urlscan.io logo urlscan.io
SecurityTrails logo

report.if.ua Open in urlscan Pro
212.24.97.24  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://report.if.ua/
Effective URL: https://report.if.ua/
Submission: On June 19 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 11 countries across 28 domains to perform 122 HTTP transactions. The main IP is 212.24.97.24, located in Lithuania and belongs to INTERNETO-VIZIJA, LT. The main domain is report.if.ua.
TLS certificate: Issued by R3 on June 4th 2022. Valid for: 3 months.
This is the only time report.if.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 212.24.97.24 212531 (INTERNETO...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
5 116.202.115.24 24940 (HETZNER-AS)
2 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 193.239.68.97 39468 (BIGMIR-IN...)
6 2a00:1450:400... 15169 (GOOGLE)
1 172.217.18.2 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 193.239.71.100 39468 (BIGMIR-IN...)
4 37.157.2.237 198622 (ADFORM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 185.184.8.90 204995 (RTB-HOUSE...)
2 178.250.0.165 44788 (ASN-CRITE...)
2 147.75.85.234 54825 (PACKET)
6 185.33.220.243 29990 (ASN-APPNEX)
8 35.244.159.8 15169 (GOOGLE)
4 212.77.99.29 12827 (WIRTUALNA...)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
2 4 2a02:2638:1::13 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
2 151.101.193.108 54113 (FASTLY)
2 2 185.29.132.241 30419 (MEDIAMATH...)
4 34.98.64.218 15169 (GOOGLE)
2 2 2620:116:800d... 16509 (AMAZON-02)
4 4 37.157.5.142 198622 (ADFORM)
2 3.33.220.150 16509 (AMAZON-02)
2 4 142.250.184.194 15169 (GOOGLE)
2 212.77.98.32 12827 (WIRTUALNA...)
122 37
26    212.24.97.24 (Lithuania)

ASN212531 (INTERNETO-VIZIJA, LT)
PTR: 20371.s.serverhost.name
report.if.ua
7    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:2156:2800:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
5    116.202.115.24 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.24.115.202.116.clients.your-server.de
ep.umobile.pl
2    2600:9000:2156:5c00:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
6    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
1    2a00:1450:400e:80e::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
3    193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua
i.bigmir.net
4    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
2    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
2    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
6    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
optad360-d.openx.net
eu-u.openx.net
us-u.openx.net
4    212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
5    2606:4700:10::ac43:8ae (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
2    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638:1::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
eu-u.openx.net
2    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
2    212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl
std.wpcdn.pl
Apex Domain
Subdomains		 Transfer
26 report.if.ua
report.if.ua
2 MB
12 openx.net
optad360-d.openx.net — Cisco Umbrella Rank: 84617
eu-u.openx.net — Cisco Umbrella Rank: 1962
us-u.openx.net — Cisco Umbrella Rank: 402
3 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
266 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 739
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2507
9 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 247
acdn.adnxs.com — Cisco Umbrella Rank: 603
40 KB
8 adform.net
adx.adform.net — Cisco Umbrella Rank: 4033
c1.adform.net — Cisco Umbrella Rank: 613
3 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
cm.g.doubleclick.net — Cisco Umbrella Rank: 217
7 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
5 connectad.io
i.connectad.io — Cisco Umbrella Rank: 7167
cdn.connectad.io — Cisco Umbrella Rank: 4494
sync-eu.connectad.io — Cisco Umbrella Rank: 3257
2 KB
5 umobile.pl
ep.umobile.pl
5 KB
4 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 26210
1007 B
4 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 129697
i.bigmir.net — Cisco Umbrella Rank: 256825
1 KB
4 gstatic.com
fonts.gstatic.com
114 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 44233
get.optad360.io — Cisco Umbrella Rank: 25890
231 KB
2 wpcdn.pl
std.wpcdn.pl — Cisco Umbrella Rank: 32735
32 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 384
529 B
2 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 461
984 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 464
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 605
56 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1259
408 B
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6622
348 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2430
24 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 9
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 444
2 KB
1 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4465
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 861
645 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
1 KB
122 28
Domain Requested by
26 report.if.ua 1 redirects report.if.ua
7 pagead2.googlesyndication.com report.if.ua
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 eu-u.openx.net get.optad360.io
eu-u.openx.net
6 ib.adnxs.com get.optad360.io
acdn.adnxs.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
report.if.ua
5 ep.umobile.pl report.if.ua
ep.umobile.pl
4 cm.g.doubleclick.net 2 redirects eu-u.openx.net
4 c1.adform.net 4 redirects
4 us-u.openx.net eu-u.openx.net
4 gum.criteo.com 2 redirects static.criteo.net
4 ssp.wp.pl get.optad360.io
4 adx.adform.net get.optad360.io
4 fonts.gstatic.com fonts.googleapis.com
3 mug.criteo.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 i.bigmir.net report.if.ua
2 std.wpcdn.pl ssp.wp.pl
2 match.adsrvr.org eu-u.openx.net
2 pixel.quantserve.com 2 redirects
2 sync.mathtag.com 2 redirects
2 cdn.connectad.io get.optad360.io
2 acdn.adnxs.com get.optad360.io
2 static.criteo.net get.optad360.io
static.criteo.net
2 stats.g.doubleclick.net www.google-analytics.com
2 i.connectad.io get.optad360.io
2 optad360-d.openx.net get.optad360.io
2 prebid.a-mo.net get.optad360.io
2 bidder.criteo.com get.optad360.io
2 prebid-eu.creativecdn.com get.optad360.io
2 script.4dex.io get.optad360.io
script.4dex.io
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 get.optad360.io report.if.ua
get.optad360.io
1 sync-eu.connectad.io cdn.connectad.io
1 www.google.com tpc.googlesyndication.com
1 cdn.jsdelivr.net get.optad360.io
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.co.uk pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 c.bigmir.net report.if.ua
1 www.googletagmanager.com report.if.ua
1 cmp.optad360.io report.if.ua
1 fonts.googleapis.com report.if.ua
122 42
Subject Issuer Validity Valid
report.if.ua
R3		 2022-06-04 -
2022-09-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
ep.umobile.pl
R3		 2022-06-18 -
2022-09-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
c.bigmir.net
R3		 2022-06-08 -
2022-09-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
img.com.ua
R3		 2022-06-08 -
2022-09-06		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.a-mo.net
R3		 2022-05-05 -
2022-08-03		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-10 -
2023-03-15		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.wpcdn.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-13 -
2023-05-15		 a year crt.sh

This page contains 18 frames:

Primary Page: https://report.if.ua/
Frame ID: 7E397BB7F79ED6AFBEEC5B4AFDD622C3
Requests: 80 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html
Frame ID: 39C7CF53F755931924DCE9DFDC32EAB9
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22t2nhgp8dksh5dbmj7c9pq6ho8lr1655640793269%22,%22ac%22:1655640793389}
Frame ID: 485AF877A95BEC06FF4E25F085AB2CE3
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22gtcbuhupmbccpah24o1m7ivfm3n1655640793270%22,%22ac%22:1655640793448}
Frame ID: CF370493A228B42F6E662D85652C799E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1655640793&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655640793355&bpp=38&bdt=286&idt=373&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1252875828762&frm=20&pv=2&ga_vid=719528073.1655640794&ga_sid=1655640794&ga_hid=778952253&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531605%2C31064019&oid=2&pvsid=918503009169134&tmod=715592173&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=428
Frame ID: BC679C1D321E77D2EEE6068381F42D7F
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/video_player?data[act]=getextplayer&data[id]=300
Frame ID: A157438C40C547110413679D8E311BA2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DF676D6DE4024A9123316C960AF5DAD2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F8F0CA80CF12645BD0B9FBF9C318C8C2
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=report.if.ua
Frame ID: 7F654B5767B2C081CCD2CC53FDA4E9D2
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A5AD8B782942B9C7C44CC83D6539D50D
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Frame ID: 4B6A5C520F49DCAD357000B708E28BA3
Requests: 7 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: FD1C10B5A91536575DE45A3307410D39
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2B963C03554C9FDB0E4BBEC872C81A39
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: FD6EE53A936A89FD555EC5B2BB8FDF5C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Frame ID: ECA7CEBF853AE8FD4492039BD71A251F
Requests: 7 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 17596111B946565E4DC21C43973A341B
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: D5E34F79D73A0B4E5DE256BFC3394F9E
Requests: 2 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: 3F050A5F4185360AEC6D41D4449A9608
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Репортер - новини Івано-Франківська та Прикарпаття

