2022 17:49:41 GMT
expires
Thu, 24 Aug 2023 17:49:41 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7141688687918598&plah=marieclaire.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 07:21:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 25 Aug 2022 07:21:15 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 7D17
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 24 Aug 2022 18:09:38 GMT
content-encoding
br
x-content-type-options
nosniff
age
47497
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 24 Aug 2023 18:09:38 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame AAF6
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://marieclaire.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
155
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 07:18:40 GMT
expires
Fri, 25 Aug 2023 07:18:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 988F
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c99c84d1da2e656c9844193070397fde4eb4ee61c3c59ba7fa984ce0921b27fe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QJJujfq82kZwi-zLnVvE7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://marieclaire.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-QJJujfq82kZwi-zLnVvE7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 25 Aug 2022 07:21:16 GMT
expires
Thu, 25 Aug 2022 07:21:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
burda-horiz-1000x460.png
marieclaire.ua/wp-content/uploads/2022/04/
66 KB
67 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2022/04/burda-horiz-1000x460.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
d6a447879266f3b61c8127c1e37a7a321295a08c4cd581f0368fe47ef678ea13

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:16 GMT
last-modified
Fri, 29 Apr 2022 06:04:12 GMT
server
nginx/1.14.2
etag
"626b7fdc-10940"
content-type
image/png
cache-control
max-age=604800
accept-ranges
bytes
content-length
67904
expires
Thu, 01 Sep 2022 07:21:16 GMT
8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
pagead2.googlesyndication.com/bg/ Frame AAF6
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/8Oc7qVgGezqJSgjjaaCdJlEAdJIIw0tPZxYDqe1tkXI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 04:34:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
10010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14092
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 25 Aug 2023 04:34:26 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7D17
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B26wX6yIHY7_pK4HDmLAPvrys2A8AAAAAOAHgBAI&bg=!cnGlcTXNAAYUOm8VNDo7ACkAdvg8WudAYJZ1Al0xdftIsU5T72O5GJS86mq5EihSMbZqU0rXzAKyDAIAAABMUgAAAAFoAQeZAvKnT4ukK20GIgBpuEEuJtmQcZx3k6KdtVCzWWkd4HAfUPf3N3o0gBqAWEG_i6ess8ad14GMTqpIJA3xbNL5yE1AWQpCt4Ua7KDse59uttjpInr_IDzwSgfsud8BRPzqd4j6K6fWkevSXAStmNPl33pmzrH7TA14D9Bh0YZpWOXod1-1ovYcJ19pbTBZRnPblOYwKGvqOA7_oBjCyk7lwigch3LIubbh358N3eE_vjeBOI6ASbQQl1fYfOLuvHDBIYC0Wb6s3pYigV558ZkBiCS0Fb3jZ4AijUSya3D3BsCuYdgr9if0G7Lm1GG8eIj6uQ-v-gv7qpoU2dfXD6G6GgcoBHSFr2Wl32MceUJkVTSwHmHVZBE0bcdFE5LrrdS-uunyqjkXpo4BlVE2