report.if.ua Open in urlscan Pro
212.24.97.24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://report.if.ua/
Effective URL:
https://report.if.ua/
Submission: On March 14 via api (March 14th 2022, 11:54:56 am UTC) from GB — Scanned from GB

Summary HTTP 161 Redirects Links 61 Behaviour Indicators

Summary

This website contacted 42 IPs in 10 countries across 31 domains to perform 161 HTTP transactions. The main IP is 212.24.97.24, located in Lithuania and belongs to INTERNETO-VIZIJA, LT. The main domain is report.if.ua.
TLS certificate: Issued by R3 on February 3rd 2022. Valid for: 3 months.

This is the only time report.if.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	212.24.97.24 212.24.97.24	212531 (INTERNETO...) (INTERNETO-VIZIJA)
7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:226... 2600:9000:2260:8a00:6:b871:4f00:93a1	16509 (AMAZON-02) (AMAZON-02)
5	116.202.115.24 116.202.115.24	24940 (HETZNER-AS) (HETZNER-AS)
2	2600:9000:224... 2600:9000:224a:b000:11:a4de:2580:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
6	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5714	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
11	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
2	2606:4700:20:... 2606:4700:20::681a:8a9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	145.40.89.200 145.40.89.200	54825 (PACKET) (PACKET)
6	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
5	2606:4700:10:... 2606:4700:10::6816:36ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	212.77.99.29 212.77.99.29	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
4	37.157.2.249 37.157.2.249	198622 (ADFORM) (ADFORM)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:26f0:710... 2a02:26f0:7100:29b::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 4	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	18.196.61.57 18.196.61.57	16509 (AMAZON-02) (AMAZON-02)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
3	213.254.244.110 213.254.244.110	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
2	23.218.208.187 23.218.208.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.24 37.157.4.24	198622 (ADFORM) (ADFORM)
2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 4	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
2	212.77.98.32 212.77.98.32	12827 (WIRTUALNA...) (WIRTUALNAPOLSKA GDANSK)
161	42

41 212.24.97.24 (Lithuania) 1 redirects

ASN212531 (INTERNETO-VIZIJA, LT)
PTR: 20371.s.serverhost.name

report.if.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2260:8a00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 116.202.115.24 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.24.115.202.116.clients.your-server.de

ep.umobile.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:b000:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)

get.optad360.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:36ce (United States)

ASN13335 (CLOUDFLARENET, US)

i.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-eu.connectad.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

optad360-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl

ssp.wp.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.249 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:7100:29b::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:1::13 (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.61.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-61-57.eu-central-1.compute.amazonaws.com

vfd2dyn.vodafone.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.110 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.218.208.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-187.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.24 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.18.98 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl

std.wpcdn.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	report.if.ua 1 redirects report.if.ua	1 MB
17	adform.net 2 redirects adx.adform.net — Cisco Umbrella Rank: 4064 track.adform.net — Cisco Umbrella Rank: 3334 s1.adform.net — Cisco Umbrella Rank: 8028 c1.adform.net — Cisco Umbrella Rank: 524	95 KB
12	openx.net optad360-d.openx.net — Cisco Umbrella Rank: 54880 eu-u.openx.net — Cisco Umbrella Rank: 1751 us-u.openx.net — Cisco Umbrella Rank: 323	3 KB
10	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 460 rtb0.doubleverify.com — Cisco Umbrella Rank: 624 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 11873 tps.doubleverify.com — Cisco Umbrella Rank: 444 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 9304	125 KB
10	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 689 gum.criteo.com — Cisco Umbrella Rank: 347 mug.criteo.com — Cisco Umbrella Rank: 3185	9 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	247 KB
8	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 205 acdn.adnxs.com — Cisco Umbrella Rank: 523	39 KB
8	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	7 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
5	connectad.io i.connectad.io — Cisco Umbrella Rank: 6650 cdn.connectad.io — Cisco Umbrella Rank: 4108 sync-eu.connectad.io — Cisco Umbrella Rank: 2655	2 KB
5	umobile.pl ep.umobile.pl	5 KB
4	wp.pl ssp.wp.pl — Cisco Umbrella Rank: 22697	969 B
4	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 102340 i.bigmir.net — Cisco Umbrella Rank: 189369	1 KB
4	gstatic.com fonts.gstatic.com	88 KB
3	optad360.io cmp.optad360.io — Cisco Umbrella Rank: 37034 get.optad360.io — Cisco Umbrella Rank: 24237	231 KB
2	wpcdn.pl std.wpcdn.pl — Cisco Umbrella Rank: 29822	67 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 293	529 B
2	quantserve.com 2 redirects pixel.quantserve.com — Cisco Umbrella Rank: 381	986 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 384	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 600	59 KB
2	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6130	348 B
2	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1055	550 B
2	4dex.io script.4dex.io — Cisco Umbrella Rank: 1689	24 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2	2 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 12956	1 KB
1	vodafone.de vfd2dyn.vodafone.de — Cisco Umbrella Rank: 83897
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	1 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8832	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	645 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	41 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	1 KB
161	31

	Domain	Requested by
41	report.if.ua	1 redirects report.if.ua
7	pagead2.googlesyndication.com	report.if.ua pagead2.googlesyndication.com tpc.googlesyndication.com
6	eu-u.openx.net	get.optad360.io eu-u.openx.net
6	ib.adnxs.com	get.optad360.io acdn.adnxs.com
6	adx.adform.net	get.optad360.io s1.adform.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com report.if.ua
5	track.adform.net	get.optad360.io report.if.ua s1.adform.net
5	ep.umobile.pl	report.if.ua ep.umobile.pl
4	cm.g.doubleclick.net	2 redirects eu-u.openx.net
4	us-u.openx.net	eu-u.openx.net
4	gum.criteo.com	2 redirects static.criteo.net
4	cdn.doubleverify.com	report.if.ua cdn.doubleverify.com track.adform.net
4	s1.adform.net	get.optad360.io report.if.ua track.adform.net
4	ssp.wp.pl	get.optad360.io
4	fonts.gstatic.com	fonts.googleapis.com
3	mug.criteo.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	bidder.criteo.com	get.optad360.io static.criteo.net
3	i.bigmir.net	report.if.ua
2	tpsc-frc.doubleverify.com	cdn.doubleverify.com
2	std.wpcdn.pl	ssp.wp.pl
2	match.adsrvr.org	eu-u.openx.net
2	c1.adform.net	2 redirects
2	pixel.quantserve.com	2 redirects
2	sync.mathtag.com	2 redirects
2	cdn.connectad.io	get.optad360.io
2	acdn.adnxs.com	get.optad360.io
2	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
2	static.criteo.net	get.optad360.io static.criteo.net
2	optad360-d.openx.net	get.optad360.io
2	i.connectad.io	get.optad360.io
2	prebid-eu.creativecdn.com	get.optad360.io
2	prebid.a-mo.net	get.optad360.io
2	script.4dex.io	get.optad360.io script.4dex.io
2	stats.g.doubleclick.net	www.google-analytics.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	get.optad360.io	report.if.ua get.optad360.io
1	sync-eu.connectad.io	cdn.connectad.io
1	tps.doubleverify.com	cdn.doubleverify.com
1	m.exactag.com
1	vfd2dyn.vodafone.de
1	www.google.com	tpc.googlesyndication.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	cdn.jsdelivr.net	get.optad360.io
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	c.bigmir.net	report.if.ua
1	www.googletagmanager.com	report.if.ua
1	cmp.optad360.io	report.if.ua
1	fonts.googleapis.com	report.if.ua
161	51

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
radio.z-polus.info
if.gaszbut.com.ua
knyagynyn.if.ua
plus.google.com
pinterest.com
uragan.if.ua
typical.if.ua
www.adamson.ua
stanislaviv.org.ua
www.bigmir.net
my.oe.if.ua

Subject Issuer	Validity	Valid
report.if.ua R3	`2022-02-03` - `2022-05-04`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.optad360.io Amazon	`2021-11-17` - `2022-12-15`	a year	crt.sh
ep.umobile.pl R3	`2022-02-17` - `2022-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
c.bigmir.net R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
img.com.ua R3	`2022-02-07` - `2022-05-08`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.a-mo.net R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
connectad.io Cloudflare Inc ECC CA-3	`2021-05-16` - `2022-05-15`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.wp.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-10` - `2023-03-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
dyn.vodafone.de DigiCert TLS RSA SHA256 2020 CA1	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2020-01-22` - `2022-04-21`	2 years	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2021-12-10` - `2022-12-09`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.wpcdn.pl RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-14` - `2022-05-15`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://report.if.ua/
Frame ID: CD4254A8EA2FD0D82AA7F7BE99B14E82
Requests: 100 HTTP requests in this frame

Frame: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22gj1dg7bcvg3m2kptdejg5uubpdj1647258886990%22,%22ac%22:1647258887068}
Frame ID: 2B888937390A9C3EF267AB73E65931B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Frame ID: 6F18956236A52D2540962D06F20E1AC7
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22aniuck3t788pktpto8084ul7i9l1647258886991%22,%22ac%22:1647258887284}
Frame ID: 2D0674463895EA043C764CE1D95793DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1647258887&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647258887162&bpp=4&bdt=615&idt=295&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6930506128891&frm=20&pv=2&ga_vid=539529737.1647258887&ga_sid=1647258887&ga_hid=2008721270&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531398%2C44750773%2C44758395%2C31065566&oid=2&pvsid=1057385254429799&pem=657&tmod=131701823&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=324
Frame ID: 560F5885F0EBF65111337EEB62221AD7
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/video_player?data[act]=getextplayer&data[id]=300
Frame ID: 2FAC357DE2643BE276AA0FD7F6A32DF7
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=53756194;rtbwp=nMO0Lc2wt6Qyjor_-WYnS6zboUFQG3yp0;rtbdata=8Is0-W0xFB--9XrbSZe_KCWHfOF0vtQGhHJMnIKNv1qCxNBY5YwpexaX0-yMtyEfTF4eZ534YpbS3C-uEavakTri5NSuZ6yZIlIZhzKfnmRXtgSGcvPC1Yc9CtlVEOGZe1bKYEf9kq57h_Cko5AVCgpWVCgl6K490jD3DAFjK8peT5CqUm1bRIgAw5-Smk_eapE5HxCbGTVgDIZbHfMXRgWBtZS71n-GFfvyievnAIs0aMwml4Zv7KxJ0zUTRxAvr2pfUSderluJpWn1nzMfWLftOFdXYAZNYmkHnNYteKS6p9JBGKlvdPYr3BQtoleq9mPTohQ4C91-lcx1MuyswtKb8zKBUnyDOdtrzbQfEpPmeYF_-u5tFW3RZAQ41yHqpHVwx6-5jeQNyuM0F-PptBq8Dq2SeFx1xv_YO6vpSmE1;csid=16383;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sbVl1W31inbuPWSLnwizxQs2D4tcvJaSH8zi4pTkZuZX97Z8yTvs7dVGSFg6c6-VpFMQyYtIGGPYH9A8QFF9ySu7YVd75hiv1R8_HmTGphZDQUoDTq89xqxXvE07bkOr4JcQ1wRwrX5WE3jH6VJWefiWoj9soKcx0oM3gJXv7a_0rEjcKdyE3b7NOOL3CKxmloRnI_sd8teiuX5MFEIsALAcbPoHp0nX0;pui=2ShljixBLrber1pltXZUmg2;
Frame ID: 2C4951E56407BB7AFF61722197B0EC2C
Requests: 4 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2609027&plc=53756194&sid=1358733&dvregion=0&unit=728x90
Frame ID: 60398B8C060BC81095E7307B448D72EF
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=report.if.ua
Frame ID: F47E088D757C1881B126DA55EEB293F0
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E30D869C4CE4EA402169F189638C25A3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DB2D3CCF4891378159862A7F2E95CAA0
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2375.js
Frame ID: 5ACE23D4D04E58E505E5727D2DF3EE6A
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4EF26BF3D72FF52A37375FEE35C21C35
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Frame ID: 6180EBFDD9CD98B18C96F33A594139ED
Requests: 7 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Frame ID: 938C73AC8C03E343D2023CE9B6C1E3D9
Requests: 7 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 666C8035CAAE8C38CC8B08C0C1CE8E23
Requests: 3 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 3899027B4895201A4211ADE3D214AFEC
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 38461BE9CD47A57ECC42C8E15B092914
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: D1258E43741143EC7465A1B755A31144
Requests: 1 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 6D7DE85B4E463DC17F2127C797F1FF5F
Requests: 2 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: B364C7B58FA83D1B6114E824D1B46953
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Репортер - новини Івано-Франківська та Прикарпаття

Page URL History Show full URLs

http://report.if.ua/ HTTP 301
https://report.if.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Lightbox (JavaScript Libraries) Expand

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

161
Requests

94 %
HTTPS

45 %
IPv6

31
Domains

51
Subdomains

42
IPs

10
Countries

2386 kB
Transfer

5466 kB
Size

28
Cookies

61 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/report.if.ua
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/ifreporter
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ifreporter
Title: Instagram

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/ifreporter
Title: YouTube

Search URL Search Domain Scan URL

URL: http://radio.z-polus.info/player/
Title: Західний полюс

Search URL Search Domain Scan URL

URL: https://if.gaszbut.com.ua/information-business/komercijni-propozicii-7?fbclid=IwAR2NaeN5WeY505O7mmQDH06Hw61MJsB8U6qK4LmtoXHAgh5UDsIzjGqfT0Q

Search URL Search Domain Scan URL

URL: https://knyagynyn.if.ua/?utm_source=newsletter&utm_medium=reportif&utm_campaign=reportif

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Favto%2Fu-rogatynskomu-rajoni-legkovyk-vletiv-u-vantazhivku-dvoye-zagyblyh-foto%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Favto%2Fu-rogatynskomu-rajoni-legkovyk-vletiv-u-vantazhivku-dvoye-zagyblyh-foto%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Favto%2Fu-rogatynskomu-rajoni-legkovyk-vletiv-u-vantazhivku-dvoye-zagyblyh-foto%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Favto%2Fu-rogatynskomu-rajoni-legkovyk-vletiv-u-vantazhivku-dvoye-zagyblyh-foto%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fdtp-rohatyn_03.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Favto%2Fpershyj-pishov-u-rivnomu-netverezyj-vodij-vtratyv-avto-na-koryst-zsu%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Favto%2Fpershyj-pishov-u-rivnomu-netverezyj-vodij-vtratyv-avto-na-koryst-zsu%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Favto%2Fpershyj-pishov-u-rivnomu-netverezyj-vodij-vtratyv-avto-na-koryst-zsu%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Favto%2Fpershyj-pishov-u-rivnomu-netverezyj-vodij-vtratyv-avto-na-koryst-zsu%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fscreenshot_1.png