Page URL History Show full URLs

  1. http://report.if.ua/ HTTP 301
    https://report.if.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

122
Requests

92 %
HTTPS

49 %
IPv6

28
Domains

42
Subdomains

37
IPs

11
Countries

2475 kB
Transfer

4899 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://report.if.ua/ HTTP 301
    https://report.if.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=report.if.ua&sn=ChromeSyncframe&so=0&topUrl=report.if.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=YZg4hXxSQ0ZrOHJpSU5VbEhzV1hKaFNSTzZ5UlN6ODhrdDV4ejZjd2ZxQlRLWlZzM3pHa0xKM0l3bFp4K1hhWGhycmU1RlZNUTVkbnhiL3I4Y1pVWGZMWjF6WnZZL0tWTVNFbGYyaW4ybFh4MzNIcWM5c2g2M2YwNnl4cGQ0Vzhna3lCcEg5d3hrbUhWcnNGUVBpdzhYUWgrVW1iVnVmc1Z3bVpsUzlqdzRXQUJYeHBua1pid0drVVZ1ZS9sUE5VcE8ra0FjaUUvYnRINU93N3RqZWNReFQ2WE1IdUJyck9tVnlkY1R3eTZxVWpvbVNXZWFmVkRHZVk5SjZ4ZDM3eU5NTkw4NW5rcjRQZytkUXUycjF6Mk0yd3ExZz09fA&cppv=2
Request Chain 92
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=y7jV7HxIU25ERzdIVUZIV0ZNeUVhM2RPMHVleUdCL3JsbEN5cC9wMkVac1BiRFFpVE12OGkwTDIvMGtBTWY4TWppQkhMeVM2T3hpOHBjd3d3M1Q2QkJOT1JkeW5vam5RZmkyUEh0YVNYcmhlY2pPRU5ZNFZwcmpqNjJBNHZLMFFCODVDUTFZUFZGVW1BcDBoeUMyMjdjWVYyRC8rbzNVcnp4NlVZYk1oQWNXTzhXRVhKVVJqM3hIS0JXdkxRRTVjdTlhVDJtSmZvUmE4MlRnelhjclhzbERhVXZUTDllRjlvWHJZMGpvdDk5ODU4akZsVzZSd0NqQWRKNGtFTGJFVHpBOHFFb3VZUnVqOERsckkyMjlrOEEvMklmdz09fA&cppv=2
Request Chain 102
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0b7462af-12dd-4800-bced-43601b0da118
Request Chain 103
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=FZ-A9xKfhfUOlIDwFJzMoEebgqgOmtOnEJwQLi32
Request Chain 104
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1515891247598196204
Request Chain 107
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIEX1dHYMkuqMj_CGekifH4&google_cver=1
Request Chain 108
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0b5b62af-12dd-4200-a5d5-f5ecc204a903
Request Chain 109
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=J6h76CCofuo8o3vvI_w373KqL7s8rSu8JfiBJtAq
Request Chain 110
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7789129578021156817
Request Chain 113
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGqbNB7YRoydLlmGUavX7sI&google_cver=1

122 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
report.if.ua/
Redirect Chain
  • http://report.if.ua/
  • https://report.if.ua/
186 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
46151eb34a4926fdaf1dd3c531384c07b55ba7922a51c488fa86beed73b40155

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Jun 2022 12:13:12 GMT
server
nginx
x-cache-handler
cache-enabler-engine

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sun, 19 Jun 2022 12:13:12 GMT
Location
https://report.if.ua/
Server
nginx
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e2dd2d09ae0ffafa66fd08ff7a5194434f2842f823a4b25d560ad8325cbb6d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56298
x-xss-protection
0
server
cafe
etag
7577729570824148398
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 19 Jun 2022 12:13:13 GMT
autoptimize_cc76c13dcac57a2b855958efed209d77.css
report.if.ua/wp-content/cache/autoptimize/css/ 		689 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://report.if.ua/wp-content/cache/autoptimize/css/autoptimize_cc76c13dcac57a2b855958efed209d77.css
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
cfb8cf793f234253a8404d4b5221cb675709a3c15c8f5ca5416818c18fa17102

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 19:06:11 GMT
server
nginx
etag
W/"62323523-ac5da"
content-type
text/css
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1db3d8a4e35eb332c679bea44de7ac2e1e27cb5cfb8ffc1909a8cc420f00b5b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 19 Jun 2022 12:13:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 19 Jun 2022 12:13:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 19 Jun 2022 12:13:13 GMT
jquery.min.js
report.if.ua/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://report.if.ua/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
content-encoding
gzip
last-modified
Sun, 20 Jun 2021 14:33:11 GMT
server
nginx
etag
W/"60cf51a7-15d98"
content-type
application/javascript
4d4a3073-7c40-48e1-bbb9-4487f0b77435.min.js
cmp.optad360.io/items/ 		497 B
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/4d4a3073-7c40-48e1-bbb9-4487f0b77435.min.js
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:2800:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 00:30:28 GMT
via
1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
age
42492
etag
"7acdc116a0830ba0aef5e087010246ba"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
497
x-amz-cf-id
ie2wQAS6ZVEHvniDgIy3bIYZnLxts9mZaqywfDM4gXq0hnx7PKRc6g==
js_banner
ep.umobile.pl/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22load%22}
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.24.115.202.116.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
511a0b17f434950b5b3675e0e7ddc8d26fe240ba20bf0c96e28e58e20699bffc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Jun 2022 12:13:13 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
1386
Expires
Thu, 19 Nov 1981 08:52:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1934008481619997
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6a547a4f7587ae011877b14df8eeb70ea5516f792b3493fac4744219ab20630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56304
x-xss-protection
0
server
cafe
etag
2728894461681301934
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 19 Jun 2022 12:13:13 GMT
plugin.min.js
get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/ 		371 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/plugin.min.js
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a455924192c13db118d571bd894b18a4ce83c939708219cef08a7550fcef0d21

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:01:54 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 08:58:05 GMT
server
AmazonS3
age
680
etag
W/"a1f68c1c7c64925394855df7d8e42aaa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
_X9HgCDIrnjrSfUCCnMk2rk3XChyTWzYqciqcsnRkIRuJiOc7zqYFQ==
js_banner
ep.umobile.pl/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22load%22}
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.24.115.202.116.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
627fa66bd36c90396eaba7e2fe466ba2697fe470db26f37b189774dcffdd81c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Jun 2022 12:13:13 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
1385
Expires
Thu, 19 Nov 1981 08:52:00 GMT
autoptimize_6def8e87be108548b5cfee70eeed7f4a.js
report.if.ua/wp-content/cache/autoptimize/js/ 		155 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://report.if.ua/wp-content/cache/autoptimize/js/autoptimize_6def8e87be108548b5cfee70eeed7f4a.js
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
30fc397eff83c164fd33a177ddd2d3de2e1814c402b4ec3647f7313685bc64b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 13:20:25 GMT
server
nginx
etag
W/"62a1f399-26d8f"
content-type
application/javascript
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e9ebaee81871691ba0ae4ea0d1d6d8f375bf61106c4bb03e70daf7179ec0032
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122729
x-xss-protection
0
server
cafe
etag
6897824556669791418
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 19 Jun 2022 12:13:13 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/ Frame 39C7 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220615/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
57445
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 18 Jun 2022 20:15:48 GMT
etag
8616628553774171045
expires
Sat, 02 Jul 2022 20:15:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		122 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8FPFJ7
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eccb42d1de232cf60a25d1aff75697f63fc2ad7e961e7800c0bbf4615bd45518
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44286
x-xss-protection
0
expires
Sun, 19 Jun 2022 12:13:13 GMT
js_banner
ep.umobile.pl/ Frame 485A 		381 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22t2nhgp8dksh5dbmj7c9pq6ho8lr1655640793269%22,%22ac%22:1655640793389}
Requested by
Host: ep.umobile.pl
URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22load%22}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.24.115.202.116.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
5d9ffe86d90625efaa98a6d91e3a5c786a083753353e2052adfe06be7c662380