uz8Hs3N61H1_483JZbLC8GzdR8wCESDYLw4R-GRP_HMrxsYbDmqar4-xLTCszBwVHTEK3_TwV_y4oRhpZf647_9aCs6ibDOL5GIeD4C3s9S7iZm4AxheuPYugK7FsTML7PE8WkNqs4fnR48oaX-KWkpJ00zS3VijSzIKX8I0gr1tlA9bmPatFOO_IBItT1ck4mpZaD_SNkxN4zEj29RbXyeBZ51J3dWJias9VhVxAKHAUA3Xw7v7IRdKHaY8UwTPfnmV1a0zuvGwNhkqWjLxgmS2H_XYkwW6h_2zfzm-Ddb1zHtAWPwagfCIgOrVMnH6f5-l9fmMh4MKuqdTzQISofH4qJw9PI_kdYkLg4o5VHC0dl84y1DJGtd9tU96brQK3hSxPKLecJTFouR9PlYCaRETbosX_XeFcO94_c20m5Ww8l_B6tHjvopjsB9NO0Kvc2_N4NdWrH0tFn3Poo426oAyo3USALSYDSklniXoys1eDtUnfMoI_0VxTk_mCuCI_882v_9krXyEciHo_W1qaR19VOyNYrFeGq6eMXkBC9B3KVwIgwSpDqFjB5iQaVjkWH2lAR7krGWCJPXz_bydmjknDbvLOb3r
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 07:21:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 988F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=3630789534614077&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame AAF6
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?HoBQMw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 25 Aug 2022 07:21:16 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
file.mp4
r1---sn-h0jeened.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1692948075/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 1A3D
160 KB
0
Media
General
Full URL
https://r1---sn-h0jeened.c.2mdn.net/videoplayback/id/7a19311de55a1d60/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1692948075/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3F36917BC19F031DE2356363A38E6EC3F327468E.177667AC947B385A445F1D48CEC2ED6A1344AA05/key/cms1/cms_redirect/yes/mh/3l/mip/2a01:4a0:2c::6/mm/42/mn/sn-h0jeened/ms/onc/mt/1661411253/mv/u/mvi/1/pl/46/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4016:d::6 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 25 Aug 2022 07:21:16 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-6389288/6389289
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
6389289
expires
Thu, 25 Aug 2022 07:21:16 GMT
last-modified
Tue, 05 Jul 2022 12:12:01 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=3630789534614077&bg=!3t2l3ZnNAAYUOm8VNDo7ACkAdvg8WjyHQJNR-lNrmDjgtHZbyOdy9njcMpiafvtmkvi2Spc3ajmEsAIAAABKUgAAAANoAQcKAI1A-6GDVlUCq7oGyUtk9oO_mumtXF-28hFFr5iVzjfcfZ-wquBlr-eXERKeGIWMhS-OyC3Vyp23WEah7kt1RVamLPYLYhIASvl0w3zo2_6Xhwhsl_ErYicHB3QG8Etql4w6NrRJ7m7p0DWAeVRL66nRB76C5xGKTB6l25oIDMDTlaccb1rcHqBCF0WIUbuZApigCsbEm7WqCK6GfPmq_gXNzD2CsOaTPpg6tldzPtS7yI-Y37gP1RyxxHHuco9KXh97nSHeL3UgDFXUlln7PM_xsepJ6ZV0_xPIaioc9b41-iZs4VjBGvZup678esWXLb-lqg_sh6E9-SpS5Coc-AJnTFFkAfOSwZtsqRoavNcxObgxfpfV7aOmNK6IyzTHZLfN5pYQPywHv1Pw0k9t6M9kuTf_Qw-PM_uJ3K0h7xxe0W7JUlRZd_t_R8S8CBsONyWtsBMUbZyVGemijfR9JFTYQ-jDwgp5CXnOgYZbEQ_uVTDRPObzafGnCYuMKljgtuzMN5j_io6jFGCNIqJjKdA38oV3Qplu1Nn5Tmrh0zxkc2XKSlckpkrShiMM9oKS5mbhzFRnItT7iuNu5wQ3RH6qCSuAjfqolE1yx2t2BxznYGhONlPBlKvC0Ugfc6knMHCOq7N70f5pvHfQ3DqmWWVKljnGH9Bg-X85fvw-5bvi_E1S8F6gMzHy_3j2fb-CSp7qXX8xOE_bj5wE_WarchvQgJ9otDWnoBK-3f9eam1WfvL7yUsy9pd5uqG9KHeYfegFKrwPO95naJk5m8LS0_z48qf9jQXtSTXANNIVuc0a9-47W49YHs79dP_qoH7r95qyvs-vJHaVuKLtr7DDmKncSwPPfFoXoCBZjyHdzmqog4F4T6phnN9QVLI8VCH4Z0DyHOn2DwTbaDhlxe8Uxr4_Sj9VtJ_iUCuL9-yacb8nbVVpus3H960LQ-r89-aSJdEzoCOieWAQlp_GlaTYKmEFKXFCqZVa5HsjyUaHM81GeHYh8sOKSIAzydUpNE0Vh1b-_DM8gbzTjph_zjSHv7zVm2pyIqvJqx7fBeeOsutYc0nmMWM1Axgy