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Favto%2Fneh-j-shastat-ukravtodor-zaklykav-znimaty-dorozhni-znaky%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Favto%2Fneh-j-shastat-ukravtodor-zaklykav-znimaty-dorozhni-znaky%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Favto%2Fneh-j-shastat-ukravtodor-zaklykav-znimaty-dorozhni-znaky%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Favto%2Fneh-j-shastat-ukravtodor-zaklykav-znimaty-dorozhni-znaky%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F02%2F1-2.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Favto%2Fokko-ta-wog-obmezhuyut-prodazh-palnogo-v-odni-ruky%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Favto%2Fokko-ta-wog-obmezhuyut-prodazh-palnogo-v-odni-ruky%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Favto%2Fokko-ta-wog-obmezhuyut-prodazh-palnogo-v-odni-ruky%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Favto%2Fokko-ta-wog-obmezhuyut-prodazh-palnogo-v-odni-ruky%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2017%2F10%2Fpetrol-996617_960_720-e1509007385653.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fgolovne-za-den%2Fabsolyutna-bilshist-nimciv-francuziv-ta-italijciv-za-vstup-ukrayiny-do-yes%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fgolovne-za-den%2Fabsolyutna-bilshist-nimciv-francuziv-ta-italijciv-za-vstup-ukrayiny-do-yes%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fgolovne-za-den%2Fabsolyutna-bilshist-nimciv-francuziv-ta-italijciv-za-vstup-ukrayiny-do-yes%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fgolovne-za-den%2Fabsolyutna-bilshist-nimciv-francuziv-ta-italijciv-za-vstup-ukrayiny-do-yes%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2018%2F09%2Fyes.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fgolovne-za-den%2Ftry-tysyachi-veteraniv-z-ssha-jdut-voyuvaty-za-ukrayinu-dobrovolcyamy%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fgolovne-za-den%2Ftry-tysyachi-veteraniv-z-ssha-jdut-voyuvaty-za-ukrayinu-dobrovolcyamy%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fgolovne-za-den%2Ftry-tysyachi-veteraniv-z-ssha-jdut-voyuvaty-za-ukrayinu-dobrovolcyamy%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fgolovne-za-den%2Ftry-tysyachi-veteraniv-z-ssha-jdut-voyuvaty-za-ukrayinu-dobrovolcyamy%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fssha.jpg

Search URL Search Domain Scan URL

URL: https://uragan.if.ua/
Title: <img class="banner-sidebar-1" src="https://report.if.ua/wp-content/uploads/2020/09/120047299_332843587798885_2443198252237337513_n.gif" alt="Ураган" width="300" height="100">

Search URL Search Domain Scan URL

URL: http://typical.if.ua/
Title: <img class="banner-sidebar-2" src="https://report.if.ua/wp-content/uploads/2019/05/60003335_842416096110354_211597374928191488_n.jpg" alt="Типовий Франківськ" width="1280" height="640">

Search URL Search Domain Scan URL

URL: https://www.adamson.ua/
Title: <img class="banner-sidebar-5" src="https://report.if.ua/wp-content/uploads/2022/01/adamson-new.jpg" alt="ADAMSON" width="1080" height="1080">

Search URL Search Domain Scan URL

URL: https://stanislaviv.org.ua/ua/
Title: <img class="banner-sidebar-4" src="https://report.if.ua/wp-content/uploads/2019/11/71790532_811210685963968_3902815547556888576_n.gif" alt="Готель Станіславів" width="468" height="60">

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Flyudy%2Fkoly-hochetsya-dopomogty-de-u-frankivsku-potribni-ruky-volonteriv-perelik%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Flyudy%2Fkoly-hochetsya-dopomogty-de-u-frankivsku-potribni-ruky-volonteriv-perelik%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Flyudy%2Fkoly-hochetsya-dopomogty-de-u-frankivsku-potribni-ruky-volonteriv-perelik%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Flyudy%2Fkoly-hochetsya-dopomogty-de-u-frankivsku-potribni-ruky-volonteriv-perelik%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fnova-enerhija.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Flyudy%2Fde-na-prykarpatti-mozhna-otrymaty-bezkoshtovnu-dopomogu-psyhologiv%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Flyudy%2Fde-na-prykarpatti-mozhna-otrymaty-bezkoshtovnu-dopomogu-psyhologiv%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Flyudy%2Fde-na-prykarpatti-mozhna-otrymaty-bezkoshtovnu-dopomogu-psyhologiv%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Flyudy%2Fde-na-prykarpatti-mozhna-otrymaty-bezkoshtovnu-dopomogu-psyhologiv%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fpsyhologichna-dopomoga.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Flyudy%2Fvse-pro-doyizd-chergy-j-dokumenty-yak-z-frankivska-distatys-do-yes%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Flyudy%2Fvse-pro-doyizd-chergy-j-dokumenty-yak-z-frankivska-distatys-do-yes%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Flyudy%2Fvse-pro-doyizd-chergy-j-dokumenty-yak-z-frankivska-distatys-do-yes%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Flyudy%2Fvse-pro-doyizd-chergy-j-dokumenty-yak-z-frankivska-distatys-do-yes%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2F275025035_268490952128008_5155472843155192997_n.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Ffoto%2Ffrankivskyj-dramteatr-zaproshuye-ditej-pereselenciv-na-chas-tvorchosti-foto%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Ffoto%2Ffrankivskyj-dramteatr-zaproshuye-ditej-pereselenciv-na-chas-tvorchosti-foto%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Ffoto%2Ffrankivskyj-dramteatr-zaproshuye-ditej-pereselenciv-na-chas-tvorchosti-foto%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Ffoto%2Ffrankivskyj-dramteatr-zaproshuye-ditej-pereselenciv-na-chas-tvorchosti-foto%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fteatr-3.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fakcent%2Fkudy-jty-pereselencyam-yaki-prybuvayut-v-ivano-frankivsk%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fakcent%2Fkudy-jty-pereselencyam-yaki-prybuvayut-v-ivano-frankivsk%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fakcent%2Fkudy-jty-pereselencyam-yaki-prybuvayut-v-ivano-frankivsk%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fakcent%2Fkudy-jty-pereselencyam-yaki-prybuvayut-v-ivano-frankivsk%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2022%2F03%2Fstan-vokzal-pereselenci-4-scaled.jpg

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer.php?u=https%3A%2F%2Freport.if.ua%2Fpoglyad%2Fmaksym-karpash-inshyj-temnyj-svit%2F

Search URL Search Domain Scan URL

URL: http://twitter.com/home?status=https%3A%2F%2Freport.if.ua%2Fpoglyad%2Fmaksym-karpash-inshyj-temnyj-svit%2F

Search URL Search Domain Scan URL

URL: http://plus.google.com/share?url=https%3A%2F%2Freport.if.ua%2Fpoglyad%2Fmaksym-karpash-inshyj-temnyj-svit%2F

Search URL Search Domain Scan URL

URL: http://pinterest.com/pin/create/button/?url=https%3A%2F%2Freport.if.ua%2Fpoglyad%2Fmaksym-karpash-inshyj-temnyj-svit%2F&media=https%3A%2F%2Freport.if.ua%2Fwp-content%2Fuploads%2F2021%2F02%2Fkarpash-e1613927425185.jpg

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

URL: https://my.oe.if.ua/
Title: <img src="https://report.if.ua/wp-content/uploads/2018/02/baner_reporter_300h100px-2.jpg" width="118px" height="51px">

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://report.if.ua/ HTTP 301
https://report.if.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://gum.criteo.com/sid/json?origin=publishertag&domain=report.if.ua&sn=ChromeSyncframe&so=0&topUrl=report.if.ua&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=V-DT43xpZ29rR1ZHRTlvOHd1RW9Lc2s4MzdVdTRQQjhBc0w3b056Z3kzaXJ5R0p6bWV1bUJDVGxFbjUvd2hVOS83VmtUalkyZDJPNnpuOHk5ekhYWFdOekRpeGVkSW16ZXlUVDJ5ajNFTFhSUWo5bFEwcGhGRWFWNnlLajdEZjJuZjJXRjhVa3VwaE9DTUgwRG9sTXFsUUl1a1ovdmE0YWE1dHV1M0ZqR2VVTU1KS0lHZCtyWGxJMXI4RVEwMnYwN2hnSDhlMWVMUFNnSHcvR1lUVGJ3SDFpcGNTVHhIOTlXTUhaQkJyNzlYZE81L1hNYWR6TGU4NVEvZXFpeWtmLzFXZktUOFlKL2FUakt1NHJQUVJDMHc3VmsrUT09fA&cppv=2

Request Chain 126

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=0jowKHxRcnhJZ0VnZE0wTmt0cXZlTmc3S2xVTHMrZTZweXZXOWNPUFRLd09MaDFqTWRxQ2ZXWEwxM1RlM2RLT3F2OUp0RFNML0dWNS9RV3dNcVRGRmF5amc3dWhlcCt4ejdnTmFMcHUxdXBaTk53R3JkYlp2UnpNa3lCQjV1NHI3M01CaVFUL3A4ZkhmYU9ZWE5XM0ZlcVk2UzdJRE9lZy9Xam5ick9BVXVnNDhNVjdGY3drRVlxVW5LaEFkelpRWTUrdWtacVhwMk1IUWhEd0hrTHBBMTVDTGNZelVyeXl6SHhTNlB2V1NlRnJGcHpnS1JPK0JQVGZHaDIySFBXNmZ5NzN4UmV1amRFTUdPaHVaUDNhTjRlN0dXQT09fA&cppv=2

Request Chain 136

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8397622f-2d0c-4100-b631-7591b3541fdc

Request Chain 137

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=MlFK3zYHSNspBk-NNldVgGdQSYgpBU_dNVbq53Md

Request Chain 138

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2565127262783240360

Request Chain 141

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDripIMPXL8l1ypmxw0mTLo&google_cver=1

Request Chain 142

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fd9b622f-2d0c-4600-b687-70829ac73e66

Request Chain 143

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=R47sGUPY7h1c2elMEt_zG0OM7kZcjLxIQ4-26yUE

Request Chain 144

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2565127262783240360

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDZYoOo-ShN-UFXMnVYgglQ&google_cver=1

161 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
report.if.ua/
Redirect Chain

http://report.if.ua/
https://report.if.ua/

183 KB
24 KB

467ms
232ms

Document
text/html

212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 3266da3d72b79ef6a55e58a4aac849828f12c66da4900121bc1f1214d9189284

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

server: nginx
date: Mon, 14 Mar 2022 11:54:46 GMT
content-type: text/html; charset=UTF-8
x-cache-handler: cache-enabler-engine
content-encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 14 Mar 2022 11:54:46 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://report.if.ua/

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 466ms
75ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54db450f833ca2db72917288a580c1e9e2ecf5b5011ce00d7747c3d1812154bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.if.ua/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53770
x-xss-protection: 0
server: cafe
etag: 14745827626345834196
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Mar 2022 11:54:46 GMT

GET
H2 200 style.min.css
report.if.ua/wp-includes/css/dist/block-library/ 57 KB
9 KB 133ms
128ms Stylesheet
text/css 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-includes/css/dist/block-library/style.min.css?ver=5.7.6
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 14:33:11 GMT
server: nginx
etag: W/"60cf51a7-e33b"
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 13 KB
1 KB 454ms
65ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

50d2c7731785008a791223e2b01506e9856b7af924364f8ec47d3155aaca8621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:54:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 14 Mar 2022 11:54:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Mar 2022 11:54:46 GMT

GET
H2 200 style.css
report.if.ua/wp-content/themes/reporternew/ 165 KB
28 KB 216ms
213ms Stylesheet
text/css 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/themes/reporternew/style.css?ver=4.0.0
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: cef35be34c1d8485665ae9b74e8b4fc6d9323e6f1ca663f049c3a82ae17f4ae8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 11:09:40 GMT
server: nginx
etag: W/"61f914f4-29208"
content-type: text/css

GET
H2 200 lightbox.css
report.if.ua/wp-content/themes/reporternew/css/ 8 KB
2 KB 217ms
215ms Stylesheet
text/css 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/themes/reporternew/css/lightbox.css?ver=4.0.0
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 652876c64c94fddfefb323a90fb2de3f80c5a1eccf34ac91a3c6b9b7ad366e2b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Sun, 12 Nov 2017 09:46:16 GMT
server: nginx
etag: W/"5a081868-215d"
content-type: text/css

GET
H2 200 font-awesome.min.css
report.if.ua/wp-content/themes/reporternew/css/fontawesome/css/ 28 KB
7 KB 220ms
217ms Stylesheet
text/css 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/themes/reporternew/css/fontawesome/css/font-awesome.min.css?ver=4.0.0
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Sun, 12 Nov 2017 09:46:16 GMT
server: nginx
etag: W/"5a081868-7187"
content-type: text/css

GET
H2 200 skin-magazine.css
report.if.ua/wp-content/themes/reporternew/css/ 19 KB
4 KB 304ms
302ms Stylesheet
text/css 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/themes/reporternew/css/skin-magazine.css?ver=4.0.0
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: b8d200e47b2a523074bafb75ce06eb041f79a797589ffd9ae9bb88d4343c159f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Sun, 12 Nov 2017 09:46:16 GMT
server: nginx
etag: W/"5a081868-4a10"
content-type: text/css

GET
H2 200 js_composer.min.css
report.if.ua/wp-content/plugins/js_composer/assets/css/ 449 KB
45 KB 304ms
302ms Stylesheet
text/css 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/plugins/js_composer/assets/css/js_composer.min.css?ver=5.1.1
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 014bdcd85899b1e128d977bbb8f899d6c9623e68cfb63b3a637d39f61ff01ff5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Sun, 12 Nov 2017 09:50:54 GMT
server: nginx
etag: W/"5a08197e-70240"
content-type: text/css

GET
H2 200 jquery.min.js Show response
report.if.ua/wp-includes/js/jquery/ 87 KB
31 KB 305ms
303ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 14:33:11 GMT
server: nginx
etag: W/"60cf51a7-15d98"
content-type: application/javascript

GET
H2 200 jquery-migrate.min.js Show response
report.if.ua/wp-includes/js/jquery/ 11 KB
4 KB 305ms
303ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Sun, 20 Jun 2021 14:33:11 GMT
server: nginx
etag: W/"60cf51a7-2bd8"
content-type: application/javascript

