mail.i.ua Open in urlscan Pro
91.198.36.14 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://mail.i.ua/reg
Effective URL:
https://mail.i.ua/
Submission Tags: falconsandbox
Submission: On November 03 via api (November 3rd 2020, 3:52:02 am UTC) from US

Summary HTTP 155 Redirects Links 57 Behaviour Indicators

Summary

This website contacted 47 IPs in 11 countries across 47 domains to perform 155 HTTP transactions. The main IP is 91.198.36.14, located in Ukraine and belongs to DIGITAL-VENTURES, UA. The main domain is mail.i.ua.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 14th 2020. Valid for: 3 months.

This is the only time mail.i.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 5	91.198.36.14 91.198.36.14	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
19	91.198.36.78 91.198.36.78	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
4 16	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
8	2a03:90c0:999... 2a03:90c0:9994::9994	199524 (GCORE) (GCORE)
3	91.198.36.35 91.198.36.35	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
1 4	149.202.221.211 149.202.221.211	16276 (OVH) (OVH)
1	91.198.36.16 91.198.36.16	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	149.202.208.196 149.202.208.196	16276 (OVH) (OVH)
8	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	91.198.36.26 91.198.36.26	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
2	194.247.175.38 194.247.175.38	196831 (BEMOBILE-AS) (BEMOBILE-AS)
4 18	146.0.227.110 146.0.227.110	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
14	104.19.132.78 104.19.132.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.86.137.43 185.86.137.43	201081 (SMARTADSE...) (SMARTADSERVER)
2 5	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 2	216.58.205.226 216.58.205.226	15169 (GOOGLE) (GOOGLE)
11 11	35.156.19.236 35.156.19.236	16509 (AMAZON-02) (AMAZON-02)
2 2	35.206.141.96 35.206.141.96	15169 (GOOGLE) (GOOGLE)
1	99.80.32.159 99.80.32.159	16509 (AMAZON-02) (AMAZON-02)
1 1	51.75.146.159 51.75.146.159	16276 (OVH) (OVH)
1 2	5.178.65.246 5.178.65.246	50673 (SERVERIUS-AS) (SERVERIUS-AS)
2 2	217.65.2.150 217.65.2.150	29076 (CITYTELEC...) (CITYTELECOM-AS Filanco LTD)
1 2	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
1	2a06:8640:448... 2a06:8640:448:0:ec4:7aff:fe7e:db36	55081 (24SHELLS) (24SHELLS)
1 2	148.251.156.238 148.251.156.238	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700:303... 2606:4700:3031::6818:61f6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
6	185.180.223.67 185.180.223.67	49981 (WORLDSTREAM) (WORLDSTREAM)
4	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	194.247.175.19 194.247.175.19	196831 (BEMOBILE-AS) (BEMOBILE-AS)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2003	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700::68... 2606:4700::6810:7daf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
6 6	89.108.120.68 89.108.120.68	43146 (AGAVA3) (AGAVA3)
2 2	88.99.213.228 88.99.213.228	24940 (HETZNER-AS) (HETZNER-AS)
2 2	193.232.148.149 193.232.148.149	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	54.171.173.220 54.171.173.220	16509 (AMAZON-02) (AMAZON-02)
1	195.201.152.104 195.201.152.104	24940 (HETZNER-AS) (HETZNER-AS)
1	167.71.9.19 167.71.9.19	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3	194.247.175.26 194.247.175.26	196831 (BEMOBILE-AS) (BEMOBILE-AS)
1	2a00:1450:400... 2a00:1450:4001:818::2001	15169 (GOOGLE) (GOOGLE)
1 1	184.30.212.16 184.30.212.16	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	13.226.132.94 13.226.132.94	16509 (AMAZON-02) (AMAZON-02)
1	213.19.147.150 213.19.147.150	3356 (LEVEL3) (LEVEL3)
1	23.105.245.4 23.105.245.4	7979 (SERVERS-COM) (SERVERS-COM)
1	104.16.199.73 104.16.199.73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	99.80.249.40 99.80.249.40	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1 1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
155	47

5 91.198.36.14 (Ukraine) 3 redirects

ASN43405 (DIGITAL-VENTURES, UA)
PTR: www.i.ua

mail.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
passport.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 91.198.36.78 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: sh02.mi6.kiev.ua

i3.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a03:90c0:9994::9994 (Russian Federation)

ASN199524 (GCORE, AT)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 91.198.36.35 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)

h.holder.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 149.202.221.211 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ua2.host.hit.gemius.pl

kpmediagaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.16 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: r.i.ua

r.i.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.202.208.196 (France)