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods
*
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
291
Content-Type
text/html;charset=UTF-8
Date
Sun, 19 Jun 2022 12:13:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0
Vary
Accept-Encoding
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 17:48:55 GMT
x-content-type-options
nosniff
age
498258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 17:48:55 GMT
fontawesome-webfont.woff2
report.if.ua/wp-content/themes/reporternew/css/fontawesome/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://report.if.ua/wp-content/themes/reporternew/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: report.if.ua
URL: https://report.if.ua/wp-content/cache/autoptimize/css/autoptimize_cc76c13dcac57a2b855958efed209d77.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://report.if.ua/wp-content/cache/autoptimize/css/autoptimize_cc76c13dcac57a2b855958efed209d77.css
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
last-modified
Sun, 12 Nov 2017 09:46:16 GMT
server
nginx
accept-ranges
bytes
etag
"5a081868-118d8"
content-length
71896
content-type
application/octet-stream
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options
nosniff
age
518195
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Jun 2023 12:16:38 GMT
player.png
report.if.ua/wp-content/uploads/2017/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2017/12/player.png
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
7022ca758ad0b7f4bd8269777b4a697ef25e950e23403b0da91a6857dd1484bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
last-modified
Tue, 12 Dec 2017 14:50:58 GMT
server
nginx
accept-ranges
bytes
etag
"5a2fecd2-10da"
content-length
4314
content-type
image/png
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:07:14 GMT
x-content-type-options
nosniff
age
414359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:07:14 GMT
js_banner
ep.umobile.pl/ Frame CF37 		381 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22gtcbuhupmbccpah24o1m7ivfm3n1655640793270%22,%22ac%22:1655640793448}
Requested by
Host: ep.umobile.pl
URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22load%22}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.24.115.202.116.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
977fb8f5297653f41039318aba093e57178ef0b1818fa263402ac5e287bc650a

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods
*
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
289
Content-Type
text/html;charset=UTF-8
Date
Sun, 19 Jun 2022 12:13:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0
Vary
Accept-Encoding
/
c.bigmir.net/ 		133 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n593002&w0&y0&d24&r1600
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
c.bigmir.net
Software
nginx /
Resource Hash
55bf05d28ac26f9b1c870c527e3148741625660303afc382259426f62ec80556

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sun, 19 Jun 2022 12:13:13 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 14 Jun 2022 17:07:14 GMT
x-content-type-options
nosniff
age
414359
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Jun 2023 17:07:14 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8FPFJ7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
4104
date
Sun, 19 Jun 2022 11:04:49 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 19 Jun 2022 13:04:49 GMT
cookie.js
partner.googleadservices.com/gampad/ 		216 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=report.if.ua&callback=_gfp_s_&client=ca-pub-4857462492105343
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
ac9116daf7dc0262ff37fb39b04cb40e30bef0fb5628a9600a06bc281476a073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=report.if.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Jun 2022 12:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=report.if.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80e::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Jun 2022 12:13:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BC67 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1655640793&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655640793355&bpp=38&bdt=286&idt=373&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1252875828762&frm=20&pv=2&ga_vid=719528073.1655640794&ga_sid=1655640794&ga_hid=778952253&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531605%2C31064019&oid=2&pvsid=918503009169134&tmod=715592173&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=428
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 12:13:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
prebid5.14.0.js
get.optad360.io/sf/ 		460 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:5c00:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 06 Nov 2021 16:54:12 GMT
content-encoding
gzip
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
19423142
etag
W/"6dd0a13bde35d2daa452bba998871016"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
LFDJhQ2GqO00Nwa9-KzOsr4u26MbpNbc_aJp3MMiCMXSSyCvK8jVxA==
video_player
ep.umobile.pl/ Frame A157 		0
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ep.umobile.pl/video_player?data[act]=getextplayer&data[id]=300
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.24.115.202.116.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods
*
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/javascript
Date
Sun, 19 Jun 2022 12:13:13 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0
b59_top.gif
i.bigmir.net/cnt/samples/diagonal/ 		65 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bigmir.net/cnt/samples/diagonal/b59_top.gif
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
last-modified
Tue, 23 Jan 2007 13:14:28 GMT
server
nginx
etag
"45b60a34-41"
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
65
expires
Wed, 22 Jun 2022 12:13:14 GMT
b59_center.gif
i.bigmir.net/cnt/samples/diagonal/ 		78 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bigmir.net/cnt/samples/diagonal/b59_center.gif
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
last-modified
Tue, 23 Jan 2007 13:14:28 GMT
server
nginx
etag
"45b60a34-4e"
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
78
expires
Wed, 22 Jun 2022 12:13:14 GMT
b59_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 		66 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bigmir.net/cnt/samples/diagonal/b59_bottom.gif
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
last-modified
Tue, 23 Jan 2007 13:14:28 GMT
server
nginx
etag
"45b60a34-42"
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
66
expires
Wed, 22 Jun 2022 12:13:14 GMT
logo_r_eu-1.svg
report.if.ua/wp-content/uploads/2017/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2017/12/logo_r_eu-1.svg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
1159ba1e605fff6cdf2a2d9b390446ca25df82d99b25cf1c4885ba173991590d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
last-modified
Sat, 09 Dec 2017 15:35:26 GMT
server
nginx
accept-ranges
bytes
etag
"5a2c02be-2369"
content-length
9065
content-type
image/svg+xml
11111-370x247.jpg
report.if.ua/wp-content/uploads/2022/06/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/11111-370x247.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
dc7a4043f53d24dd45867d0e2b899e8fab3d84cddecca13604e0f2419e989ea8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
last-modified
Sun, 19 Jun 2022 06:07:06 GMT
server
nginx
accept-ranges
bytes
etag
"62aebd0a-7b12"
content-length
31506
content-type
image/jpeg
vijna-5-110x73.jpg
report.if.ua/wp-content/uploads/2022/06/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/vijna-5-110x73.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
b65031dd12570987c07e136bc3e9497ad4acca7bff1b58074f3f3161cf2ec925

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
last-modified
Tue, 14 Jun 2022 04:53:03 GMT
server
nginx
accept-ranges
bytes
etag
"62a8142f-11fd"
content-length
4605
content-type
image/jpeg
vijna-7-110x73.jpg
report.if.ua/wp-content/uploads/2022/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/vijna-7-110x73.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
ec9079918af9cf105649d1d482932ea1f947b05720e8e082e9b2353140f3385f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
last-modified
Sun, 19 Jun 2022 05:19:01 GMT
server
nginx
accept-ranges
bytes
etag
"62aeb1c5-1312"
content-length
4882
content-type
image/jpeg
1618476878-3172-110x73.jpeg
report.if.ua/wp-content/uploads/2022/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/1618476878-3172-110x73.jpeg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
a8dffe67c3a876475eaa7655e511f2f83842d484bb65d4d1569980b524e3deb4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
last-modified
Sat, 18 Jun 2022 07:45:31 GMT
server
nginx
accept-ranges
bytes
etag
"62ad829b-14cb"
content-length
5323
content-type
image/jpeg
marko-selivanov-e1655533344736-110x73.jpg
report.if.ua/wp-content/uploads/2022/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/marko-selivanov-e1655533344736-110x73.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
acdc033ce228c571a545f94aacd5041e7d0418a8a3d34ecfd05187d774c82b7b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
last-modified
Sat, 18 Jun 2022 06:22:25 GMT
server
nginx
accept-ranges
bytes
etag
"62ad6f21-13d8"
content-length
5080
content-type
image/jpeg
ifnmu-1.jpg
report.if.ua/wp-content/uploads/2022/06/ 		261 KB
262 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/ifnmu-1.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
e4db7065fd34ef094c570f67a017490375e3f39efc371a4cd125a0ceb9bbe05b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
last-modified
Wed, 08 Jun 2022 13:03:29 GMT
server
nginx
accept-ranges
bytes
etag
"62a09e21-41589"
content-length
267657
content-type
image/jpeg
vazhlyva-informacija-370x247.jpg
report.if.ua/wp-content/uploads/2022/06/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/vazhlyva-informacija-370x247.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
0317633c64d935f3e0ab4300ea4136b08686a2baf7a1f519f7973657651eedff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
last-modified
Sun, 19 Jun 2022 11:03:10 GMT
server
nginx
accept-ranges
bytes
etag
"62af026e-718a"
content-length
29066
content-type
image/jpeg
gm-370x247.jpg
report.if.ua/wp-content/uploads/2022/06/ 		36 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/gm-370x247.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
14256d93f56423adec154dfa9ac95bef31d3015920e4a28bf9c11ac396157214