GET
H2 200 4d4a3073-7c40-48e1-bbb9-4487f0b77435.min.js Show response
cmp.optad360.io/items/ 497 B
832 B 236ms
79ms Script
application/javascript 2600:9000:2260:8a00:6:b871:4f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.optad360.io/items/4d4a3073-7c40-48e1-bbb9-4487f0b77435.min.js
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2260:8a00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 01:52:32 GMT
via: 1.1 8a18c9375ff4553eb348eedbe6d74372.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 08:54:56 GMT
server: AmazonS3
age: 36665
etag: "7acdc116a0830ba0aef5e087010246ba"
x-cache: Error from cloudfront
content-type: application/javascript
x-amz-cf-pop: TXL50-P3
accept-ranges: bytes
content-length: 497
x-amz-cf-id: EfJa4IvR5TxzBh3852KN65Bte1nkZsI6lX4k9gMULJsico_4fAN6lg==

GET
H/1.1 200
OK js_banner Show response
ep.umobile.pl/ 5 KB
2 KB 447ms
60ms Script
application/javascript 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22load%22}
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 225df693f07136dcbd8633853d2582c869a6141ca33c0306449763549b54f6f2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:46 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 1385
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
53 KB 526ms
139ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1934008481619997

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a921a5c0caa9084bd880e329cd4c2376a7447b09c3356475f6003490fcf606a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://report.if.ua/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54638
x-xss-protection: 0
server: cafe
etag: 11596242067497168744
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 14 Mar 2022 11:54:46 GMT

GET
H2 200 plugin.min.js Show response
get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/ 371 KB
88 KB 220ms
63ms Script
application/javascript 2600:9000:224a:b000:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/plugin.min.js
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a455924192c13db118d571bd894b18a4ce83c939708219cef08a7550fcef0d21

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:51:24 GMT
content-encoding: gzip
last-modified: Tue, 16 Nov 2021 08:58:05 GMT
server: AmazonS3
age: 204
etag: W/"a1f68c1c7c64925394855df7d8e42aaa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: ZCaySvl0848nctO3VfHit6hu2LzDGMc92HcauegVjoUOe7zbOfw0ow==

GET
H/1.1 200
OK js_banner Show response
ep.umobile.pl/ 5 KB
2 KB 448ms
61ms Script
application/javascript 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22load%22}
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: b96a08e31197f3a029c4008bfeb3d03fc34d091741cc3f0f955a0d14e7cc7b32

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:46 GMT
Content-Encoding: gzip
Server: nginx/1.18.0
Vary: Accept-Encoding
Access-Control-Allow-Methods: *
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Length: 1385
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 jquery.mfp-lightbox.js Show response
report.if.ua/wp-content/themes/reporternew/js/ 20 KB
7 KB 304ms
303ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/themes/reporternew/js/jquery.mfp-lightbox.js?ver=5.7.6
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Sun, 12 Nov 2017 09:46:17 GMT
server: nginx
etag: W/"5a081869-4ef8"
content-type: application/javascript

GET
H2 200 bunyad-theme.js Show response
report.if.ua/wp-content/themes/reporternew/js/ 59 KB
17 KB 304ms
303ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/themes/reporternew/js/bunyad-theme.js?ver=4.0.0
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: f93c38c170bba206d1ef0fb47cc669b27115cf8ebff6887f3a1fb2e1a1f178cb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Tue, 27 Feb 2018 12:30:33 GMT
server: nginx
etag: W/"5a954f69-ed61"
content-type: application/javascript

GET
H2 200 jquery.slick.js Show response
report.if.ua/wp-content/themes/reporternew/js/ 40 KB
10 KB 305ms
303ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/themes/reporternew/js/jquery.slick.js?ver=4.0.0
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 2d199fc8a0cad1784b67a93991b7f1e9e97eaadaf3cdf334eca5a98fb43eb0ee

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Sun, 12 Nov 2017 09:46:17 GMT
server: nginx
etag: W/"5a081869-9e0d"
content-type: application/javascript

GET
H2 200 jarallax.js Show response
report.if.ua/wp-content/themes/reporternew/js/ 9 KB
4 KB 305ms
303ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/themes/reporternew/js/jarallax.js?ver=4.0.0
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 600ae5446df898d0dd1d7ec0c67f103e3c4f19ef430f5978b9c7dd8536354c55

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Sun, 12 Nov 2017 09:46:17 GMT
server: nginx
etag: W/"5a081869-2463"
content-type: application/javascript

GET
H2 200 jquery.sticky-sidebar.js Show response
report.if.ua/wp-content/themes/reporternew/js/ 6 KB
2 KB 305ms
304ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/themes/reporternew/js/jquery.sticky-sidebar.js?ver=4.0.0
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 29e23646a639746b95623aef060574c65b55f7531cf6502b7fc0d6a245568476

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Sun, 12 Nov 2017 09:46:17 GMT
server: nginx
etag: W/"5a081869-1611"
content-type: application/javascript

GET
H2 200 smush-lazy-load.min.js Show response
report.if.ua/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 305ms
304ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.9.5
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Fri, 11 Mar 2022 13:12:29 GMT
server: nginx
etag: W/"622b4abd-1ef2"
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
report.if.ua/wp-includes/js/ 1 KB
892 B 305ms
304ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-includes/js/wp-embed.min.js?ver=5.7.6
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 17:00:02 GMT
server: nginx
etag: W/"60787112-592"
content-type: application/javascript

GET
H2 200 js_composer_front.min.js Show response
report.if.ua/wp-content/plugins/js_composer/assets/js/dist/ 18 KB
6 KB 305ms
304ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=5.1.1
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 8d9a46db80c58e316c5594342e8e62bb792d4706ae90d02e4af8a03218335117

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Sun, 12 Nov 2017 09:50:55 GMT
server: nginx
etag: W/"5a08197f-49dc"
content-type: application/javascript

GET
H2 200 147359.js Show response
report.if.ua/wp-content/uploads/custom-css-js/ 2 KB
1 KB 305ms
304ms Script
application/javascript 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/uploads/custom-css-js/147359.js?v=4279
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: e8d60d69b3b0d0065a967c4115a210b6d0a8f08a80f6c73099e097fde88e70ff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:46 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 11:51:37 GMT
server: nginx
etag: W/"61f91ec9-8f2"
content-type: application/javascript

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 116 KB
41 KB 195ms
76ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W8FPFJ7

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

534f4defcecb50315bef275e7425246e77f05c5dcae1b883e974226071c45767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41854
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Mar 2022 11:54:47 GMT

GET
H/1.1 200
OK js_banner Show response
ep.umobile.pl/ Frame 2B88 385 B
733 B 77ms
77ms Document
text/html 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22gj1dg7bcvg3m2kptdejg5uubpdj1647258886990%22,%22ac%22:1647258887068}
Requested by: Host: ep.umobile.pl
URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22load%22}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: f0a93d1f30a4ca726d33a477196deed7194ae38e59a043c41d888a749f30a376

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Server: nginx/1.18.0
Date: Mon, 14 Mar 2022 11:54:47 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 291
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 292 KB
105 KB 150ms
87ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua&bust=31065566

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd4a69431e6df7eb88d93b93ccde90125856df08b104de505e56260a5d448ebc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107538
x-xss-protection: 0
server: cafe
etag: 17005975855770802595
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 14 Mar 2022 11:54:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/ Frame 6F18 10 KB
5 KB 182ms
62ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Sun, 13 Mar 2022 23:41:54 GMT
expires: Sun, 27 Mar 2022 23:41:54 GMT
cache-control: public, max-age=1209600
age: 43973
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu0SC55K5gw.woff2
fonts.gstatic.com/s/opensans/v28/ 20 KB
21 KB 293ms
172ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu0SC55K5gw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a2c8407b011bf0af8123c2160fc5b91ecf962e4039e82babbaaa630549c80f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:46:11 GMT
x-content-type-options: nosniff
age: 479316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20876
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:01:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 22:46:11 GMT

GET
H2 200 fontawesome-webfont.woff2
report.if.ua/wp-content/themes/reporternew/css/fontawesome/fonts/ 70 KB
70 KB 175ms
173ms Font
application/octet-stream 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to

Full URL: https://report.if.ua/wp-content/themes/reporternew/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: report.if.ua
URL: https://report.if.ua/wp-content/themes/reporternew/css/fontawesome/css/font-awesome.min.css?ver=4.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://report.if.ua/wp-content/themes/reporternew/css/fontawesome/css/font-awesome.min.css?ver=4.0.0
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
last-modified: Sun, 12 Nov 2017 09:46:16 GMT
server: nginx
accept-ranges: bytes
etag: "5a081868-118d8"
content-length: 71896
content-type: application/octet-stream

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v28/ 39 KB
39 KB 174ms
54ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a83c3f260b750dfc47e4e5024eda4b4f80be0c0a3e0ae5111a3b0a799df64448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:44:17 GMT
x-content-type-options: nosniff
age: 479430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39556
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:07:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 22:44:17 GMT

GET
H2 200 player.png
report.if.ua/wp-content/uploads/2017/12/ 4 KB
4 KB 248ms
248ms Image
image/png 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2017/12/player.png
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 7022ca758ad0b7f4bd8269777b4a697ef25e950e23403b0da91a6857dd1484bc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
last-modified: Tue, 12 Dec 2017 14:50:58 GMT
server: nginx
accept-ranges: bytes
etag: "5a2fecd2-10da"
content-length: 4314
content-type: image/png

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v22/ 14 KB
14 KB 207ms
120ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:31:45 GMT
x-content-type-options: nosniff
age: 404582
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13976
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:14:07 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 19:31:45 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v22/ 14 KB
14 KB 221ms
136ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v22/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://report.if.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:31:22 GMT
x-content-type-options: nosniff
age: 404605
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14148
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 19:21:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 19:31:22 GMT

GET
H/1.1 200
OK js_banner Show response
ep.umobile.pl/ Frame 2D06 385 B
733 B 74ms
72ms Document
text/html 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22aniuck3t788pktpto8084ul7i9l1647258886991%22,%22ac%22:1647258887284}
Requested by: Host: ep.umobile.pl
URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22load%22}
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: 3820de5e4c80c34b3a5ef070ef024a2b1bb2a96d43356ae200671991915bc3bb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Server: nginx/1.18.0
Date: Mon, 14 Mar 2022 11:54:47 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 291
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 133 B
424 B 528ms
86ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n750001&w0&y0&d24&r1600
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: 4474c49ca6d9fafcb6b89df05b82849ec3f670cb8b2ed5fff9bd990de86f5faa

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:47 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 184ms
56ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8FPFJ7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1194
date: Mon, 14 Mar 2022 11:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 14 Mar 2022 13:34:53 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
645 B 195ms
74ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=report.if.ua&callback=_gfp_s_&client=ca-pub-4857462492105343

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua&bust=31065566

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

4cc7e3e91af50ab9b927a89ac68cd9017281ba1036f250a7fac0c196199dd273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 188ms
64ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=report.if.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Mar 2022 11:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 189ms
65ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=report.if.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Mar 2022 11:54:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 560F 603 B
67 B 171ms
102ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1647258887&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647258887162&bpp=4&bdt=615&idt=295&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6930506128891&frm=20&pv=2&ga_vid=539529737.1647258887&ga_sid=1647258887&ga_hid=2008721270&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531398%2C44750773%2C44758395%2C31065566&oid=2&pvsid=1057385254429799&pem=657&tmod=131701823&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=324

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 14 Mar 2022 11:54:47 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 prebid5.14.0.js Show response
get.optad360.io/sf/ 460 KB
142 KB 76ms
75ms Script
application/javascript 2600:9000:224a:b000:11:a4de:2580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.optad360.io/sf/prebid5.14.0.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/plugin.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:b000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 12 Feb 2022 07:18:43 GMT
content-encoding: gzip
last-modified: Thu, 23 Sep 2021 07:59:54 GMT
server: AmazonS3
age: 2608565
etag: W/"6dd0a13bde35d2daa452bba998871016"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
cache-control: public, max-age=360000000
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: t8JRjOnRmC4xdhKPLavgMumSYpncWFiMhNrXiIZPlU-MHc7cdzpkoQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 141ms
79ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2008721270&t=pageview&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=35613356&gjid=2104825066&cid=539529737.1647258887&tid=UA-7446216-8&_gid=115406432.1647258888&_r=1&gtm=2wg370W8FPFJ7&z=1564864705

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 118ms
65ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2008721270&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sidebar%20banners&ea=Sidebar%201%20banner%20view&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=539529737.1647258887&tid=UA-7446216-8&_gid=115406432.1647258888&gtm=2wg370W8FPFJ7&z=511880925

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 03:49:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29121
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
1 KB 161ms
63ms XHR
application/json 2606:4700::6810:5714
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220314

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c82125c41790c3404179fb57ca1e09dcf4a77f48585c8fe01d458cd1729224f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 32032
x-jsd-version: 1.0.1280
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19180-FRA, cache-lcy19244-LCY
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"664-U/Q5WsWNbPLkmjzwIIADdUVbJu8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ebcd1111d1b7505-LHR

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 174ms
60ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7446216-8&cid=539529737.1647258887&jid=35613356&gjid=2104825066&_gid=115406432.1647258888&_u=YAhAAEAAAAAAAC~&z=1414723414

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Mar 2022 11:54:47 GMT
content-type: text/plain
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b59_top.gif
i.bigmir.net/cnt/samples/diagonal/ 65 B
237 B 274ms
90ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_top.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-41"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 65
expires: Thu, 17 Mar 2022 11:54:48 GMT

GET
H2 200 b59_center.gif
i.bigmir.net/cnt/samples/diagonal/ 78 B
249 B 273ms
92ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_center.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-4e"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 78
expires: Thu, 17 Mar 2022 11:54:48 GMT

GET
H2 200 b59_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 66 B
237 B 268ms
93ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/diagonal/b59_bottom.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
last-modified: Tue, 23 Jan 2007 13:14:28 GMT
server: nginx
etag: "45b60a34-42"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 66
expires: Thu, 17 Mar 2022 11:54:48 GMT

GET
H2 200 logo_r_eu-1.svg
report.if.ua/wp-content/uploads/2017/12/ 9 KB
9 KB 174ms
171ms Image
image/svg+xml 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2017/12/logo_r_eu-1.svg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 1159ba1e605fff6cdf2a2d9b390446ca25df82d99b25cf1c4885ba173991590d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
last-modified: Sat, 09 Dec 2017 15:35:26 GMT
server: nginx
accept-ranges: bytes
etag: "5a2c02be-2369"
content-length: 9065
content-type: image/svg+xml

GET
H2 200 1-2-370x247.jpg
report.if.ua/wp-content/uploads/2022/03/ 30 KB
31 KB 261ms
251ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/1-2-370x247.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 166b1ec7fb7c24aa3e5606547b580475b9540f1a91dced5eb59e4653b0663191