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

csi
csi.gstatic.com/ Frame 1A3D
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l78pupzc&c=7576481822734&slotId=3788240911367&qqid=CKD1m6S64fkCFdPuuwgdvJkKUQ&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=7&smb=1000&br=963&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=9&vhc=0&msm=1&aits=0%2C18%2C692%2C59%2C342%2C343%2C344%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220822_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2800:3f0:4001:81b::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 25 Aug 2022 07:21:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPADSHHINA-1-1440x460.jpg
marieclaire.ua/wp-content/uploads/2022/05/
121 KB
121 KB
Image
General
Full URL
https://marieclaire.ua/wp-content/uploads/2022/05/SPADSHHINA-1-1440x460.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.149.40.93 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
web417.default-host.net
Software
nginx/1.14.2 /
Resource Hash
5b6125706c6614254bb2dd0aba7870827d5c447f7c0660aec94809e6bf4137b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://marieclaire.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
public
date
Thu, 25 Aug 2022 07:21:17 GMT
last-modified
Fri, 13 May 2022 09:05:00 GMT
server
nginx/1.14.2
etag
"627e1f3c-1e3a9"
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
content-length
123817
expires
Thu, 01 Sep 2022 07:21:17 GMT

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| gt_request_uri function| fbevents object| dataLayer object| globalAmlAds object| _io_config function| rulangClass function| ualangClass object| lazySizesConfig object| lazySizes object| _0x2bfa function| _0x5b6954 function| _0x4441 object| wpcc object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| admixerLoad object| globalAmlLoad object| __io object| hb_dmx_res object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint string| _io_uniques_holing_params function| addListener function| addNoScroll function| adsMaking function| googleAdsTagConstruct function| googleAdsInsConstruct function| consoleLog function| createElem function| createAds function| str_rand function| loadAdpartnerBranding function| loadOtherAds object| Stblock undefined| b undefined| c undefined| d undefined| a function| advert_load function| $ function| jQuery object| wp function| prjs object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| google_image_requests number| google_lpabyc object| googletag object| GoogleGcLKhOms

17 Cookies

Domain/Path Name / Value
marieclaire.ua/ Name: PHPSESSID
Value: pqg0gavllqa2650b40ahn2tf0r
marieclaire.ua/ Name:
Value: store.test
.marieclaire.ua/ Name: __io_d
Value: 1_705468254
marieclaire.ua/ Name: __io_lv
Value: 1661412073916
marieclaire.ua/ Name: __io
Value: aaf88464b.c33a02b2f_1661412073916
.marieclaire.ua/ Name: __io_session_id