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
last-modified
Sun, 19 Jun 2022 06:42:51 GMT
server
nginx
accept-ranges
bytes
etag
"62aec56b-8e86"
content-length
36486
content-type
image/jpeg
jakisni-velosypedy.gif
report.if.ua/wp-content/uploads/2022/06/ 		226 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/jakisni-velosypedy.gif
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
2e956dc1ba3121986410046936c4c61aa00b47adca90e2c7a12d33e3ac41fe04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
last-modified
Thu, 09 Jun 2022 13:17:42 GMT
server
nginx
accept-ranges
bytes
etag
"62a1f2f6-386c1"
content-length
231105
content-type
image/gif
spilka-zabudivnykiv_580x96.gif
report.if.ua/wp-content/uploads/2021/11/ 		275 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2021/11/spilka-zabudivnykiv_580x96.gif
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
133974970cd7dafaa652f6cff32bc1a0dafd5ccd58e428ff06edd3c74e31833e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
last-modified
Mon, 08 Nov 2021 16:45:18 GMT
server
nginx
accept-ranges
bytes
etag
"6189541e-44b9e"
content-length
281502
content-type
image/gif
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=778952253&t=pageview&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=749684482&gjid=782278351&cid=719528073.1655640794&tid=UA-7446216-8&_gid=1631015579.1655640794&_r=1&gtm=2wg6f0W8FPFJ7&z=941872276
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=778952253&t=pageview&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=559404278&gjid=1742812142&cid=719528073.1655640794&tid=UA-7446216-8&_gid=1631015579.1655640794&_r=1&_slc=1&z=782988907
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=778952253&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sidebar%20banners&ea=Sidebar%202%20banner%20view&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=719528073.1655640794&tid=UA-7446216-8&_gid=1631015579.1655640794&gtm=2wg6f0W8FPFJ7&z=205325840
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:11:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36078
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://report.if.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://report.if.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 19 Jun 2022 12:13:14 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220619
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a67c6a596f226f181958daa55b2bb926ca2f2125e601914072d1ba2d43b535d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
33136
x-jsd-version
1.0.1376
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19163-FRA, cache-itm18829-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"664-qCP84V8cROrOQN4gsHvMZP8mf3g"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wscAr%2FEHJH1TvfeXrSexM0G82iy79h4qMTpCeD4aPU1kor%2BMrqMPWwRQRXBNmEiTfpQTUALYbmX1aqF69BNW0emzQlPY3mpr775ZnLXqOfOGUjL3l6%2Flj9Baft8%2F7%2BZSEP8mmb7WFebtIQPuFLM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
71dc2d73ac8601fc-ZRH
access-control-expose-headers
*
localstore.js
script.4dex.io/ 		483 B
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1034002
x-amz-request-id
txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2
txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NylHAP%2BwEXfXo%2FfEL7dnXmZpEoeimE8goLsAN3bpE%2BpolRB3BpWx2TVbOH%2FKOdFvY7rX%2BcBnow4NodiJ4bbS6%2BuG8Lmn9BlQffNm%2FjXt0FvaGYNDfuF%2FldGcdMT7vdtWzVfMlIsJkOAl8sHP"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
71dc2d73ca7b83ae-MXP
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://report.if.ua
date
Sun, 19 Jun 2022 12:13:14 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
cdb
bidder.criteo.com/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=15635381513
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://report.if.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
c
prebid.a-mo.net/a/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://report.if.ua
date
Sun, 19 Jun 2022 12:13:14 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
7
vary
origin, Accept-Encoding
openrtb
adx.adform.net/adx/ 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
2ca67fdb698c9a1e4266ed2d7f0aa5a349bc21242392ca6c7b21b5aa07762292
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Jun 2022 12:13:14 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b964214b-9b03-4a5e-8347-74804f324353
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://report.if.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
optad360-d.openx.net/w/1.0/ 		173 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optad360-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Freport.if.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e01ab661-8113-4c29-8013-accca6d14fc7&nocache=1655640794067&gdpr=0&schain=1.0%2C1!optad360.com%2C4214681%2C1%2C%2C%2C&aus=336x280%2C360x300%2C300x250&divids=oa-360-1655640793836_dxufkcy8b-0&aucs=&auid=543540636
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
01a92bc0ed6dbc9a0b066526497e43d9905cc115b544d40e420348f9e21bfced

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:14 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://report.if.ua
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
57 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://report.if.ua
access-control-allow-credentials
true
uber-trace-id
00000000000000002039b98d66707532:4482d606a1a8b63f:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
v2
i.connectad.io/api/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
71dc2d740e81cc3e-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
cc3f5a4f9b6556e5f432ef0ed48f3e942d4e59a6c8e0664e9d9860d66355844d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 19 Jun 2022 12:13:14 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bb2fca43-b9e5-4272-890a-ca52a698b4a6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://report.if.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://report.if.ua
access-control-allow-credentials
true
uber-trace-id
00000000000000000739d29334ceba6a:bda12d23adb066ce:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
openrtb
adx.adform.net/adx/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:14 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://report.if.ua
date
Sun, 19 Jun 2022 12:13:14 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://report.if.ua
date
Sun, 19 Jun 2022 12:13:14 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
19
vary
origin, Accept-Encoding
arj
optad360-d.openx.net/w/1.0/ 		173 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optad360-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Freport.if.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8e123c72-d88b-42a0-9b48-5433f8de15d4&nocache=1655640794082&gdpr=0&schain=1.0%2C1!optad360.com%2C4214681%2C1%2C%2C%2C&aus=728x90%2C750x100%2C970x90&divids=oa-360-1655640793834_sp5nf01et-undefined&aucs=&auid=543540636
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
bdf67395761422173ee7ea7e88ba5259e50f99b32e1f50f36e24dc841730d944

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:14 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://report.if.ua
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
v2
i.connectad.io/api/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
71dc2d740e82cc3e-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdb
bidder.criteo.com/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=27724633179
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 19 Jun 2022 12:13:13 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://report.if.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://report.if.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://report.if.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sun, 19 Jun 2022 12:13:14 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
collect
stats.g.doubleclick.net/j/ 		1 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7446216-8&cid=719528073.1655640794&jid=559404278&gjid=1742812142&_gid=1631015579.1655640794&_u=YAjAAEABAAAAAC~&z=933182178
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 19 Jun 2022 12:13:14 GMT
content-type
text/plain
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=778952253&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Promo%20banners&ea=Top%20left%20banner%20view&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=719528073.1655640794&tid=UA-7446216-8&_gid=1631015579.1655640794&gtm=2wg6f0W8FPFJ7&z=1525616357
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:11:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36078
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=778952253&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Promo%20banners&ea=Top%20right%20banner%20view&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=719528073.1655640794&tid=UA-7446216-8&_gid=1631015579.1655640794&gtm=2wg6f0W8FPFJ7&z=1912079885
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 02:11:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
36078
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7446216-8&cid=719528073.1655640794&jid=749684482&gjid=782278351&_gid=1631015579.1655640794&_u=YAhAAEAAAAAAAC~&z=1800255698
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 19 Jun 2022 12:13:14 GMT
content-type
text/plain
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
vulycja-arsenycha_3-554x466.jpg
report.if.ua/wp-content/uploads/2022/06/ 		111 KB
112 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/vulycja-arsenycha_3-554x466.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
ff38c23c9d9a25817236090ea5d52b69846b360f0dda44787a297c1c1aa4bd02