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
last-modified: Sun, 13 Mar 2022 17:02:22 GMT
server: nginx
accept-ranges: bytes
etag: "622e239e-798e"
content-length: 31118
content-type: image/jpeg

GET
H2 200 merkushyna-110x73.jpeg
report.if.ua/wp-content/uploads/2022/03/ 5 KB
5 KB 265ms
255ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/merkushyna-110x73.jpeg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 1c3bc184d70e061d00c8f3a554d6e1093f49990ce3398c32011466a45ee0bc6f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
last-modified: Sun, 13 Mar 2022 16:22:36 GMT
server: nginx
accept-ranges: bytes
etag: "622e1a4c-12e5"
content-length: 4837
content-type: image/jpeg

GET
H2 200 275669268_1565147903858200_4123475073197715830_n-110x73.jpg
report.if.ua/wp-content/uploads/2022/03/ 6 KB
6 KB 353ms
344ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/275669268_1565147903858200_4123475073197715830_n-110x73.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 6d189705c1a7d5f42ccb43f949279991b43cee9cef8de190b277b05e7153f42c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
last-modified: Sun, 13 Mar 2022 10:53:11 GMT
server: nginx
accept-ranges: bytes
etag: "622dcd17-1606"
content-length: 5638
content-type: image/jpeg

GET
H2 200 shevchuk-110x73.jpg
report.if.ua/wp-content/uploads/2022/03/ 5 KB
5 KB 355ms
346ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/shevchuk-110x73.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: e5b49058e04624377b1322e2f1f62f3528f6e2ea9ec0c9f8b0f40b40a66c1518

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
last-modified: Sun, 13 Mar 2022 13:15:40 GMT
server: nginx
accept-ranges: bytes
etag: "622dee7c-152a"
content-length: 5418
content-type: image/jpeg

GET
H2 200 275614252_2239575316195538_1063532274279109518_n-110x73.jpg
report.if.ua/wp-content/uploads/2022/03/ 6 KB
6 KB 347ms
346ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/275614252_2239575316195538_1063532274279109518_n-110x73.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 650fbde8f71df44e8c94efe34fff492777672193e37628b856284c50bf5d339f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
last-modified: Sun, 13 Mar 2022 11:19:42 GMT
server: nginx
accept-ranges: bytes
etag: "622dd34e-17ba"
content-length: 6074
content-type: image/jpeg

GET
H2 200 120047299_332843587798885_2443198252237337513_n.gif
report.if.ua/wp-content/uploads/2020/09/ 163 KB
164 KB 347ms
347ms Image
image/gif 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2020/09/120047299_332843587798885_2443198252237337513_n.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: cf1bf5bcae950b994962c4a3ba91a3746f1e08a651440e2e4d07c858ce5591a8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
last-modified: Wed, 23 Sep 2020 05:46:05 GMT
server: nginx
accept-ranges: bytes
etag: "5f6ae11d-28d3e"
content-length: 167230
content-type: image/gif

GET
H2 200 vidpustka-koronavirus_03-370x247.jpg
report.if.ua/wp-content/uploads/2020/07/ 24 KB
24 KB 438ms
438ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2020/07/vidpustka-koronavirus_03-370x247.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 5dda7c3c774e0b3e46652d3d2b4ae0a3917f0d80a78b43ce35b2d678a8c87286

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
last-modified: Sun, 26 Jul 2020 13:14:24 GMT
server: nginx
accept-ranges: bytes
etag: "5f1d81b0-60f1"
content-length: 24817
content-type: image/jpeg

GET
H2 200 hemodializ.jpg
report.if.ua/wp-content/uploads/2019/08/ 60 KB
60 KB 439ms
438ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2019/08/hemodializ.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 94cbe91ea2209db4727e5eff2685863f14d003849e966bbd8fc420460716ad7c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
last-modified: Fri, 16 Aug 2019 11:55:54 GMT
server: nginx
accept-ranges: bytes
etag: "5d5699ca-ef94"
content-length: 61332
content-type: image/jpeg

GET
H/1.1 200
OK video_player Show response
ep.umobile.pl/ Frame 2FAC 0
392 B 60ms
60ms Document
application/javascript 116.202.115.24
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ep.umobile.pl/video_player?data[act]=getextplayer&data[id]=300
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.24.115.202.116.clients.your-server.de
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Server: nginx/1.18.0
Date: Mon, 14 Mar 2022 11:54:47 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: *

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 66ms
65ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2008721270&t=pageview&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAEABAAAAAC~&jid=1703062943&gjid=1067631217&cid=539529737.1647258887&tid=UA-7446216-8&_gid=115406432.1647258888&_r=1&_slc=1&z=1538424947

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gazzbut-02122021.jpg
report.if.ua/wp-content/uploads/2021/12/ 32 KB
32 KB 403ms
403ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2021/12/gazzbut-02122021.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: af31788831e6fba62fd7280d994fb8bec5a115c95bdb9dcee4001e7dc6b1786e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
last-modified: Thu, 02 Dec 2021 10:31:55 GMT
server: nginx
accept-ranges: bytes
etag: "61a8a09b-7ed8"
content-length: 32472
content-type: image/jpeg

GET
H2 200 spilka-zabudivnykiv_580x96.gif
report.if.ua/wp-content/uploads/2021/11/ 275 KB
275 KB 403ms
403ms Image
image/gif 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2021/11/spilka-zabudivnykiv_580x96.gif
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 133974970cd7dafaa652f6cff32bc1a0dafd5ccd58e428ff06edd3c74e31833e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
last-modified: Mon, 08 Nov 2021 16:45:18 GMT
server: nginx
accept-ranges: bytes
etag: "6189541e-44b9e"
content-length: 281502
content-type: image/gif

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 270ms
84ms Preflight 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://report.if.ua
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 14 Mar 2022 11:54:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://report.if.ua
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 247ms
84ms Preflight 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://report.if.ua
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx
date: Mon, 14 Mar 2022 11:54:48 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://report.if.ua
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1
pragma: no-cache
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 localstore.js Show response
script.4dex.io/ 483 B
946 B 160ms
60ms Script
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 439682
x-amz-request-id: tx87c7b79be4fe46daa141d-0062287786
x-amz-id-2: tx87c7b79be4fe46daa141d-0062287786
last-modified: Wed, 09 Mar 2022 09:45:16 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RO9RK7drVtMR%2BhPH03bvTwSHCLrB%2F%2BA9uHUpDpbNNrpN2qfXrLvAKG9sMJKrTC7p9bfcCfRXvaQpk%2BwlktLo7CHdF0NB0CvyFjLok3W1WFAp38lcvMQxOVUsGpjox1ZTx9Q6p%2FsUJlYm7WZU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1646819115209325
cf-ray: 6ebcd112a94e7453-LHR

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
345 B 429ms
132ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Mon, 14 Mar 2022 11:54:47 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 1
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 138 B
826 B 168ms
55ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

edb706c87b1b019cb45cc26e523cb4ff87b88e45be8074b20c8eb8012688920d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:48 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 53abb045-3c70-4f10-a64e-a30fb4c5c109
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 138
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 openrtb Show response
adx.adform.net/adx/ 2 KB
2 KB 300ms
126ms XHR
application/json 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

2e8e28bad6fc82ddae900413dd285c50e4678fee40bd2c30877def61dd6c3b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:48 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://report.if.ua
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 183ms
50ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Mon, 14 Mar 2022 11:54:48 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
38 B 244ms
125ms XHR
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6ebcd112ef95f423-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
213 B 218ms
64ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=32071659127

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://report.if.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H2 200 arj Show response
optad360-d.openx.net/w/1.0/ 172 B
359 B 208ms
75ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Freport.if.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=dccd5993-e33e-477d-973f-d681af7675ae&nocache=1647258888007&gdpr=0&schain=1.0%2C1!optad360.com%2C4214681%2C1%2C%2C%2C&aus=728x90%2C750x100%2C970x90&divids=oa-360-1647258887917_ilv5y588s-undefined&aucs=&auid=543540636
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 006b28a551601838ed568857c3be37895bb80252dd0ad14c9f446d2f77f8c277

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:48 GMT
content-encoding: gzip
server: OXGW/17.2.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://report.if.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
172 B 259ms
82ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Mon, 14 Mar 2022 11:54:48 GMT
access-control-allow-credentials: true
server: nginx
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary: Origin
accept-ch-lifetime: 604800

GET
H2 200 arj Show response
optad360-d.openx.net/w/1.0/ 171 B
587 B 202ms
74ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://optad360-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Freport.if.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=eb46f4cf-7767-42c1-aedb-bf712c79d1d1&nocache=1647258888013&gdpr=0&schain=1.0%2C1!optad360.com%2C4214681%2C1%2C%2C%2C&aus=336x280%2C360x300%2C300x250&divids=oa-360-1647258887923_gde48zfgc-0&aucs=&auid=543540636
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: d19adccdb99474feddd29650701faf76012831239527265101c8f7b99965b6dd

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:48 GMT
content-encoding: gzip
server: OXGW/17.2.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://report.if.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 / Show response
ssp.wp.pl/bidder/ 0
17 B 253ms
82ms XHR
text/plain 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Mon, 14 Mar 2022 11:54:48 GMT
access-control-allow-credentials: true
server: nginx
accept-ch: device-memory, dpr, width, viewport-width, rtt, downlink, ect
vary: Origin
accept-ch-lifetime: 604800

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
174 B 173ms
54ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Mon, 14 Mar 2022 11:54:48 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
205 B 412ms
140ms XHR
text/plain 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://report.if.ua
date: Mon, 14 Mar 2022 11:54:47 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 10
vary: origin, Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
213 B 201ms
64ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=82957853329

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Mar 2022 11:54:47 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://report.if.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 241ms
129ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

3dceb4c55459a22354cc73611cf1f4c8730f9529aa5eeea3e672b11a679406d5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:48 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 003736af-47e8-4b2f-9f25-4d4fe0138766
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
406 B 320ms
146ms XHR
text/plain 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:48 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 v2 Show response
i.connectad.io/api/ 0
418 B 216ms
117ms XHR
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 6ebcd112ef97f423-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 121ms
57ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7446216-8&cid=539529737.1647258887&jid=1703062943&gjid=1067631217&_gid=115406432.1647258888&_u=aAjAAEABAAAAAC~&z=761721070

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Mar 2022 11:54:48 GMT
content-type: text/plain
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ 72 KB
23 KB 157ms
60ms Fetch
application/javascript 2606:4700:20::681a:8a9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84f884ae3edcb8c05f55a2f69a0c8c5484885584acb5c9978572b9f51ad0277e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 438200
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txee49546c76874381a8df3-0062287ad6
x-amz-id-2: txee49546c76874381a8df3-0062287ad6
last-modified: Wed, 09 Mar 2022 09:45:14 GMT
server: cloudflare
etag: W/"93ca984a268a88c3342d6faa613fdb18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2sFrNkTZxNVFPKnd7f3ZPV3cGvCcTQtRE1Uukp4ahsCc0mPcP6RsHvlcmRp2HcNwxZzq6IDVdoOuPF7iPYDKiLZEgsG0d0zpEdw9rQCvDZQHl8bEkFOeqj73r9mWNH8BgGARe65Op8WyU6L2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1646819103449942
cf-ray: 6ebcd113bc657723-LHR
access-control-allow-headers: Authorization

GET
H2 200 shevchuk-554x466.jpg
report.if.ua/wp-content/uploads/2022/03/ 94 KB
94 KB 179ms
178ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/shevchuk-554x466.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 4e050b32d0af666381ce5db8dc011d1febc779a54f34ec795332dd66fcd268ba

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
last-modified: Sun, 13 Mar 2022 13:15:34 GMT
server: nginx
accept-ranges: bytes
etag: "622dee76-178a9"
content-length: 96425
content-type: image/jpeg

GET
H2 200 nova-enerhija-306x466.jpg
report.if.ua/wp-content/uploads/2022/03/ 41 KB
42 KB 179ms
178ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/nova-enerhija-306x466.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 6723e1dfe0979214b45a8371a762cf4722b81aba10d778940a9d8dc12d73e95a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
last-modified: Fri, 11 Mar 2022 14:46:14 GMT
server: nginx
accept-ranges: bytes
etag: "622b60b6-a5d6"
content-length: 42454
content-type: image/jpeg

GET
H2 200 pereselenci-306x466.jpg
report.if.ua/wp-content/uploads/2022/03/ 53 KB
53 KB 179ms
178ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/pereselenci-306x466.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 510a820d26ca2fabc53c2b301e8fe18adefe2c5f7d908037fed54fd94395ea9e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
last-modified: Fri, 11 Mar 2022 16:15:30 GMT
server: nginx
accept-ranges: bytes
etag: "622b75a2-d394"
content-length: 54164
content-type: image/jpeg

GET
H2 200 zelenskyj-370x247.jpg
report.if.ua/wp-content/uploads/2021/08/ 25 KB
25 KB 101ms
99ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2021/08/zelenskyj-370x247.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: a6e4a3d9a968cab87b2e57494886f89c986d23851587af1c5541bc14a49af772

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
last-modified: Sun, 22 Aug 2021 15:01:06 GMT
server: nginx
accept-ranges: bytes
etag: "612266b2-62ae"
content-length: 25262
content-type: image/jpeg

GET
H2 200 60003335_842416096110354_211597374928191488_n.jpg
report.if.ua/wp-content/uploads/2019/05/ 45 KB
46 KB 101ms
99ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2019/05/60003335_842416096110354_211597374928191488_n.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: d0f7a26d388b4186c9b4f3b328cad51913a59278a64ba3f6bcf4f049bebd5893

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
last-modified: Mon, 13 May 2019 13:15:53 GMT
server: nginx
accept-ranges: bytes
etag: "5cd96e09-b5bf"
content-length: 46527
content-type: image/jpeg

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 56ms
56ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2008721270&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Promo%20banners&ea=Top%20right%20banner%20view&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=539529737.1647258887&tid=UA-7446216-8&_gid=115406432.1647258888&gtm=2wg370W8FPFJ7&z=1014292632

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 03:49:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29122
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 56ms
55ms Image
image/gif 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=2008721270&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Promo%20banners&ea=Top%20left%20banner%20view&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=539529737.1647258887&tid=UA-7446216-8&_gid=115406432.1647258888&gtm=2wg370W8FPFJ7&z=1248822349