Value: 00dd0cd23.61241f458_1661412073917
.marieclaire.ua/ Name: __io_nav_state12616
Value: %7B%22current%22%3A%22%2F%22%2C%22currentDomain%22%3A%22marieclaire.ua%22%2C%22previousDomain%22%3A%22%22%7D
marieclaire.ua/ Name: __io_unique_12616
Value: 25
marieclaire.ua/ Name: __io_uh
Value: 1
marieclaire.ua/ Name: __io_visit_12616
Value: 1
.tt.onthe.io/ Name: io_uida6a85e8b8a3a49782382de2f9949a9f0
Value: 25
.tt.onthe.io/ Name: io_user_hash
Value: aaf88464b.c33a02b2f_1661412073916
.marieclaire.ua/ Name: _ga
Value: GA1.2.1895143533.1661412074
.marieclaire.ua/ Name: _gid
Value: GA1.2.1832876195.1661412074
.marieclaire.ua/ Name: _gat_UA-59638469-4
Value: 1
.marieclaire.ua/ Name: __gads
Value: ID=392847f523299e9c-22c60dd600ce0098:T=1661412074:RT=1661412074:S=ALNI_MZhdnrXdM3_lGUIVCZkUSDrsetgQw
.doubleclick.net/ Name: IDE
Value: AHWqTUkfEQtxjxnyk8z-r1sG0CRsNUdYwX1BuHqJsT7KOM4I3drrGEbaC0CgGw3ozWo

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
bid.g.doubleclick.net
cdn.admixer.net
cdn.onthe.io
cdn.websitepolicies.io
csi.gstatic.com
fonts.googleapis.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
marieclaire.ua
pagead2.googlesyndication.com
partner.googleadservices.com
r1---sn-h0jeened.c.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tt.onthe.io
www.google-analytics.com
www.google.com
www.googletagmanager.com
116.202.11.241
142.250.185.66
185.149.40.93
2800:3f0:4001:81b::2003
2a00:1450:4001:801::2004
2a00:1450:4001:810::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:400c:c06::9d
2a00:1450:4016:d::6
2a03:90c0:e1:2801::254
2a06:98c1:3120::c
74.125.133.155
88.99.5.37
06708e14c753511c24443f3dff3fc3e98252763f281dabd58033db52af7f139e
08638c4012d8a9e649467cf50f336fa2c014f4d34c02c12e7d462aa915649b09
0f32dffd9527dbaf143a31a4d853ae7ef258ce4ef6f2de04b9cbe7e838473887
120cd30c358612de31aa3b601d2c939b9d7f1c2f80734395e1bba09064b4aef9
12c212b92bd5e170769ec137562ca7d94a51e4040b65658190f6112d21974867
1366c8b7bbea9904236b5d269112c04d88f099e50a9ebe143af27ba2643fb7ff
1611deed6b0151dd2707792573b6bd1aa4f44f27834eb881ac939d78f44d7c9c
166f9390df29e23f9c9c45c50026de3b8ea04605424c6edc8557a3d3e71af7b8
178792a2189f59ca9cfc991b788ce695d4fd4e8a6c393026b7529aaae58fd486
17c87ccc6a7521b395ebb70420a7f7cd5b36e7ea9fe2bde4b887081f9e1b3e98
189a88e5775309c7a607d49886d408ce1d3bd58eafcc516bb37d89206437e3bc
1976ce83e1c769ee8a4fa30cdd6ddc4158c301afebc93d10087906c8b93eff8d
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20ef45c47f11570b75069c25764a252fa67eab07a746f8c031b68353ea1ec387
2e42cf2fa6f06d1c9616a82238b1571841c8db339f5a6da831c6c22710c2223d
2e9584a34f5a9def65c5c165a7c196d075cffdc2d39337ca8fbd1eed0aa74178
440a0ecbc312fa419b88b0fc6ae060c533ed44dae398d33734e0191800debcfe
444ff8a57d95f220f3fb20f69164345fb4e571ce6f75b3cd9c750df1ea4364d0
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4a3a37423b5ac786af7b9a905ab9cb84ce756cc350f7e2c8329f2558a7164f04
4d5a9dd6e44b95aa65943ad1784bec2c3babc9225a7ca8695e18a1932803df45
4d87b22392bf566a6716d7343bb609ca35b68f451a237f8bb61cc4004768e116
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57452f5671046a2b2ab27b1f0f37de03760fb2d5d1569ae2e462f90fcf00551d