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
last-modified
Wed, 15 Jun 2022 12:00:41 GMT
server
nginx
accept-ranges
bytes
etag
"62a9c9e9-1bd8f"
content-length
114063
content-type
image/jpeg
rynok-bazar-ovochi-frukty-3-306x466.jpg
report.if.ua/wp-content/uploads/2022/06/ 		76 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/rynok-bazar-ovochi-frukty-3-306x466.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
b2205d759271ca9ef30badce9ebc34ad82208120e7e6da0679800a1a9607a1f0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
last-modified
Thu, 16 Jun 2022 11:39:05 GMT
server
nginx
accept-ranges
bytes
etag
"62ab1659-12e0f"
content-length
77327
content-type
image/jpeg
senyk-foto-306x466.jpg
report.if.ua/wp-content/uploads/2022/06/ 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/senyk-foto-306x466.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
27cf06f26e9bc1ecd5ae2c9e4d84484b03a94857d3c6ea3b9156149dafe366b8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
last-modified
Wed, 15 Jun 2022 15:23:12 GMT
server
nginx
accept-ranges
bytes
etag
"62a9f960-11872"
content-length
71794
content-type
image/jpeg
60003335_842416096110354_211597374928191488_n.jpg
report.if.ua/wp-content/uploads/2019/05/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2019/05/60003335_842416096110354_211597374928191488_n.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
d0f7a26d388b4186c9b4f3b328cad51913a59278a64ba3f6bcf4f049bebd5893