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 03:49:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 29122
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame 2C49 12 KB
7 KB 103ms
88ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=53756194;rtbwp=nMO0Lc2wt6Qyjor_-WYnS6zboUFQG3yp0;rtbdata=8Is0-W0xFB--9XrbSZe_KCWHfOF0vtQGhHJMnIKNv1qCxNBY5YwpexaX0-yMtyEfTF4eZ534YpbS3C-uEavakTri5NSuZ6yZIlIZhzKfnmRXtgSGcvPC1Yc9CtlVEOGZe1bKYEf9kq57h_Cko5AVCgpWVCgl6K490jD3DAFjK8peT5CqUm1bRIgAw5-Smk_eapE5HxCbGTVgDIZbHfMXRgWBtZS71n-GFfvyievnAIs0aMwml4Zv7KxJ0zUTRxAvr2pfUSderluJpWn1nzMfWLftOFdXYAZNYmkHnNYteKS6p9JBGKlvdPYr3BQtoleq9mPTohQ4C91-lcx1MuyswtKb8zKBUnyDOdtrzbQfEpPmeYF_-u5tFW3RZAQ41yHqpHVwx6-5jeQNyuM0F-PptBq8Dq2SeFx1xv_YO6vpSmE1;csid=16383;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;adxvars=sbVl1W31inbuPWSLnwizxQs2D4tcvJaSH8zi4pTkZuZX97Z8yTvs7dVGSFg6c6-VpFMQyYtIGGPYH9A8QFF9ySu7YVd75hiv1R8_HmTGphZDQUoDTq89xqxXvE07bkOr4JcQ1wRwrX5WE3jH6VJWefiWoj9soKcx0oM3gJXv7a_0rEjcKdyE3b7NOOL3CKxmloRnI_sd8teiuX5MFEIsALAcbPoHp0nX0;pui=2ShljixBLrber1pltXZUmg2;

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

bcdb9fd8f87515600a4b25720e88373c54edaab03a25d797817ed2c34365f1c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:48 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 6292
expires: -1

GET
H2 200 adx.js Show response
s1.adform.net/banners/scripts/ Frame 2C49 58 KB
24 KB 477ms
164ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/adx.js
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
content-encoding: gzip
last-modified: Wed, 26 Jan 2022 11:59:05 GMT
server: nginx
etag: W/"61f13789-e95e"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 nova-enerhija-370x247.jpg
report.if.ua/wp-content/uploads/2022/03/ 31 KB
31 KB 97ms
97ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/nova-enerhija-370x247.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: 884e6d792d12d9d575006b7681cf550f6dc2cc39c8e6a7d606a98641b657fb70

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
last-modified: Fri, 11 Mar 2022 14:46:16 GMT
server: nginx
accept-ranges: bytes
etag: "622b60b8-7b42"
content-length: 31554
content-type: image/jpeg

GET
H2 200 vijna-2-370x247.jpg
report.if.ua/wp-content/uploads/2022/03/ 41 KB
41 KB 90ms
89ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/vijna-2-370x247.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: eb5a51e539f7ea6212c5a29c719b4795e078e756361fb94f3ecea796ec3f22c4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
last-modified: Thu, 03 Mar 2022 11:04:11 GMT
server: nginx
accept-ranges: bytes
etag: "6220a0ab-a2d6"
content-length: 41686
content-type: image/jpeg

GET
H2 200 vijna-3-370x247.jpg
report.if.ua/wp-content/uploads/2022/03/ 37 KB
37 KB 105ms
105ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/03/vijna-3-370x247.jpg
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: e097148ba6d9707576f826a0d92be4e5bff0387abd82fff1d60324d5a3c64997

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:48 GMT
last-modified: Sun, 06 Mar 2022 11:34:19 GMT
server: nginx
accept-ranges: bytes
etag: "62249c3b-9314"
content-length: 37652
content-type: image/jpeg

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 218ms
70ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:49 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Mar 2022 11:54:49 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 6039 2 KB
1 KB 245ms
64ms Script
application/javascript 2a02:26f0:7100:29b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2609027&plc=53756194&sid=1358733&dvregion=0&unit=728x90
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:29b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Mon, 14 Mar 2022 11:54:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 09:42:27 GMT
Server: Microsoft-IIS/10.0
ETag: "95ce63d2d032d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 97 KB
31 KB 311ms
155ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:49 GMT
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 02:42:25 GMT
server: nginx
etag: W/"6226c291-1834f"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 15 Mar 2022 11:54:49 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
10 KB 184ms
107ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220308&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

057b0e13cfa30e2ec94314b271351f862dc73d9da5f854933c67e041c2c3832e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Mar 2022 11:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10366
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F47E 13 KB
5 KB 264ms
88ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=report.if.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1202
date: Mon, 14 Mar 2022 11:54:48 GMT
content-length: 5145
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 200
OK dvbs_src_internal101.js Show response
cdn.doubleverify.com/ Frame 6039 55 KB
18 KB 258ms
257ms Script
application/javascript 2a02:26f0:7100:29b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2609027&plc=53756194&sid=1358733&dvregion=0&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:29b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Mon, 14 Mar 2022 11:54:49 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 09:42:39 GMT
Server: Microsoft-IIS/10.0
ETag: "80d16fd9d032d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18088

GET
H2 200 adamson-new.jpg
report.if.ua/wp-content/uploads/2022/01/ 53 KB
53 KB 672ms
672ms Image
image/jpeg 212.24.97.24
INTERNETO-VIZIJA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://report.if.ua/wp-content/uploads/2022/01/adamson-new.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS: 20371.s.serverhost.name
Software: nginx /
Resource Hash: d32e7e5cf2cfc593cce176e05f9e737cac07fd325be7e16d3a5e94dfb291d9c7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:49 GMT
last-modified: Sun, 30 Jan 2022 12:41:00 GMT
server: nginx
accept-ranges: bytes
etag: "61f6875c-d522"
content-length: 54562
content-type: image/jpeg

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 227ms
79ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 14 Mar 2022 11:54:49 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame F47E
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=report.if.ua&sn=ChromeSyncframe&so=0&topUrl=report.if.ua&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=V-DT43xpZ29rR1ZHRTlvOHd1RW9Lc2s4MzdVdTRQQjhBc0w3b056Z3kzaXJ5R0p6bWV1bUJDVGxFbjUvd2hVOS83VmtUalkyZDJPNnpuOHk5ekhYWFdOekRpeGVkSW16ZXlUVDJ5ajNFTFhSUWo5bFEwcGhGRWFWNnlLaj...

425 B
630 B

201ms
50ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=V-DT43xpZ29rR1ZHRTlvOHd1RW9Lc2s4MzdVdTRQQjhBc0w3b056Z3kzaXJ5R0p6bWV1bUJDVGxFbjUvd2hVOS83VmtUalkyZDJPNnpuOHk5ekhYWFdOekRpeGVkSW16ZXlUVDJ5ajNFTFhSUWo5bFEwcGhGRWFWNnlLajdEZjJuZjJXRjhVa3VwaE9DTUgwRG9sTXFsUUl1a1ovdmE0YWE1dHV1M0ZqR2VVTU1KS0lHZCtyWGxJMXI4RVEwMnYwN2hnSDhlMWVMUFNnSHcvR1lUVGJ3SDFpcGNTVHhIOTlXTUhaQkJyNzlYZE81L1hNYWR6TGU4NVEvZXFpeWtmLzFXZktUOFlKL2FUakt1NHJQUVJDMHc3VmsrUT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

4344063cb2b9108dbf76b5382f9c0f2b8c34954432e0aae1b8cbe7f4a9d2ff6d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:49 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3183
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:49 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=V-DT43xpZ29rR1ZHRTlvOHd1RW9Lc2s4MzdVdTRQQjhBc0w3b056Z3kzaXJ5R0p6bWV1bUJDVGxFbjUvd2hVOS83VmtUalkyZDJPNnpuOHk5ekhYWFdOekRpeGVkSW16ZXlUVDJ5ajNFTFhSUWo5bFEwcGhGRWFWNnlLajdEZjJuZjJXRjhVa3VwaE9DTUgwRG9sTXFsUUl1a1ovdmE0YWE1dHV1M0ZqR2VVTU1KS0lHZCtyWGxJMXI4RVEwMnYwN2hnSDhlMWVMUFNnSHcvR1lUVGJ3SDFpcGNTVHhIOTlXTUhaQkJyNzlYZE81L1hNYWR6TGU4NVEvZXFpeWtmLzFXZktUOFlKL2FUakt1NHJQUVJDMHc3VmsrUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 2918
content-length: 541
expires: 0

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 6039 5 KB
3 KB 357ms
62ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_398444330347&jsTagObjCallback=__tagObject_callback_398444330347&num=6&ctx=11655933&cmp=2609027&plc=53756194&sid=1358733&advid=&adsrv=&unit=728x90&isdvvid=&uid=398444330347&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&brid=3&brver=86&bridua=3&dup=null&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&srcurlD=0&ssl=1&refD=2&htmlmsging=1&m1=13&noc=4&fcifrms=5&brh=2&fwc=0&fcl=263&flt=0&fec=1403&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2Tar9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2Tar9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2&dvp_exetime=9.00&callbackName=__verify_callback_398444330347
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 1fc58e30e1c0fea93b0862a538e03d8e926393b2013d10805fcc90ed2c41a835

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:49 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 0
Connection: keep-alive
Expires: 03/13/2022 11:54:49

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E30D 13 KB
5 KB 140ms
57ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 14 Mar 2022 11:41:48 GMT
expires: Tue, 14 Mar 2023 11:41:48 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 781
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DB2D 783 B
1 KB 215ms
71ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f385ee4c4a242c6f915de2773599d83836bbc5d6134ae5414362aaab69803722

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PwtYOPIBeAEY3DH+i9oSgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 14 Mar 2022 11:54:49 GMT
date: Mon, 14 Mar 2022 11:54:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-PwtYOPIBeAEY3DH+i9oSgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 204 events
bidder.criteo.com/csm/ 0
213 B 65ms
64ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 14 Mar 2022 11:54:49 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://report.if.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H3 200 wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js Show response
pagead2.googlesyndication.com/bg/ Frame E30D 35 KB
13 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wpnNdEHEE-H-HWkGYo82vcEULjX7WQfOj--jYhPbLdo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 10:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4016
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13712
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 10:47:53 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 6039 0
267 B 171ms
58ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=e5db0a2423404d86bf5b5925f6c2127c&vfdur=358&cbust=1647258890062642
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:50 GMT
Vary: Origin
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 03/13/2022 11:54:50

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 6039 0
267 B 168ms
57ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=e5db0a2423404d86bf5b5925f6c2127c&nav_pltfrm=Linux%20x86_64&dvp_ac_version=0512&dvp_acibv=&DVPF_IBV_BUNDLE=&bsigr=94592359729281&cbust=1647258890065903
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:50 GMT
Vary: Origin
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 03/13/2022 11:54:50

GET
H2 200 / Show response
track.adform.net/mobile/script/ Frame 6039 6 KB
4 KB 82ms
82ms Script
text/javascript 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/mobile/script/?CC=1&bn=53756194;rtbwp=nMO0Lc2wt6Qyjor_-WYnS6zboUFQG3yp0;rtbdata=8Is0-W0xFB--9XrbSZe_KCWHfOF0vtQGhHJMnIKNv1qCxNBY5YwpexaX0-yMtyEfTF4eZ534YpbS3C-uEavakTri5NSuZ6yZIlIZhzKfnmRXtgSGcvPC1Yc9CtlVEOGZe1bKYEf9kq57h_Cko5AVCgpWVCgl6K490jD3DAFjK8peT5CqUm1bRIgAw5-Smk_eapE5HxCbGTVgDIZbHfMXRgWBtZS71n-GFfvyievnAIs0aMwml4Zv7KxJ0zUTRxAvr2pfUSderluJpWn1nzMfWLftOFdXYAZNYmkHnNYteKS6p9JBGKlvdPYr3BQtoleq9mPTohQ4C91-lcx1MuyswtKb8zKBUnyDOdtrzbQfEpPmeYF_-u5tFW3RZAQ41yHqpHVwx6-5jeQNyuM0F-PptBq8Dq2SeFx1xv_YO6vpSmE1;csid=16383;adxvars=sbVl1W31inbuPWSLnwizxQs2D4tcvJaSH8zi4pTkZuZX97Z8yTvs7dVGSFg6c6-VpFMQyYtIGGPYH9A8QFF9ySu7YVd75hiv1R8_HmTGphZDQUoDTq89xqxXvE07bkOr4JcQ1wRwrX5WE3jH6VJWefiWoj9soKcx0oM3gJXv7a_0rEjcKdyE3b7NOOL3CKxmloRnI_sd8teiuX5MFEIsALAcbPoHp0nX0;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;srctype=2;ord=1932961802

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8fe0e9ee3dc07d6243205e2aa2978bbad4a548bddb6dc394244c9541fe911a26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:50 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 3792
expires: -1

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DB2D 0
0 107ms
107ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220308&jk=1057385254429799&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 200 adform.js Show response
s1.adform.net/banners/scripts/mobile/ Frame 6039 56 KB
22 KB 107ms
105ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/banners/scripts/mobile/adform.js?1630310283198
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 4924eac2d5b7f4cdfb042cfdf6434c8ff396da592a0aaae889eac736d3709145

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:50 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 08:20:24 GMT
server: nginx
etag: W/"612c94c8-e1dd"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

GET
H2 200 mraid.js Show response
s1.adform.net/Banners/52129733/ Frame 6039 1 KB
873 B 117ms
115ms Script
application/x-javascript 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://s1.adform.net/Banners/52129733/mraid.js

Requested by

Host: track.adform.net
URL: https://track.adform.net/mobile/script/?CC=1&bn=53756194;rtbwp=nMO0Lc2wt6Qyjor_-WYnS6zboUFQG3yp0;rtbdata=8Is0-W0xFB--9XrbSZe_KCWHfOF0vtQGhHJMnIKNv1qCxNBY5YwpexaX0-yMtyEfTF4eZ534YpbS3C-uEavakTri5NSuZ6yZIlIZhzKfnmRXtgSGcvPC1Yc9CtlVEOGZe1bKYEf9kq57h_Cko5AVCgpWVCgl6K490jD3DAFjK8peT5CqUm1bRIgAw5-Smk_eapE5HxCbGTVgDIZbHfMXRgWBtZS71n-GFfvyievnAIs0aMwml4Zv7KxJ0zUTRxAvr2pfUSderluJpWn1nzMfWLftOFdXYAZNYmkHnNYteKS6p9JBGKlvdPYr3BQtoleq9mPTohQ4C91-lcx1MuyswtKb8zKBUnyDOdtrzbQfEpPmeYF_-u5tFW3RZAQ41yHqpHVwx6-5jeQNyuM0F-PptBq8Dq2SeFx1xv_YO6vpSmE1;csid=16383;adxvars=sbVl1W31inbuPWSLnwizxQs2D4tcvJaSH8zi4pTkZuZX97Z8yTvs7dVGSFg6c6-VpFMQyYtIGGPYH9A8QFF9ySu7YVd75hiv1R8_HmTGphZDQUoDTq89xqxXvE07bkOr4JcQ1wRwrX5WE3jH6VJWefiWoj9soKcx0oM3gJXv7a_0rEjcKdyE3b7NOOL3CKxmloRnI_sd8teiuX5MFEIsALAcbPoHp0nX0;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;srctype=2;ord=1932961802