58b7c61e1b6d4cba2e3ccd1bd081481f7d48a1da5b35e47ef029cb6d28ec52b4
5b6125706c6614254bb2dd0aba7870827d5c447f7c0660aec94809e6bf4137b8
5e2ac34e292b6f15c645dc4e756f01a452cf63dc0817301ad34b1c9bc6a0afa3
60845609013996ce006f598ee77711b3720c9eea75901086bfd273acf0aa7852
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d8968ed8c08aa50e640cf07b221f92fbc26007d20c68a2cc5412b24c663f68
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
683bfcc37024ceb018abb89b645e0bf4bf087abc877223007aa1fe5a5637d067
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78e067d99978627583b5ae2a4c0d17d49d30335969e9009f1b7f2dff22a2b1b1
7cb9242c463dc54aedda50be754d6f6eebc2b0cc81a39d046665dc054ed3e6ee
7e5cc7ba90a4fc724cc0337e5d5a6be3b8ff5ae0ad4f964ca0d3f86c68c4e875
886a187c0bf501eff7585ff908358f539d0db77fd418d74d16c388eb1e04b143
92fd9a20ea2538ddc6f4eaf6f8d170602643a04ae2eedcb507984083ee463a8d
9784d739d5c17552246ac97886dd2455b93bd36df81741e57d408a20c827364e
a1868910229b3aca79c6d0d7ceb70a954676a48108db5267755582cbc113c4ac
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b83b9d0f7e952969c55cf7debf49d8fbc76e3d0f3151ad98cb488a570e8162
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7ae4f4e313e150000175511c29ca19ae2948eb663987253d19a9372cc20e3fe
acf8e5989fab2d171a341895c483c179f9bed8b2ef3c907804440e87c15e0efd
ad1a2999b8422909ae7dd90eacb92af2de19593144aac098a6d28cf683d283db
aebd85b227472959f618c1e9f850eb73be612265ea9bd3445964fc3a3694419a
b5adf1f6c2b6f34e4dbbe4738d5347e72951fc4988b9d9007c74b4630cd49bcd
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c99c84d1da2e656c9844193070397fde4eb4ee61c3c59ba7fa984ce0921b27fe
cb87bd1d1a4bda37855cc2a7c581c76d2e802a6d576a7d9d561e631127bf01bb
cce38f06c620ce5bc416dc5291b41c649a89cedca03eda2bb377d77115e32494
d2d58ab261c30055d0fbae365b806abbc762efb31d543357d448e034e599a02b
d6a447879266f3b61c8127c1e37a7a321295a08c4cd581f0368fe47ef678ea13
dd995ac2ee631a7ebc494894e1d8a95f476ed6d89a2ea416d601e709724f4f56
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e126cce25941fcdf8ee2886394f7cf7b085c293aba63ed4e6d07a229c3074279
e3a453954fdb268bfd0958a6ca66c4117cc56788ebca950b793870f2bfd549b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3d38fb5ffe322c703c1440a9730812ad2941e262e251c368872b07a8fa69998
e4ba2ad8901d3444713da5ebab4cf5d432e7e633fd177812873a6639ef4d12cf
e617708035d1a5f61ca23a9efcaa30f7b65649b560a3dd7477282230a8840879
ec970ff736b922f3d4a24bb8bd2000e7cc75aea07697364b8b9f1a4b36dfd6fb
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ef93662bf61ccb660a9297d8912fa78e6512859fc25c2b7d779684d05031702b
f0e73ba958067b3a894a08e369a09d265100749208c34b4f671603a9ed6d9172
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
f7c53abb10d42c0e0a3df4240ddf160e2ebf1f17153b4e2dc6cb18e8c583cfc6
f964612ea368ffe1d612a004f0a0e05453155fa7cb27dff624e5ada25c6847fb
fa9c76ffeb56e65f15e8b9f9e450234fad7c4b5abb33dc212a3d620d0f08d47f
fd73fa9ca1e88c990a4f861094234583f95ad9238fca09c477151bf3befc11ce
fe87759cfd93a3b4038f67a8b391ac30da0d137c3f8be0f63f51ede0b1aa2ad8