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
last-modified
Mon, 13 May 2019 13:15:53 GMT
server
nginx
accept-ranges
bytes
etag
"5cd96e09-b5bf"
content-length
46527
content-type
image/jpeg
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1033250
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx89dc0f462f0a4473be739-00629f4c0d
x-amz-id-2
tx89dc0f462f0a4473be739-00629f4c0d
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A7u3XGBOt62HYGQK2KdpLjm2ayT8kaLi3YVT0ndruaWaCgtumebGqfdIAj284yyUoG%2FPowpPxOlgR7QOcd%2FZ4zYb4fqxXtz0L%2Br16YsDG2Y74I3qMGV3T4JBdpkrB7c7if5%2BlqyoAeUfdvTV"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
71dc2d758e3d83b2-MXP
access-control-allow-headers
Authorization
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220615&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4f2f79799a9719dcb769a69d29a818326532a820706780ed6da185934d89a026
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 19 Jun 2022 12:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10658
x-xss-protection
0
11111-370x247.jpg
report.if.ua/wp-content/uploads/2022/06/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/11111-370x247.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/wp-content/cache/autoptimize/js/autoptimize_6def8e87be108548b5cfee70eeed7f4a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
dc7a4043f53d24dd45867d0e2b899e8fab3d84cddecca13604e0f2419e989ea8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
last-modified
Sun, 19 Jun 2022 06:07:06 GMT
server
nginx
accept-ranges
bytes
etag
"62aebd0a-7b12"
content-length
31506
content-type
image/jpeg
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 19 Jun 2022 12:13:14 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DF67 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 12:03:28 GMT
expires
Mon, 19 Jun 2023 12:03:28 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F8F0 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
77d1ee2a9e94a65263a5a89fe9e64a912b77fa6b4de145ff8b16675a74016452
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GNAxrSjW6bcqkgTIH7HAvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-GNAxrSjW6bcqkgTIH7HAvA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 12:13:15 GMT
expires
Sun, 19 Jun 2022 12:13:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
publishertag.prebid.113.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:15 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Jun 2022 12:13:15 GMT
KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
pagead2.googlesyndication.com/bg/ Frame DF67 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 11:46:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
1582
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14007
x-xss-protection
0
last-modified
Fri, 10 Jun 2022 10:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 19 Jun 2023 11:46:53 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F8F0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220615&jk=918503009169134&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame DF67 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?E4Zo_g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:15 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
syncframe
gum.criteo.com/ Frame 7F65 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=report.if.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
7425ddfd92670868e11419c944b64876cfcb7e0cfd95b163dc0edd4e5923718c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6149
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 19 Jun 2022 12:13:14 GMT
server-processing-duration-in-ticks
3201
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:15 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 20 Jun 2022 12:13:15 GMT
sid
mug.criteo.com/ Frame 7F65
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=report.if.ua&sn=ChromeSyncframe&so=0&topUrl=report.if.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=YZg4hXxSQ0ZrOHJpSU5VbEhzV1hKaFNSTzZ5UlN6ODhrdDV4ejZjd2ZxQlRLWlZzM3pHa0xKM0l3bFp4K1hhWGhycmU1RlZNUTVkbnhiL3I4Y1pVWGZMWjF6WnZZL0tWTVNFbGYyaW4ybFh4MzNIcWM5c2g2M2YwNnl4cG...
433 B
634 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=YZg4hXxSQ0ZrOHJpSU5VbEhzV1hKaFNSTzZ5UlN6ODhrdDV4ejZjd2ZxQlRLWlZzM3pHa0xKM0l3bFp4K1hhWGhycmU1RlZNUTVkbnhiL3I4Y1pVWGZMWjF6WnZZL0tWTVNFbGYyaW4ybFh4MzNIcWM5c2g2M2YwNnl4cGQ0Vzhna3lCcEg5d3hrbUhWcnNGUVBpdzhYUWgrVW1iVnVmc1Z3bVpsUzlqdzRXQUJYeHBua1pid0drVVZ1ZS9sUE5VcE8ra0FjaUUvYnRINU93N3RqZWNReFQ2WE1IdUJyck9tVnlkY1R3eTZxVWpvbVNXZWFmVkRHZVk5SjZ4ZDM3eU5NTkw4NW5rcjRQZytkUXUycjF6Mk0yd3ExZz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f50e0ebb0a92f055df68041ea68ccbb5a8a8c05bc1f6b6d75428c7b0e659c377
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:15 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4671
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:14 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=YZg4hXxSQ0ZrOHJpSU5VbEhzV1hKaFNSTzZ5UlN6ODhrdDV4ejZjd2ZxQlRLWlZzM3pHa0xKM0l3bFp4K1hhWGhycmU1RlZNUTVkbnhiL3I4Y1pVWGZMWjF6WnZZL0tWTVNFbGYyaW4ybFh4MzNIcWM5c2g2M2YwNnl4cGQ0Vzhna3lCcEg5d3hrbUhWcnNGUVBpdzhYUWgrVW1iVnVmc1Z3bVpsUzlqdzRXQUJYeHBua1pid0drVVZ1ZS9sUE5VcE8ra0FjaUUvYnRINU93N3RqZWNReFQ2WE1IdUJyck9tVnlkY1R3eTZxVWpvbVNXZWFmVkRHZVk5SjZ4ZDM3eU5NTkw4NW5rcjRQZytkUXUycjF6Mk0yd3ExZz09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1481
content-length
541
expires
0
289240949_339932588296111_1719516532484200193_n-370x247.jpg
report.if.ua/wp-content/uploads/2022/06/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/289240949_339932588296111_1719516532484200193_n-370x247.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
8d58b6a42f73470d91fa5852f119b09c316f18eb68e6b2612ed72a00bbd827b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:15 GMT
last-modified
Sun, 19 Jun 2022 08:12:41 GMT
server
nginx
accept-ranges
bytes
etag
"62aeda79-804b"
content-length
32843
content-type
image/jpeg
blaho-300h250_.jpg
report.if.ua/wp-content/uploads/2022/06/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/blaho-300h250_.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
44384efd1786a63b88af1ab8ae01d1e585956a920127678eb07bae8491ca81cf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:15 GMT
last-modified
Fri, 03 Jun 2022 11:19:45 GMT
server
nginx
accept-ranges
bytes
etag
"6299ee51-1012f"
content-length
65839
content-type
image/jpeg
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220615&jk=918503009169134&bg=!n5ylnNjNAAbASn8N4Eo7ACkAdvg8WrnJN94KKm2FcQWiV5_J8Pk-mQYvswp05JGJ_Nj-xr2zQaFGZAIAAABUUgAAAAFoAQcKAExdKz9TiXHLuSRKS3gPw44zwdxZpZo6vI0pfKjijS85hBVGLqEU6kxXdl8I6DaEspCfI6dPVXn4F3GDyAcr5Nwm0sXTJf2vQZViOo2MmQKXlPjgFTtiOq2PWzwQSBLC6SPmkM-I-Xm3yFHFSvm5_RPFTjNkG6XI0wpyhRAf3Oykdgi-fjIKFQwnTWEe9cOZfIT2WYT0FLCRrOBAkWAJJptCd8W8-KjjOySuAgWI3av5Wz4YZODgJZDqZbJ2IId-krErdYXQLDtWJK_HuJknCetn5dUZrmguFCwUbvTOw87cNuKAODQunmX05VHv0uvnbMNKfD4gTJlRoPXK9gFOKvaBXY8elhX2_itYJkFSWfHOZ9PPzOgOrYkwvYT-datx_QkG4EamDsrKdd2lz9WMCgcKYXfzWeXqG26ZWk1k8B7cAQ0f6TvQvrhcML17r696t7krV_8ysO6o5pv0MnHXeCGsAHjdUm_01QKxofw8PEXKQsbzRaUJzgZ6oliOV8BR4XWqPxiqANRldtFo0eTav9TDPqeSv6dI7ZeoH3RMdJqNzn-J3TWtZ4rCpuz5CcvbbxF-FqNF3qquAxZG8XySF0cwhgcwL3HkMwQAqXWVA_VOGgcTQcKKhA95dmJ2QA7CmgTQVBQp7mrKPG8rNEt_Cli1_QfkvF4yzenZBSgV35Ffj9j241zOD4aZ1n9vtMvYDlCZFuBRN1PXBPbDjKFzcuZv52-g7F58zw0Lu4LID3uJ_Hd0FRXrELOhnC5rLOXr61uF5tS_lxZQnHXcjZjq9fiwgnn4lmOlnMGvv34uRVouHsx1sHWdK6j2QlgGI4ThoSDhbmvgipH1RbHbhYHThTpfdZ4adLlWBq3I1CjMCatT5lhraN7lHRO6ZZfVwj-JEYPCRa4UBYJhxbLaABdI05verKcGQqYDKFtcTWV_2IUIVkb5H18qrVDr2yRiFky5Wvulnvdpr0aKO0dDP7TDJFT1c8hhmMJs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
11111-370x247.jpg
report.if.ua/wp-content/uploads/2022/06/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/11111-370x247.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/wp-content/cache/autoptimize/js/autoptimize_6def8e87be108548b5cfee70eeed7f4a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
dc7a4043f53d24dd45867d0e2b899e8fab3d84cddecca13604e0f2419e989ea8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:15 GMT
last-modified
Sun, 19 Jun 2022 06:07:06 GMT
server
nginx
accept-ranges
bytes
etag
"62aebd0a-7b12"
content-length
31506
content-type
image/jpeg
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=y7jV7HxIU25ERzdIVUZIV0ZNeUVhM2RPMHVleUdCL3JsbEN5cC9wMkVac1BiRFFpVE12OGkwTDIvMGtBTWY4TWppQkhMeVM2T3hpOHBjd3d3M1Q2QkJOT1JkeW5vam5RZmkyUEh0YVNYcmhlY2pPRU5ZNFZwcmpqNjJBNH...
430 B
668 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=y7jV7HxIU25ERzdIVUZIV0ZNeUVhM2RPMHVleUdCL3JsbEN5cC9wMkVac1BiRFFpVE12OGkwTDIvMGtBTWY4TWppQkhMeVM2T3hpOHBjd3d3M1Q2QkJOT1JkeW5vam5RZmkyUEh0YVNYcmhlY2pPRU5ZNFZwcmpqNjJBNHZLMFFCODVDUTFZUFZGVW1BcDBoeUMyMjdjWVYyRC8rbzNVcnp4NlVZYk1oQWNXTzhXRVhKVVJqM3hIS0JXdkxRRTVjdTlhVDJtSmZvUmE4MlRnelhjclhzbERhVXZUTDllRjlvWHJZMGpvdDk5ODU4akZsVzZSd0NqQWRKNGtFTGJFVHpBOHFFb3VZUnVqOERsckkyMjlrOEEvMklmdz09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
f4e68294200d5010a3d5f26d603b9f10da253db5420ebb6b46b14048f8bc7541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3869
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
location
https://mug.criteo.com/sid?cpp=y7jV7HxIU25ERzdIVUZIV0ZNeUVhM2RPMHVleUdCL3JsbEN5cC9wMkVac1BiRFFpVE12OGkwTDIvMGtBTWY4TWppQkhMeVM2T3hpOHBjd3d3M1Q2QkJOT1JkeW5vam5RZmkyUEh0YVNYcmhlY2pPRU5ZNFZwcmpqNjJBNHZLMFFCODVDUTFZUFZGVW1BcDBoeUMyMjdjWVYyRC8rbzNVcnp4NlVZYk1oQWNXTzhXRVhKVVJqM3hIS0JXdkxRRTVjdTlhVDJtSmZvUmE4MlRnelhjclhzbERhVXZUTDllRjlvWHJZMGpvdDk5ODU4akZsVzZSd0NqQWRKNGtFTGJFVHpBOHFFb3VZUnVqOERsckkyMjlrOEEvMklmdz09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1599
content-length
541
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://report.if.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 19 Jun 2022 12:13:17 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
2114
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A5AD 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
27938
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 19 Jun 2022 12:13:17 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 13 Jun 2022 04:27:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 115667
X-Served-By
cache-lga21962-LGA, cache-lcy19264-LCY
X-Timer
S1655640798.531450,VS0,VE0
pd
eu-u.openx.net/w/1.0/ Frame 4B6A 		668 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
d9aa1db4541e2c71795619fe09d9838d8f47f096afa5f52f211a9cff7ca03e20

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
418
content-type
text/html
date
Sun, 19 Jun 2022 12:13:17 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
via
1.1 google
usersync
ssp.wp.pl/bidder/ Frame FD1C 		477 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Sun, 19 Jun 2022 12:13:17 GMT
last-modified
Mon, 13 Jun 2022 12:32:58 GMT
server
nginx
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 2B96 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
27938
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 19 Jun 2022 12:13:17 GMT
ETag
W/"623de86a-cf34"
Expires
Mon, 13 Jun 2022 04:27:29 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 116548
X-Served-By
cache-lga21962-LGA, cache-lcy19273-LCY
X-Timer
S1655640798.531531,VS0,VE0
connectmyusers.php
cdn.connectad.io/ Frame FD6E 		1 KB
703 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
71dc2d884dedcc3e-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Jun 2022 12:13:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
pd
eu-u.openx.net/w/1.0/ Frame ECA7 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
d9aa1db4541e2c71795619fe09d9838d8f47f096afa5f52f211a9cff7ca03e20