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

3b02201a3e72adecac686161504ac6b9cbf921ca452b2d738785fe856bef195e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:50 GMT
content-encoding: gzip
last-modified: Wed, 04 Dec 2019 11:16:38 GMT
server: nginx
etag: W/"5de79596-409"
x-cache-status: EXPIRED
strict-transport-security: max-age=0
content-type: application/x-javascript
cache-control: public, max-age=604800

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 6039 8 KB
4 KB 60ms
59ms Script
application/javascript 2a02:26f0:7100:29b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=11655933&cmp=2609027&sid=1358733&plc=53756194&advid=165376&app=&sup=optAd360&adsrv=178&region=40&btreg=53756194&btadserv=adform&crt=52129733&crtname=kip250_a_portfolioupdate_220310_1456x180&dvtagver=6.1.src&turl=if.ua&DVP_ADTYPE=Image&DVP_LINE=8782770&DVPX_IMPID=1986402575579953480&DVPX_GUID=2565127262783240360&DVPX_CDID=&DVPX_LAT=49.4544&DVPX_LONG=11.074&DVPX_PAGE=
Requested by: Host: track.adform.net
URL: https://track.adform.net/mobile/script/?CC=1&bn=53756194;rtbwp=nMO0Lc2wt6Qyjor_-WYnS6zboUFQG3yp0;rtbdata=8Is0-W0xFB--9XrbSZe_KCWHfOF0vtQGhHJMnIKNv1qCxNBY5YwpexaX0-yMtyEfTF4eZ534YpbS3C-uEavakTri5NSuZ6yZIlIZhzKfnmRXtgSGcvPC1Yc9CtlVEOGZe1bKYEf9kq57h_Cko5AVCgpWVCgl6K490jD3DAFjK8peT5CqUm1bRIgAw5-Smk_eapE5HxCbGTVgDIZbHfMXRgWBtZS71n-GFfvyievnAIs0aMwml4Zv7KxJ0zUTRxAvr2pfUSderluJpWn1nzMfWLftOFdXYAZNYmkHnNYteKS6p9JBGKlvdPYr3BQtoleq9mPTohQ4C91-lcx1MuyswtKb8zKBUnyDOdtrzbQfEpPmeYF_-u5tFW3RZAQ41yHqpHVwx6-5jeQNyuM0F-PptBq8Dq2SeFx1xv_YO6vpSmE1;csid=16383;adxvars=sbVl1W31inbuPWSLnwizxQs2D4tcvJaSH8zi4pTkZuZX97Z8yTvs7dVGSFg6c6-VpFMQyYtIGGPYH9A8QFF9ySu7YVd75hiv1R8_HmTGphZDQUoDTq89xqxXvE07bkOr4JcQ1wRwrX5WE3jH6VJWefiWoj9soKcx0oM3gJXv7a_0rEjcKdyE3b7NOOL3CKxmloRnI_sd8teiuX5MFEIsALAcbPoHp0nX0;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;srctype=2;ord=1932961802
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:29b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a86eea3bd77a07092b4af88e3dd54272f8118190aaba5fef3bd04dd8a5490ae4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Mon, 14 Mar 2022 11:54:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 11:57:53 GMT
Server: Microsoft-IIS/10.0
ETag: "80f6c1bde332d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3291

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E30D 0
9 B 54ms
53ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?bva6vg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 csp.php
vfd2dyn.vodafone.de/csp/ 0
0 212ms
62ms Image
text/html 18.196.61.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vfd2dyn.vodafone.de/csp/csp.php?b_id=1791&r_id=htlp&rnd=79309
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.61.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-61-57.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ 43 B
1 KB 297ms
65ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extPu=75114-adform&extCr=52129733&extPm=8782770&extLi=8782770&extProvId=319&keyword=optAd360&c_id=display_cic_213:fq0_F_kip_250_pre_&rnd=32395

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Mo, 14 Mrz 2022 11:54:50 GMT
Server: Microsoft-IIS/8.5
Date: Mon, 14 Mar 2022 11:54:50 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://report.if.ua
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1756
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 52129733.gif
s1.adform.net/Banners/52129733/ Frame 6039 32 KB
32 KB 100ms
99ms Image
image/gif 37.157.2.249
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/52129733/52129733.gif?bv=3

Requested by

Host: report.if.ua
URL: https://report.if.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.249 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1219be9e0d0b4e6dac8083bde3261294019164287c8fe5d98c082192ee3bbb79

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:50 GMT
last-modified: Thu, 10 Mar 2022 11:23:21 GMT
server: nginx
etag: "6229dfa9-7e5b"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/gif
content-length: 32347

GET
H/1.1 200
OK dv-measurements2375.js Show response
cdn.doubleverify.com/ Frame 5ACE 511 KB
95 KB 76ms
76ms Script
application/javascript 2a02:26f0:7100:29b::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2375.js
Requested by: Host: report.if.ua
URL: https://report.if.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:29b::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ddf16c461e55282bdeb11c642d461bd1e5f2e23730769c98d20cd69847792182

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Mon, 14 Mar 2022 11:54:50 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 10:08:51 GMT
Server: Microsoft-IIS/10.0
ETag: "80fb6b82d432d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96638

GET
H2 200 /
track.adform.net/mobile/csimpr/ 35 B
395 B 89ms
89ms Image
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/mobile/csimpr/?CC=1&bn=53756194;msrc=1;smid=0;idata=j4-aUtFGD_pN_rgO2i78KsHzWJ8iG5IJX_ukdAiF5suNy-7h7Mj3N4GtccB-M77-ZkLWnl_qQNqBtH1-zXtT07yOpNDfIsLF0;;rtbwp=nMO0Lc2wt6Qyjor_-WYnS6zboUFQG3yp0;rtbdata=8Is0-W0xFB--9XrbSZe_KCWHfOF0vtQGhHJMnIKNv1qCxNBY5YwpexaX0-yMtyEfTF4eZ534YpbS3C-uEavakTri5NSuZ6yZIlIZhzKfnmRXtgSGcvPC1Yc9CtlVEOGZe1bKYEf9kq57h_Cko5AVCgpWVCgl6K490jD3DAFjK8peT5CqUm1bRIgAw5-Smk_eapE5HxCbGTVgDIZbHfMXRgWBtZS71n-GFfvyievnAIs0aMwml4Zv7KxJ0zUTRxAvr2pfUSderluJpWn1nzMfWLftOFdXYAZNYmkHnNYteKS6p9JBGKlvdPYr3BQtoleq9mPTohQ4C91-lcx1MuyswtKb8zKBUnyDOdtrzbQfEpPmeYF_-u5tFW3RZAQ41yHqpHVwx6-5jeQNyuM0F-PptBq8Dq2SeFx1xv_YO6vpSmE1;csid=16383;adxvars=sbVl1W31inbuPWSLnwizxQs2D4tcvJaSH8zi4pTkZuZX97Z8yTvs7dVGSFg6c6-VpFMQyYtIGGPYH9A8QFF9ySu7YVd75hiv1R8_HmTGphZDQUoDTq89xqxXvE07bkOr4JcQ1wRwrX5WE3jH6VJWefiWoj9soKcx0oM3gJXv7a_0rEjcKdyE3b7NOOL3CKxmloRnI_sd8teiuX5MFEIsALAcbPoHp0nX0;adxcmd=QTwuOIuaMWxxWXp_eBE_5w2;rotseqno=1;srctype=5;set=en-US%7Cen-US%7C1600X1200%7C0%7C728%7C90%7C24%7C1%7C3%7C7%7C0%7C0;ord=1684515858;unloadid=1986402575579953480;mloc=https%3A%2F%2Freport.if.ua%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:50 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 2C49 35 B
486 B 80ms
79ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1647258890374

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 5ACE 6 KB
3 KB 371ms
62ms Script
text/javascript 213.254.244.110
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=256&ttfrms=44&brid=3&brver=86.0.4240.185&bridua=3&bds=1&tstype=2&eparams=DC4FC%3Dl9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2Tar9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2Tar9EEADTbpTauTauC6A%40CE%5D%3A7%5DF2&srcurlD=0&aUrlD=0&ssl=https:&sup=optAd360&dfs=1048&ddur=62&uid=1647258890594732&jsCallback=dvCallback_1647258890594454&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Linux%3B%20Android%2011)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F86.0.4240.185%20Mobile%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=1200&winw=1600&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2375&tgjsver=2375&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Freport.if.ua%2F&fwc=0&fcl=504&flt=0&fec=1404&fcifrms=7&brh=2&sdf=2&dvp_epl=170&noc=4&ctx=11655933&cmp=2609027&sid=1358733&plc=53756194&crt=52129733&btreg=53756194&adsrv=178&advid=165376&crtname=kip250_a_portfolioupdate_220310_1456x180&turl=if.ua&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&region=40&btadserv=adform&DVP_ADTYPE=Image&DVP_LINE=8782770&DVPX_IMPID=1986402575579953480&DVPX_GUID=2565127262783240360&DVPX_LAT=49.4544&DVPX_LONG=11.074&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=34543565469.40013&dvp_tukv=646663192413.7637&dvp_uuid=16471750550.02364&dvp_tuid=500293391016
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2375.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: 65330f794e92aaddc0465d0d0d78cf8d557922765876514234a806dd78a66768

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:50 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 03/13/2022 11:54:50

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220308&jk=1057385254429799&bg=!FxSlFFDNAAb7UztL-1M7ACkAdvg8Wv0XzkfcP9MWuLxETtacjdPe2652E_abHoh6KWzALj8i9PUh-QIAAADoUgAAAAFoAQcKAGkZ3iHh3LuUnFYK8WJXyCyIjpedw5h1nxigUXlBWTv5pA-sb3z-LoAndcJGHqKGcFtueXTppfH6SIJpDDqCNThTku-QBYpuJ6qM_kuUbungWXF5upz1pEXPDmSdAFsii5rpCR9QNkQgWwOZAo0v1ekc23WqEZEIHjee2DiziKpIjYRnEGSaoBfWgFB5Nt4mme51Q-y0CO4AK9E3Rj1GOgHXsvBpgRqb2JjJ76XoVE5QcLkOY6OAPJIGldFnRAht0u4NJcXjPtW_DA2e2dys0RzQ5J6NlhSbWtOwsKSC0G4jszHUl7gb72rugVVGG_BBIv50RmFfDcBL8lJyY_Y_5DoxV9QpiPte2awEjBT7_8uSHP_lbu3pN8kgp_uj8V9RnPxVlosNRvNnqWKUtI6lJqVZEd-DZgQfk2RP2A-lJPKrJwzwIRjuo0tCj5hEN9pJSWvfvmVDslUxrno6xXIH6Q3Ono74J4Etmb8J5mGi3cg8FlziwU7ixegmpVhVCvMEeSTk8mXDbIgxisiMn-SlzZOiz6-nSfF-vd1rf8h4S2hRXbeRG3obfls2wDIsUf3dquMkqNSIqXulzgYl-qzZxJuS08Uzzqjm2Pe8diOxrCKYh19zTzRcUGQ9KsPwkVgXv9xoaRTxqWhyTPD63aEJvgZx3RkkBHB3Rom5R-HsHVEciqo9MPXnfgO5OqHIjAkui6MnjWu6J5ulfxukrjHTZiVCrJl5UOZWLpaphBmWaEB0680rl2_E34V_J6zFqkHM1QhEqxtfjVYsaYNyKU9cpUnm4kszrEShsuPOlHZnA7kDOdHwXbIYXqVjsmTmFDJ3jAhSJFn0Qz9B85OzW3NpZ6IiDTzbnuOsIjlyHNVc_edzBjgaxVPCUVh62wEjgLayhYiYuvDQ3JRzIDXcZ17shELmdbs-xx9475M9RoOGSSAZlTPbB33aU72h_VI-Zxuvc02eXFMccSTtPOv0hMd4pozVWXsCEp4kIIp-eBCYPfs3yovv40ayx2FiuA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=0jowKHxRcnhJZ0VnZE0wTmt0cXZlTmc3S2xVTHMrZTZweXZXOWNPUFRLd09MaDFqTWRxQ2ZXWEwxM1RlM2RLT3F2OUp0RFNML0dWNS9RV3dNcVRGRmF5amc3dWhlcCt4ejdnTmFMcHUxdXBaTk53R3JkYlp2UnpNa3lCQj...

411 B
661 B

55ms
54ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=0jowKHxRcnhJZ0VnZE0wTmt0cXZlTmc3S2xVTHMrZTZweXZXOWNPUFRLd09MaDFqTWRxQ2ZXWEwxM1RlM2RLT3F2OUp0RFNML0dWNS9RV3dNcVRGRmF5amc3dWhlcCt4ejdnTmFMcHUxdXBaTk53R3JkYlp2UnpNa3lCQjV1NHI3M01CaVFUL3A4ZkhmYU9ZWE5XM0ZlcVk2UzdJRE9lZy9Xam5ick9BVXVnNDhNVjdGY3drRVlxVW5LaEFkelpRWTUrdWtacVhwMk1IUWhEd0hrTHBBMTVDTGNZelVyeXl6SHhTNlB2V1NlRnJGcHpnS1JPK0JQVGZHaDIySFBXNmZ5NzN4UmV1amRFTUdPaHVaUDNhTjRlN0dXQT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

45cf86b370b767c41f70bfd16e667275ec3e48fd60452be306f9fa504135f89b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:51 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2399
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:51 GMT
location: https://mug.criteo.com/sid?cpp=0jowKHxRcnhJZ0VnZE0wTmt0cXZlTmc3S2xVTHMrZTZweXZXOWNPUFRLd09MaDFqTWRxQ2ZXWEwxM1RlM2RLT3F2OUp0RFNML0dWNS9RV3dNcVRGRmF5amc3dWhlcCt4ejdnTmFMcHUxdXBaTk53R3JkYlp2UnpNa3lCQjV1NHI3M01CaVFUL3A4ZkhmYU9ZWE5XM0ZlcVk2UzdJRE9lZy9Xam5ick9BVXVnNDhNVjdGY3drRVlxVW5LaEFkelpRWTUrdWtacVhwMk1IUWhEd0hrTHBBMTVDTGNZelVyeXl6SHhTNlB2V1NlRnJGcHpnS1JPK0JQVGZHaDIySFBXNmZ5NzN4UmV1amRFTUdPaHVaUDNhTjRlN0dXQT09fA&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1540
content-length: 541
expires: 0

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 214ms
64ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://report.if.ua
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://report.if.ua
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1302
date: Mon, 14 Mar 2022 11:54:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 4EF2 52 KB
17 KB 233ms
63ms Document
text/html 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 15 Mar 2022 11:54:53 GMT
Date: Mon, 14 Mar 2022 11:54:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 6180 668 B
730 B 72ms
65ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 35db7f13f2bc95457cf40627291de95bb3622cacbdc6ec0b59748972701682ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 14 Mar 2022 11:54:51 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 938C 668 B
718 B 72ms
66ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 35db7f13f2bc95457cf40627291de95bb3622cacbdc6ec0b59748972701682ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/17.2.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 14 Mar 2022 11:54:51 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 666C 52 KB
17 KB 251ms
78ms Document
text/html 23.218.208.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-187.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: "5fc7ff8f-cf34"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 17053
Cache-Control: max-age=86402
Expires: Tue, 15 Mar 2022 11:54:53 GMT
Date: Mon, 14 Mar 2022 11:54:51 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame 3899 1 KB
749 B 107ms
94ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

date: Mon, 14 Mar 2022 11:54:51 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ebcd128d8eef423-LHR
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 3846 442 B
436 B 81ms
81ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

server: nginx
date: Mon, 14 Mar 2022 11:54:51 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 13:01:00 GMT
vary: Accept-Encoding

GET
H2 200 connectmyusers.php Show response
cdn.connectad.io/ Frame D125 1 KB
703 B 90ms
89ms Document
text/html 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.connectad.io/connectmyusers.php?
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

date: Mon, 14 Mar 2022 11:54:51 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ebcd128e902f423-LHR
content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 usersync Show response
ssp.wp.pl/bidder/ Frame 6D7D 442 B
344 B 80ms
79ms Document
text/html 212.77.99.29
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by: Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: ssp.wp.pl
Software: nginx /
Resource Hash: b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/

Response headers

server: nginx
date: Mon, 14 Mar 2022 11:54:51 GMT
content-type: text/html; charset=utf-8
content-length: 306
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-origin: *
content-encoding: gzip
last-modified: Tue, 08 Mar 2022 13:01:00 GMT
vary: Accept-Encoding

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 6180
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8397622f-2d0c-4100-b631-7591b3541fdc

43 B
61 B

134ms
71ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8397622f-2d0c-4100-b631-7591b3541fdc
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
via: 1.1 google
server: OXGW/17.2.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 14 Mar 2022 11:54:52 GMT
Server: MT3 4256 109297d master cdg-pixel-x27 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=8397622f-2d0c-4100-b631-7591b3541fdc
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 14 Mar 2022 11:54:51 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6180
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=MlFK3zYHSNspBk-NNldVgGdQSYgpBU_dNVbq53Md

43 B
122 B

111ms
66ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=MlFK3zYHSNspBk-NNldVgGdQSYgpBU_dNVbq53Md
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
via: 1.1 google
server: OXGW/17.2.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=MlFK3zYHSNspBk-NNldVgGdQSYgpBU_dNVbq53Md
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 6180
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2565127262783240360

43 B
61 B

65ms
65ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2565127262783240360
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
via: 1.1 google
server: OXGW/17.2.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2565127262783240360
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 6180 70 B
264 B 240ms
80ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=4c983d49-31af-3139-598e-7839ebd733ce&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 6180 170 B
232 B 247ms
80ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjBmN2VlODMtZjhkOC02ZjlkLTRjNmUtMjI4MDIxMzVmZGFl

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6180
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDripIMPXL8l1ypmxw0mTLo&google_cver=1

43 B
106 B

86ms
70ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDripIMPXL8l1ypmxw0mTLo&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
via: 1.1 google
server: OXGW/17.2.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDripIMPXL8l1ypmxw0mTLo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 938C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fd9b622f-2d0c-4600-b687-70829ac73e66

43 B
61 B

129ms
67ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fd9b622f-2d0c-4600-b687-70829ac73e66
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
via: 1.1 google
server: OXGW/17.2.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 14 Mar 2022 11:54:52 GMT
Server: MT3 4256 109297d master cdg-pixel-x30 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fd9b622f-2d0c-4600-b687-70829ac73e66
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 14 Mar 2022 11:54:51 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 938C
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=R47sGUPY7h1c2elMEt_zG0OM7kZcjLxIQ4-26yUE

43 B
106 B

111ms
67ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=R47sGUPY7h1c2elMEt_zG0OM7kZcjLxIQ4-26yUE
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
via: 1.1 google
server: OXGW/17.2.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:51 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&&val=R47sGUPY7h1c2elMEt_zG0OM7kZcjLxIQ4-26yUE
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

sd
eu-u.openx.net/w/1.0/ Frame 938C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2565127262783240360

43 B
61 B

64ms
64ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2565127262783240360
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H3
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
via: 1.1 google
server: OXGW/17.2.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=2565127262783240360
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 938C 70 B
265 B 235ms
80ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=4c983d49-31af-3139-598e-7839ebd733ce&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:51 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 938C 170 B
502 B 241ms
79ms Image
image/png 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjBmN2VlODMtZjhkOC02ZjlkLTRjNmUtMjI4MDIxMzVmZGFl

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 938C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDZYoOo-ShN-UFXMnVYgglQ&google_cver=1

43 B
106 B

92ms
80ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDZYoOo-ShN-UFXMnVYgglQ&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
via: 1.1 google
server: OXGW/17.2.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDZYoOo-ShN-UFXMnVYgglQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 3846 129 KB
34 KB 399ms
151ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 556238b22b6bc9e6d9316408de52c93fd6d76836b3c6cc481c044a1cbe727097

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:52 GMT
content-encoding: br
last-modified: Mon, 14 Mar 2022 09:46:23 GMT
server: nginx
etag: W/"b2c3eb967290d0c4b04ea7668b75c55e"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 wpjslib-sync.js Show response
std.wpcdn.pl/wpjslib/ Frame 6D7D 129 KB
33 KB 399ms
152ms Script
application/javascript 212.77.98.32
WIRTUALNAPOLSKA G...

General

Check archive.org

Show headers Download Go to

Full URL: https://std.wpcdn.pl/wpjslib/wpjslib-sync.js
Requested by: Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS: wifi32.ras.wp.pl
Software: nginx /
Resource Hash: 556238b22b6bc9e6d9316408de52c93fd6d76836b3c6cc481c044a1cbe727097

Request headers

Referer: https://ssp.wp.pl/
Origin: https://ssp.wp.pl
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 11:54:52 GMT
content-encoding: br
last-modified: Mon, 14 Mar 2022 09:46:23 GMT
server: nginx
etag: W/"b2c3eb967290d0c4b04ea7668b75c55e"
access-control-max-age: 300
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900, stale-while-revalidate=86400
x-rgw-object-type: Normal
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 204 1
sync-eu.connectad.io/syncer/ Frame B364 0
0 139ms
115ms Document
text/plain 2606:4700:10::6816:36ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-eu.connectad.io/syncer/1
Requested by: Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:36ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.connectad.io/

Response headers

date: Mon, 14 Mar 2022 11:54:51 GMT
cache-control: no-cache, private
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6ebcd12a2a9af423-LHR

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 400ms
49ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1012
date: Mon, 14 Mar 2022 11:54:51 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4EF2 0
743 B 246ms
246ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:51 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: cfcf6d14-c792-4e21-a3a8-aee45ea55408
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 666C 0
743 B 126ms
126ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:51 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 734c394b-a3cf-4c80-8e52-1eb78bf45662
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
track.adform.net/serving/event/ 35 B
303 B 89ms
88ms Image
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/serving/event/?msrc=1&event=178&name=Viewable%20impressions&bn=53756194&baid=52129733&asid=undefined&icid=undefined&icidt=undefined&imprid=1986402575579953480&eData=Zs9AMiZG6WwUxshVf7dX1Hh9ErTV8WMW4fn4X_ACi5iGDmK74UWvJIBUskVBHw863P3U4POoGh0au94oJsHc8Q2&rtbdata=8Is0-W0xFB--9XrbSZe_KCWHfOF0vtQGhHJMnIKNv1qCxNBY5YwpexaX0-yMtyEfTF4eZ534YpbS3C-uEavakTri5NSuZ6yZIlIZhzKfnmRXtgSGcvPC1Yc9CtlVEOGZe1bKYEf9kq57h_Cko5AVCgpWVCgl6K490jD3DAFjK8peT5CqUm1bRIgAw5-Smk_eapE5HxCbGTVgDIZbHfMXRgWBtZS71n-GFfvyievnAIs0aMwml4Zv7KxJ0zUTRxAvr2pfUSderluJpWn1nzMfWLftOFdXYAZNYmkHnNYteKS6p9JBGKlvdPYr3BQtoleq9mPTohQ4C91-lcx1MuyswtKb8zKBUnyDOdtrzbQfEpPmeYF_-u5tFW3RZAQ41yHqpHVwx6-5jeQNyuM0F-PptBq8Dq2SeFx1xv_YO6vpSmE1&rtbwp=nMO0Lc2wt6Qyjor_-WYnS6zboUFQG3yp0&adxvars=sbVl1W31inbuPWSLnwizxQs2D4tcvJaSH8zi4pTkZuZX97Z8yTvs7dVGSFg6c6-VpFMQyYtIGGPYH9A8QFF9ySu7YVd75hiv1R8_HmTGphZDQUoDTq89xqxXvE07bkOr4JcQ1wRwrX5WE3jH6VJWefiWoj9soKcx0oM3gJXv7a_0rEjcKdyE3b7NOOL3CKxmloRnI_sd8teiuX5MFEIsALAcbPoHp0nX0&time=2&rnd=712228588

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

POST
H2 200 /
track.adform.net/serving/unload/ Frame 6039 35 B
458 B 91ms
90ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&msrc=1&unload=0@@53756194,1986402575579953480,100|1094|0|0|0|0|0|0|0||37|0|1109|ae378bd417594ef196163b095f7ad31c-1-1109_8c132a473af9497da95d6effebe3d0bd|||1|0|0|UNechWlGADNX7EYoWZQhUQnsShgPGPd1SUWxALUIe3Eu55_tzPbxPxhpnBRkvb3lA7z_uuw_WOM1|sbVl1W31inbuPWSLnwizxQs2D4tcvJaSH8zi4pTkZuZX97Z8yTvs7dVGSFg6c6-VpFMQyYtIGGPYH9A8QFF9ySu7YVd75hiv1R8_HmTGphZDQUoDTq89xqxXvE07bkOr4JcQ1wRwrX5WE3jH6VJWefiWoj9soKcx0oM3gJXv7a_0rEjcKdyE3b7NOOL3CKxmloRnI_sd8teiuX5MFEIsALAcbPoHp0nX0||11|0|

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/mobile/adform.js?1630310283198

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:52 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 4EF2 0
743 B 63ms
63ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:52 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 90c41108-b44b-49e2-a302-3e1924584fae
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 666C 0
743 B 55ms
54ms Script
text/html 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:52 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 78deeb7f-6673-40d3-a236-9ad2dc66fc4d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 5ACE 0
243 B 176ms
58ms Ping
text/plain 213.254.244.110
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=8d5918147410489f89041a0584add456&gdpr=&gdpr_consent=&dvp_atali=1&vdur=373&eoid=9&msrjs=2375&nav_pltfrm=Linux%20x86_64&dvp_ac_version=0512&dvp_acibv=&DVPF_IBV_BUNDLE=&bsigr=94592359729281&sdf=2&vit=2&isvelg=1&tltms=62&tetms=40&msltms=191&vltms=373&sei=289&vetms=6&engms=1&engisel=1&ttfurm=2421&cbust=1647258892983479
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2375.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin: https://report.if.ua
Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:13 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 03/13/2022 11:54:53

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 5ACE 0
243 B 65ms
64ms Ping
text/plain 213.254.244.110
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=8d5918147410489f89041a0584add456&gdpr=&gdpr_consent=&msrcanlm=264&msrcannum=2&eoid=12&ismms=59&isumms=58&isvelg=1&nvr=6&elmtp=1&isbxdms=2458&b11=2578&adhgt=90&adwdth=728&norwdth=728&norhgt=90&tmsl=2578&engisel=1&vsos=3&dvp_vsosnmr=16&dvp_mvpw=device-width&dvp_mvpis=1&dvp_minvpw=1600&dvp_minvph=1200&dvp_maxvpw=1600&dvp_maxvph=1200&lftb=2578&sftb=2578&naral=256&vct=1&vphgt=1200&vpwdth=1600&chgt=90&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=100&advisonl=true&isiabvms=958&isuiabvms=958&ispmxpms=958&iscvmvms=958&inor=2&engalms=56&dvp_hdnAd=2000&dvp_dpr=1&dvp_itg=HEAD:1,BASE:1,TITLE:1,BODY:1,SCRIPT:17,IFRAME:2,META:2,STYLE:1,DIV:1,&cbust=1647258893982190
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2375.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.110 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://report.if.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Access-Control-Allow-Origin: https://report.if.ua
Pragma: no-cache
Date: Mon, 14 Mar 2022 11:54:54 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Vary: Origin
Expires: 03/13/2022 11:54:54

POST
H2 200 /
adx.adform.net/adx/unload/ Frame 2C49 35 B
487 B 80ms
79ms Ping
image/gif 37.157.3.30
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/unload/?1647258894158