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
418
content-type
text/html
date
Sun, 19 Jun 2022 12:13:17 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
via
1.1 google
connectmyusers.php
cdn.connectad.io/ Frame 1759 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
71dc2d884deccc3e-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 19 Jun 2022 12:13:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
usersync
ssp.wp.pl/bidder/ Frame D5E3 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Sun, 19 Jun 2022 12:13:17 GMT
last-modified
Mon, 13 Jun 2022 12:32:58 GMT
server
nginx
vary
Accept-Encoding
sd
eu-u.openx.net/w/1.0/ Frame 4B6A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0b7462af-12dd-4800-bced-43601b0da118
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0b7462af-12dd-4800-bced-43601b0da118
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 19 Jun 2022 12:13:17 GMT
Server
MT3 4447 e18e916 master zrh-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0b7462af-12dd-4800-bced-43601b0da118
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 19 Jun 2022 12:13:16 GMT
sd
us-u.openx.net/w/1.0/ Frame 4B6A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=FZ-A9xKfhfUOlIDwFJzMoEebgqgOmtOnEJwQLi32
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=FZ-A9xKfhfUOlIDwFJzMoEebgqgOmtOnEJwQLi32
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=FZ-A9xKfhfUOlIDwFJzMoEebgqgOmtOnEJwQLi32
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4B6A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1515891247598196204
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1515891247598196204
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=1515891247598196204
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 4B6A 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=397059fc-ddfb-3525-73e0-0852bfdf53c9&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4B6A 		170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTUxZjhhMzYtMTQ4Yy02YjgxLTY2MDAtNTJlYjc1M2Q5ZGE5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4B6A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIEX1dHYMkuqMj_CGekifH4&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIEX1dHYMkuqMj_CGekifH4&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIEX1dHYMkuqMj_CGekifH4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame ECA7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0b5b62af-12dd-4200-a5d5-f5ecc204a903
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0b5b62af-12dd-4200-a5d5-f5ecc204a903
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Sun, 19 Jun 2022 12:13:17 GMT
Server
MT3 4447 e18e916 master zrh-pixel-x24 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=0b5b62af-12dd-4200-a5d5-f5ecc204a903
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 19 Jun 2022 12:13:16 GMT
sd
us-u.openx.net/w/1.0/ Frame ECA7
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=J6h76CCofuo8o3vvI_w373KqL7s8rSu8JfiBJtAq
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=J6h76CCofuo8o3vvI_w373KqL7s8rSu8JfiBJtAq
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=J6h76CCofuo8o3vvI_w373KqL7s8rSu8JfiBJtAq
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame ECA7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7789129578021156817
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7789129578021156817
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7789129578021156817
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame ECA7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=397059fc-ddfb-3525-73e0-0852bfdf53c9&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame ECA7 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTUxZjhhMzYtMTQ4Yy02YjgxLTY2MDAtNTJlYjc1M2Q5ZGE5
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame ECA7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGqbNB7YRoydLlmGUavX7sI&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGqbNB7YRoydLlmGUavX7sI&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 19 Jun 2022 12:13:17 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGqbNB7YRoydLlmGUavX7sI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame FD1C 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
c7bd933893ac0ac614f27c07becf1f6ebd9c8771cfc74be29e9c7b325fd9919e

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:17 GMT
content-encoding
br
last-modified
Tue, 14 Jun 2022 13:56:37 GMT
server
nginx
etag
W/"4153d13227e670ace7e357c052d799c3"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame D5E3 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
c7bd933893ac0ac614f27c07becf1f6ebd9c8771cfc74be29e9c7b325fd9919e

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 19 Jun 2022 12:13:17 GMT
content-encoding
br
last-modified
Tue, 14 Jun 2022 13:56:37 GMT
server
nginx
etag
W/"4153d13227e670ace7e357c052d799c3"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
1
sync-eu.connectad.io/syncer/ Frame 3F05 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:8ae , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
71dc2d88feb3cc3e-ZRH
date
Sun, 19 Jun 2022 12:13:17 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
async_usersync
ib.adnxs.com/ Frame 2B96 		0
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Jun 2022 12:13:17 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fcf72ae0-0d4b-4af5-bfd5-eca0c1719f95
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A5AD 		0
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Jun 2022 12:13:17 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b981835c-9e2a-4636-a147-191905e9779b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=y7jV7HxIU25ERzdIVUZIV0ZNeUVhM2RPMHVleUdCL3JsbEN5cC9wMkVac1BiRFFpVE12OGkwTDIvMGtBTWY4TWppQkhMeVM2T3hpOHBjd3d3M1Q2QkJOT1JkeW5vam5RZmkyUEh0YVNYcmhlY2pPRU5ZNFZwcmpqNjJBNHZLMFFCODVDUTFZUFZGVW1BcDBoeUMyMjdjWVYyRC8rbzNVcnp4NlVZYk1oQWNXTzhXRVhKVVJqM3hIS0JXdkxRRTVjdTlhVDJtSmZvUmE4MlRnelhjclhzbERhVXZUTDllRjlvWHJZMGpvdDk5ODU4akZsVzZSd0NqQWRKNGtFTGJFVHpBOHFFb3VZUnVqOERsckkyMjlrOEEvMklmdz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 19 Jun 2022 12:13:17 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1660
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 2B96 		0
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Jun 2022 12:13:18 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2b603761-5319-4573-b2ca-24717585ff9a
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame A5AD 		0
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 19 Jun 2022 12:13:18 GMT
X-Proxy-Origin
217.138.196.105; 217.138.196.105; 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7a85a452-dbb8-4eb4-8226-a50badc6d4af
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Accept-CH
Sec-CH-UA-Full-Version-List, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Bitness
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

127 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| SS_DATA object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots string| google_user_agent_client_hint undefined| $ function| jQuery object| dataLayer function| google_spfd number| google_unique_id object| google_sv_map function| BM_Draw number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r function| setCookie function| getCookie function| createGeoRestrictionCookie object| google_tag_manager object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime string| GoogleAnalyticsObject function| ga function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages boolean| __isGoogleAllowed object| pbjs325474 object| BM_STAT object| Bunyad object| Bunyad_Theme object| Bunyad_Pagination function| objectFitImages function| vc_js function| getSizeName function| loadScript function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer string| screen_size function| jarallax object| lazySizes object| wp function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content object| gaplugins object| gaData function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Criteo object| googletag object| sas object| apntag object| _ADAGIO object| GoogleGcLKhOms object| criteo_pubtag object| criteo_pubtag_prebid_113 object| Criteo_prebid_113 object| google_image_requests

23 Cookies

Domain/Path Name / Value
report.if.ua/ Name: b
Value: b
report.if.ua/ Name: __oagr
Value: true
.report.if.ua/ Name: _ga
Value: GA1.3.719528073.1655640794
.report.if.ua/ Name: _gid
Value: GA1.3.1631015579.1655640794
.report.if.ua/ Name: _gat_UA-7446216-8
Value: 1
.report.if.ua/ Name: _gat
Value: 1
report.if.ua/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.report.if.ua/ Name: __gads
Value: ID=1ceb2c6568a4a93f-223e3536b6cd003e:T=1655640793:RT=1655640793:S=ALNI_Mb4TW9uFVWtt405_t7nw4cdvDBLOA
.openx.net/ Name: i
Value: eadc66a5-747c-0ad2-2936-c0badbf86034|1655640794
.prebid.a-mo.net/ Name: __amc
Value: 1_1655640794_1655640794
.adnxs.com/ Name: icu
Value: ChgIqupbEAoYASABKAEw2qW8lQY4AUABSAEQ2qW8lQYYAA..
.adnxs.com/ Name: uuid2
Value: 6647747262915461761
.criteo.com/ Name: uid
Value: 4f314b6d-17a8-4cf9-b78e-a39749943afd
.report.if.ua/ Name: cto_bundle
Value: G_WrmV95R0Z0azBCdkhGaksyQWRlREk1R0FDdngwTGJkS3JrSiUyQmdJMWRmdjUzOGV5JTJCZVp3MmIyZEYwbHZQS3BsZnViUkRhR1ZwcTdlZjUlMkIyTmc5V0JjVUUlMkJoZUxzSFJvQUxGdmhKNVVLNFN0VDBHdmRyWXR0Q0tlaGhjeGFOamZZUDRxd0FnY3Nkb2FlVW1xVSUyQnROQmFaSXZBJTNEJTNE
.openx.net/ Name: pd
Value: v2|1655640797|gekin0vNiygu
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EJkBDAG1JoqsMA
.quantserve.com/ Name: mc
Value: 62af12dd-9aa71-1d6c9-72631
.doubleclick.net/ Name: IDE
Value: AHWqTUlXv5zN5uONzxrbMcnNiCaU7sA2daHLsgz60Om_yRkO83uHANyDCC29pj8AzXg
.adform.net/ Name: uid
Value: 1515891247598196204
report.if.ua/ Name: cto_bundle
Value: 8R-YSV9qUjB6MmtnNmlXVVpwd29BcXJQTUxqRUtsMWs3MUViUXEwMTBlTk5POXM1WWtPQUZWeXg5NWhwdUUzJTJCaGpScjdUSmh3eGhQJTJGTTJ6dSUyRkw5aTJ6eVMlMkJZck1SeHRjVlpoNnI0VUIlMkJ3RmZnYjVuaXRJbVYlMkJUWGtscFBnZVdTQzFFQzJNQzFHZkdwc2V2MXNmQ0NOVDlSWGclM0QlM0Q
report.if.ua/ Name: cto_bidid
Value: GoOtRl84UDU0OSUyRm1VTjJUdnZ6ZCUyQjRYNSUyQmxTbTdyNVRrcXlKUEpsR05NdXZIaCUyQkRrdkt0JTJGd3lWb2RtajFOJTJCQTIlMkJNYnF4eGtROENsTDdKckpmZWt3cHFMJTJGNFpKWE5uQ1RlRFl2WTFLeWQ5Rzl6MzQlM0Q
.mathtag.com/ Name: uuid
Value: 0b5b62af-12dd-4200-a5d5-f5ecc204a903

3 Console Messages

Source Level URL
Text
javascript warning URL: https://report.if.ua/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n593002&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://report.if.ua/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n593002&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1655640793&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655640793355&bpp=38&bdt=286&idt=373&shv=r20220615&mjsv=m202206140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1252875828762&frm=20&pv=2&ga_vid=719528073.1655640794&ga_sid=1655640794&ga_hid=778952253&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531605%2C31064019&oid=2&pvsid=918503009169134&tmod=715592173&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=428
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
bidder.criteo.com
c.bigmir.net
c1.adform.net
cdn.connectad.io
cdn.jsdelivr.net
cm.g.doubleclick.net
cmp.optad360.io
ep.umobile.pl
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
i.bigmir.net
i.connectad.io
ib.adnxs.com
match.adsrvr.org
mug.criteo.com
optad360-d.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
prebid-eu.creativecdn.com
prebid.a-mo.net
report.if.ua
script.4dex.io
ssp.wp.pl
static.criteo.net
stats.g.doubleclick.net
std.wpcdn.pl
sync-eu.connectad.io
sync.mathtag.com
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
116.202.115.24
142.250.184.194
147.75.85.234
151.101.193.108
172.217.18.2
178.250.0.157
178.250.0.165
185.184.8.90
185.29.132.241
185.33.220.243
193.239.68.97
193.239.71.100
212.24.97.24
212.77.98.32
212.77.99.29
2600:9000:2156:2800:6:b871:4f00:93a1
2600:9000:2156:5c00:11:a4de:2580:93a1
2606:4700:10::ac43:8ae
2606:4700:20::ac43:4bf1
2606:4700::6810:5514
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:812::2001
2a00:1450:4001:828::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c04::9c
2a00:1450:400e:80e::2002
2a02:2638:1::13
2a02:2638:1::3
3.33.220.150
34.98.64.218
35.244.159.8
37.157.2.237
37.157.5.142
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01a92bc0ed6dbc9a0b066526497e43d9905cc115b544d40e420348f9e21bfced
0317633c64d935f3e0ab4300ea4136b08686a2baf7a1f519f7973657651eedff
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1159ba1e605fff6cdf2a2d9b390446ca25df82d99b25cf1c4885ba173991590d
133974970cd7dafaa652f6cff32bc1a0dafd5ccd58e428ff06edd3c74e31833e
14256d93f56423adec154dfa9ac95bef31d3015920e4a28bf9c11ac396157214
1db3d8a4e35eb332c679bea44de7ac2e1e27cb5cfb8ffc1909a8cc420f00b5b9
278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523
27cf06f26e9bc1ecd5ae2c9e4d84484b03a94857d3c6ea3b9156149dafe366b8
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
2ca67fdb698c9a1e4266ed2d7f0aa5a349bc21242392ca6c7b21b5aa07762292
2e956dc1ba3121986410046936c4c61aa00b47adca90e2c7a12d33e3ac41fe04
30fc397eff83c164fd33a177ddd2d3de2e1814c402b4ec3647f7313685bc64b0
35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5
44384efd1786a63b88af1ab8ae01d1e585956a920127678eb07bae8491ca81cf
46151eb34a4926fdaf1dd3c531384c07b55ba7922a51c488fa86beed73b40155
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f2f79799a9719dcb769a69d29a818326532a820706780ed6da185934d89a026
511a0b17f434950b5b3675e0e7ddc8d26fe240ba20bf0c96e28e58e20699bffc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55bf05d28ac26f9b1c870c527e3148741625660303afc382259426f62ec80556
5d9ffe86d90625efaa98a6d91e3a5c786a083753353e2052adfe06be7c662380
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627fa66bd36c90396eaba7e2fe466ba2697fe470db26f37b189774dcffdd81c2
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e2dd2d09ae0ffafa66fd08ff7a5194434f2842f823a4b25d560ad8325cbb6d1
7022ca758ad0b7f4bd8269777b4a697ef25e950e23403b0da91a6857dd1484bc
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
7425ddfd92670868e11419c944b64876cfcb7e0cfd95b163dc0edd4e5923718c
77d1ee2a9e94a65263a5a89fe9e64a912b77fa6b4de145ff8b16675a74016452
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a67c6a596f226f181958daa55b2bb926ca2f2125e601914072d1ba2d43b535d
8d58b6a42f73470d91fa5852f119b09c316f18eb68e6b2612ed72a00bbd827b0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e9ebaee81871691ba0ae4ea0d1d6d8f375bf61106c4bb03e70daf7179ec0032
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
977fb8f5297653f41039318aba093e57178ef0b1818fa263402ac5e287bc650a
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a455924192c13db118d571bd894b18a4ce83c939708219cef08a7550fcef0d21
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a8dffe67c3a876475eaa7655e511f2f83842d484bb65d4d1569980b524e3deb4
ac9116daf7dc0262ff37fb39b04cb40e30bef0fb5628a9600a06bc281476a073
acdc033ce228c571a545f94aacd5041e7d0418a8a3d34ecfd05187d774c82b7b
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b2205d759271ca9ef30badce9ebc34ad82208120e7e6da0679800a1a9607a1f0
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b65031dd12570987c07e136bc3e9497ad4acca7bff1b58074f3f3161cf2ec925
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
bdf67395761422173ee7ea7e88ba5259e50f99b32e1f50f36e24dc841730d944
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c7bd933893ac0ac614f27c07becf1f6ebd9c8771cfc74be29e9c7b325fd9919e
cc3f5a4f9b6556e5f432ef0ed48f3e942d4e59a6c8e0664e9d9860d66355844d
cfb8cf793f234253a8404d4b5221cb675709a3c15c8f5ca5416818c18fa17102
d0f7a26d388b4186c9b4f3b328cad51913a59278a64ba3f6bcf4f049bebd5893
d6a547a4f7587ae011877b14df8eeb70ea5516f792b3493fac4744219ab20630
d9aa1db4541e2c71795619fe09d9838d8f47f096afa5f52f211a9cff7ca03e20
dc7a4043f53d24dd45867d0e2b899e8fab3d84cddecca13604e0f2419e989ea8
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4db7065fd34ef094c570f67a017490375e3f39efc371a4cd125a0ceb9bbe05b
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec9079918af9cf105649d1d482932ea1f947b05720e8e082e9b2353140f3385f
eccb42d1de232cf60a25d1aff75697f63fc2ad7e961e7800c0bbf4615bd45518
f4e68294200d5010a3d5f26d603b9f10da253db5420ebb6b46b14048f8bc7541
f50e0ebb0a92f055df68041ea68ccbb5a8a8c05bc1f6b6d75428c7b0e659c377
ff38c23c9d9a25817236090ea5d52b69846b360f0dda44787a297c1c1aa4bd02