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/banners/scripts/adx.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://report.if.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 14 Mar 2022 11:54:54 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: https://report.if.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
report.if.ua/	1969-12-31 23:59:59	Name: b Value: b
report.if.ua/	1970-01-20 01:44:23	Name: __oagr Value: true
.report.if.ua/	1970-01-20 19:05:30	Name: _ga Value: GA1.3.539529737.1647258887
.report.if.ua/	1970-01-20 01:35:45	Name: _gid Value: GA1.3.115406432.1647258888
.report.if.ua/	1970-01-20 01:34:18	Name: _gat_UA-7446216-8 Value: 1
.report.if.ua/	1970-01-20 10:55:54	Name: __gads Value: ID=4774f0c83c8ee298-228577205ccd00fe:T=1647258887:RT=1647258887:S=ALNI_MZPfgxZYJlI4NeAqyt2pVGTU4USKQ
.report.if.ua/	1970-01-20 01:34:18	Name: _gat Value: 1
report.if.ua/	1970-01-20 02:17:30	Name: _pbjs_userid_consent_data Value: 6683316680106290
.openx.net/	1970-01-20 10:19:54	Name: i Value: 9f340210-9828-0ece-0358-b0d18ff00033\|1647258888
.adnxs.com/	1970-01-20 03:43:54	Name: icu Value: ChgIqupbEAoYASABKAEwiNq8kQY4AUABSAEQiNq8kQYYAA..
.adnxs.com/	1970-01-20 03:43:54	Name: uuid2 Value: 7418826910799032723
prebid.a-mo.net/	1970-01-20 10:19:54	Name: __amc Value: 1_1647258888_1647258888
.adform.net/	1970-01-20 02:18:53	Name: C Value: 1
.criteo.com/	1970-01-20 10:55:54	Name: uid Value: 53967c83-47dd-4595-b07d-cac76ff8212b
.report.if.ua/	1970-01-20 10:55:54	Name: cto_bundle Value: viRusl9wS1pkUzNySnpnQ1RFUG9ZVmJCQ3NIaFh3U3NNbTVGTUdFa1pVNlUxR2xvZlh0ZjlscHdMQ1huZkpPOGh4dWIxSlpNdkpZYTYlMkY0U01mWk51Y1dqaWpPb3NxVnlQeTkzWE1tNFBTMEUxaWxMTGdHQnJHR0dId1FpJTJCaks0JTJCJTJGME1JMjg2ZzNJV1VLSWZXTVAlMkY0Ujl1S21BJTNEJTNE
.adform.net/	1970-01-20 03:00:42	Name: uid Value: 2565127262783240360
.adform.net/	1970-01-20 01:44:23	Name: TPC Value: 1647258890084
.vodafone.de/	1970-01-20 01:44:23	Name: oshop Value: queryparams\|\|b_id\|\|1791\|\|queryparams\|\|shopid\|\|2653
m.exactag.com/	1970-01-20 03:43:54	Name: exactag_new_gk Value: 1f731be01a3441498673e7d9f167206b%7c13.05.2022+11%3a54%3a50
m.exactag.com/	1970-01-20 05:53:30	Name: exactag_new_uk Value: dfcdc74cd4a94ee1a0811dd37de0c983%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 85fc93684fb740908e5c3de0
.openx.net/	1970-01-20 01:55:54	Name: pd Value: v2\|1647258891\|gekin0vNiygu
.quantserve.com/	1970-01-20 03:43:54	Name: d Value: EPsBDAHUJYqsMA
.quantserve.com/	1970-01-20 11:04:33	Name: mc Value: 622f2d0b-e73cc-d2009-0b723
.doubleclick.net/	1970-01-20 10:55:54	Name: IDE Value: AHWqTUmt2dEMHK-CXE1L27Zby2IflZuudcSSSErv-XK1444uG8h-PupG7uK-uA-shxI
.mathtag.com/	1970-01-20 11:00:14	Name: uuid Value: fd9b622f-2d0c-4600-b687-70829ac73e66
report.if.ua/	1970-01-20 10:55:54	Name: cto_bundle Value: vB1YUF9TYjhoYTVoY3NDZjB1UUp5UCUyRlVkd1JKalFCcXFCeVlxaUNvWGdPRUlBcEhSTDNoVDVqSjBIRnNTa0ZUNllZVyUyQldPYnN1VyUyQjVrUGhBY056WFRxYUUwWFk3VzJUQ1haQUJaU1RqQVl0MDl2aGolMkZ4QzklMkI3SUZINEhDQTlLYXdmNVlsSTFnUDE5YWFjTVlFSzFxYk1JREJ3JTNEJTNE
report.if.ua/	1970-01-20 10:55:54	Name: cto_bidid Value: psasdV9rWDVYZUFIRW1RRVlFV0duSDBNZlNuUHkyUEk4bSUyRmR2QlBEUjdtZTF1SVBaMEZtSjcyaFQlMkZ5TkwwckVBR1RhV0lkUTBqQUtmanRFdXNTM1A3NzhHSllQejkxVmZGdzA2UFRxUVNCOWhUNTAlM0Q

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://report.if.ua/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n750001&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://report.if.ua/ Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n750001&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1647258887&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647258887162&bpp=4&bdt=615&idt=295&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6930506128891&frm=20&pv=2&ga_vid=539529737.1647258887&ga_sid=1647258887&ga_hid=2008721270&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531398%2C44750773%2C44758395%2C31065566&oid=2&pvsid=1057385254429799&pem=657&tmod=131701823&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=324 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
bidder.criteo.com
c.bigmir.net
c1.adform.net
cdn.connectad.io
cdn.doubleverify.com
cdn.jsdelivr.net
cm.g.doubleclick.net
cmp.optad360.io
ep.umobile.pl
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
i.bigmir.net
i.connectad.io
ib.adnxs.com
m.exactag.com
match.adsrvr.org
mug.criteo.com
optad360-d.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
prebid-eu.creativecdn.com
prebid.a-mo.net
report.if.ua
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s1.adform.net
script.4dex.io
ssp.wp.pl
static.criteo.net
stats.g.doubleclick.net
std.wpcdn.pl
sync-eu.connectad.io
sync.mathtag.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
track.adform.net
us-u.openx.net
vfd2dyn.vodafone.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
116.202.115.24
142.250.181.226
145.40.89.200
172.217.18.98
178.250.0.165
178.250.2.146
18.196.61.57
185.184.8.65
185.29.134.244
193.239.68.97
193.239.71.100
212.24.97.24
212.77.98.32
212.77.99.29
213.254.244.110
23.218.208.187
2600:9000:224a:b000:11:a4de:2580:93a1
2600:9000:2260:8a00:6:b871:4f00:93a1
2606:4700:10::6816:36ce
2606:4700:20::681a:8a9
2606:4700::6810:5714
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c08::9b
2a02:2638:1::13
2a02:2638::3
2a02:26f0:7100:29b::4469
34.149.12.213
34.98.64.218
35.71.131.137
37.157.2.249
37.157.3.30
37.157.4.24
37.252.172.249
85.14.248.91
006b28a551601838ed568857c3be37895bb80252dd0ad14c9f446d2f77f8c277
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
014bdcd85899b1e128d977bbb8f899d6c9623e68cfb63b3a637d39f61ff01ff5
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
057b0e13cfa30e2ec94314b271351f862dc73d9da5f854933c67e041c2c3832e
07c94892c3e0ac93d2bcb3a9cb88aa67ea47b3d1aa89bc39dfcc2b025dcd8988
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
1159ba1e605fff6cdf2a2d9b390446ca25df82d99b25cf1c4885ba173991590d
1219be9e0d0b4e6dac8083bde3261294019164287c8fe5d98c082192ee3bbb79
133974970cd7dafaa652f6cff32bc1a0dafd5ccd58e428ff06edd3c74e31833e
166b1ec7fb7c24aa3e5606547b580475b9540f1a91dced5eb59e4653b0663191
1c3bc184d70e061d00c8f3a554d6e1093f49990ce3398c32011466a45ee0bc6f
1fc58e30e1c0fea93b0862a538e03d8e926393b2013d10805fcc90ed2c41a835
225df693f07136dcbd8633853d2582c869a6141ca33c0306449763549b54f6f2
278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523
27959adb07002b9ac7aa480b6357412fb96e7531af950c33714c8f9873aff5a3
29e23646a639746b95623aef060574c65b55f7531cf6502b7fc0d6a245568476
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2d199fc8a0cad1784b67a93991b7f1e9e97eaadaf3cdf334eca5a98fb43eb0ee
2e8e28bad6fc82ddae900413dd285c50e4678fee40bd2c30877def61dd6c3b1f
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44
3266da3d72b79ef6a55e58a4aac849828f12c66da4900121bc1f1214d9189284
35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575
35db7f13f2bc95457cf40627291de95bb3622cacbdc6ec0b59748972701682ba
3820de5e4c80c34b3a5ef070ef024a2b1bb2a96d43356ae200671991915bc3bb
3b02201a3e72adecac686161504ac6b9cbf921ca452b2d738785fe856bef195e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dceb4c55459a22354cc73611cf1f4c8730f9529aa5eeea3e672b11a679406d5
3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
4344063cb2b9108dbf76b5382f9c0f2b8c34954432e0aae1b8cbe7f4a9d2ff6d
4474c49ca6d9fafcb6b89df05b82849ec3f670cb8b2ed5fff9bd990de86f5faa
45cf86b370b767c41f70bfd16e667275ec3e48fd60452be306f9fa504135f89b
4924eac2d5b7f4cdfb042cfdf6434c8ff396da592a0aaae889eac736d3709145
4cc7e3e91af50ab9b927a89ac68cd9017281ba1036f250a7fac0c196199dd273
4e050b32d0af666381ce5db8dc011d1febc779a54f34ec795332dd66fcd268ba
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50d2c7731785008a791223e2b01506e9856b7af924364f8ec47d3155aaca8621
510a820d26ca2fabc53c2b301e8fe18adefe2c5f7d908037fed54fd94395ea9e
534f4defcecb50315bef275e7425246e77f05c5dcae1b883e974226071c45767
54db450f833ca2db72917288a580c1e9e2ecf5b5011ce00d7747c3d1812154bf
556238b22b6bc9e6d9316408de52c93fd6d76836b3c6cc481c044a1cbe727097
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a2c8407b011bf0af8123c2160fc5b91ecf962e4039e82babbaaa630549c80f4
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dda7c3c774e0b3e46652d3d2b4ae0a3917f0d80a78b43ce35b2d678a8c87286
600ae5446df898d0dd1d7ec0c67f103e3c4f19ef430f5978b9c7dd8536354c55
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
650fbde8f71df44e8c94efe34fff492777672193e37628b856284c50bf5d339f
652876c64c94fddfefb323a90fb2de3f80c5a1eccf34ac91a3c6b9b7ad366e2b
65330f794e92aaddc0465d0d0d78cf8d557922765876514234a806dd78a66768
6723e1dfe0979214b45a8371a762cf4722b81aba10d778940a9d8dc12d73e95a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d189705c1a7d5f42ccb43f949279991b43cee9cef8de190b277b05e7153f42c
7022ca758ad0b7f4bd8269777b4a697ef25e950e23403b0da91a6857dd1484bc
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84f884ae3edcb8c05f55a2f69a0c8c5484885584acb5c9978572b9f51ad0277e
884e6d792d12d9d575006b7681cf550f6dc2cc39c8e6a7d606a98641b657fb70
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8d9a46db80c58e316c5594342e8e62bb792d4706ae90d02e4af8a03218335117
8fe0e9ee3dc07d6243205e2aa2978bbad4a548bddb6dc394244c9541fe911a26
94cbe91ea2209db4727e5eff2685863f14d003849e966bbd8fc420460716ad7c
9c82125c41790c3404179fb57ca1e09dcf4a77f48585c8fe01d458cd1729224f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a455924192c13db118d571bd894b18a4ce83c939708219cef08a7550fcef0d21
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6e4a3d9a968cab87b2e57494886f89c986d23851587af1c5541bc14a49af772
a83c3f260b750dfc47e4e5024eda4b4f80be0c0a3e0ae5111a3b0a799df64448
a86eea3bd77a07092b4af88e3dd54272f8118190aaba5fef3bd04dd8a5490ae4
a921a5c0caa9084bd880e329cd4c2376a7447b09c3356475f6003490fcf606a6
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af31788831e6fba62fd7280d994fb8bec5a115c95bdb9dcee4001e7dc6b1786e
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b0ecc068189c389cc70ae56306a63c7174fa4cf1b6f58922d3179002ada6142a
b8d200e47b2a523074bafb75ce06eb041f79a797589ffd9ae9bb88d4343c159f
b8e094ad64704c2e4836153e641e432b22159b03d5b240b6dd303461be83f542
b96a08e31197f3a029c4008bfeb3d03fc34d091741cc3f0f955a0d14e7cc7b32
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcdb9fd8f87515600a4b25720e88373c54edaab03a25d797817ed2c34365f1c3
bd4a69431e6df7eb88d93b93ccde90125856df08b104de505e56260a5d448ebc
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99
c299cd7441c413e1fe1d6906628f36bdc1142e35fb5907ce8fefa36213db2dda
cef35be34c1d8485665ae9b74e8b4fc6d9323e6f1ca663f049c3a82ae17f4ae8
cf1bf5bcae950b994962c4a3ba91a3746f1e08a651440e2e4d07c858ce5591a8
d0f7a26d388b4186c9b4f3b328cad51913a59278a64ba3f6bcf4f049bebd5893
d19adccdb99474feddd29650701faf76012831239527265101c8f7b99965b6dd
d32e7e5cf2cfc593cce176e05f9e737cac07fd325be7e16d3a5e94dfb291d9c7
ddf16c461e55282bdeb11c642d461bd1e5f2e23730769c98d20cd69847792182
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e097148ba6d9707576f826a0d92be4e5bff0387abd82fff1d60324d5a3c64997
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b49058e04624377b1322e2f1f62f3528f6e2ea9ec0c9f8b0f40b40a66c1518
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e8d60d69b3b0d0065a967c4115a210b6d0a8f08a80f6c73099e097fde88e70ff
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
eb5a51e539f7ea6212c5a29c719b4795e078e756361fb94f3ecea796ec3f22c4
edb706c87b1b019cb45cc26e523cb4ff87b88e45be8074b20c8eb8012688920d
f0a93d1f30a4ca726d33a477196deed7194ae38e59a043c41d888a749f30a376
f385ee4c4a242c6f915de2773599d83836bbc5d6134ae5414362aaab69803722
f408ea8d108fb46b0ec7612b384c10211e19f6a21592b34a042751697f4249cf
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f93c38c170bba206d1ef0fb47cc669b27115cf8ebff6887f3a1fb2e1a1f178cb
ff6956c6d9b77bdecabeef7eafb5625c810cf5694db1204d0a48e102ecd73c89

report.if.ua Open in urlscan Pro 212.24.97.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

161 Requests

94 %HTTPS

45 %IPv6

31 Domains

51 Subdomains

42 IPs

10 Countries

2386 kBTransfer

5466 kBSize

28 Cookies

61 Outgoing links

Page URL History

Redirected requests

161 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

report.if.ua Open in urlscan Pro
212.24.97.24 Public Scan

Screenshot
Live screenshot

Full Image

161
Requests

94 %
HTTPS

45 %
IPv6

31
Domains

51
Subdomains

42
IPs

10
Countries

2386 kB
Transfer

5466 kB
Size

28
Cookies

161 HTTP transactions
1 data transactions