ASN16276 (OVH, FR)
PTR: ovhfr5.host.hit.gemius.pl

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua

i.holder.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 194.247.175.38 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

source.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 146.0.227.110 (Germany) 4 redirects

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inv-nets-eu.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 104.19.132.78 (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.43 (France)

ASN201081 (SMARTADSERVER, FR)

ww251.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.184.8.30 (Poland) 2 redirects

ASN204995 (RTB-HOUSE-AMS, NL)
PTR: ip-185-184-8-30.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.205.226 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s24-in-f226.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.156.19.236 (Frankfurt am Main, Germany) 11 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-19-236.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.206.141.96 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 96.141.206.35.bc.googleusercontent.com

rtb.4finance.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.32.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-32-159.eu-west-1.compute.amazonaws.com

ismatlab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.146.159 (Germany) 1 redirects

ASN16276 (OVH, FR)

ws.rqtrk.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.178.65.246 (Renswoude, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

ads.us.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.65.2.150 (Moscow, Russian Federation) 2 redirects

ASN29076 (CITYTELECOM-AS Filanco LTD, RU)

match.new-programmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:8640:448:0:ec4:7aff:fe7e:db36 (United Kingdom)

ASN55081 (24SHELLS, US)

s.console.adtarget.com.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 148.251.156.238 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.238.156.251.148.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::6818:61f6 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adsinspidsp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.191.196 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.180.223.67 (Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-180-223-67.hosted-by-worldstream.net

ad.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.247.175.19 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

pa.tns-ua.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7daf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States)

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 89.108.120.68 (Russian Federation) 6 redirects

ASN43146 (AGAVA3, RU)

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.213.228 (Ludwigshafen am Rhein, Germany) 2 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-213-228.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.232.148.149 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.173.220 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.152.104 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.104.152.201.195.clients.your-server.de

sync.dmp.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

bgstats.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 194.247.175.26 (Ukraine)

ASN196831 (BEMOBILE-AS, UA)

sslpagestat.mmi.bemobile.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

f48c5b957f90253d941c6be181c0224a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.212.16 (Netherlands) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a184-30-212-16.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.230.142 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.132.94 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-132-94.dus51.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.150 (United Kingdom)

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.105.245.4 (Russian Federation)

ASN7979 (SERVERS-COM, US)

cm.lentainform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.199.73 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.idealmedia.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.249.40 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine) 1 redirects

ASN39468 (BIGMIR-INTERNET-AS, UA)

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	admixer.net 4 redirects cdn.admixer.net inv-nets.admixer.net inv-nets-eu.admixer.net	213 KB
25	i.ua 3 redirects mail.i.ua passport.i.ua i3.i.ua i.i.ua r.i.ua i.ua	267 KB
19	doubleclick.net 6 redirects googleads.g.doubleclick.net cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	137 KB
15	googlesyndication.com pagead2.googlesyndication.com f48c5b957f90253d941c6be181c0224a.safeframe.googlesyndication.com tpc.googlesyndication.com	239 KB
14	mgid.com jsc.mgid.com cdn.mgid.com servicer.mgid.com cm.mgid.com s-img.mgid.com	129 KB
11	bidswitch.net 11 redirects x.bidswitch.net	5 KB
10	ampproject.org cdn.ampproject.org	213 KB
7	mox.tv ad.mox.tv bgstats.mox.tv	19 KB
6	aidata.io 6 redirects x01.aidata.io	5 KB
5	criteo.com bidder.criteo.com gum.criteo.com	556 B
5	creativecdn.com 2 redirects prebid-eu.creativecdn.com creativecdn.com ams.creativecdn.com	1 KB
5	bemobile.ua source.mmi.bemobile.ua sslpagestat.mmi.bemobile.ua	25 KB
5	gemius.pl 1 redirects kpmediagaua.hit.gemius.pl ls.hit.gemius.pl	12 KB
4	unpkg.com 2 redirects unpkg.com	39 KB
4	holder.com.ua h.holder.com.ua i.holder.com.ua	7 KB
3	tns-ua.com pa.tns-ua.com	3 KB
3	criteo.net static.criteo.net	36 KB
3	google.com 2 redirects adservice.google.com www.google.com	1 KB
2	bigmir.net 1 redirects c.bigmir.net i.bigmir.net	449 B
2	adsrvr.org 2 redirects match.adsrvr.org	906 B
2	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com	279 B
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net	970 B
2	adhigh.net 2 redirects px.adhigh.net	946 B
2	1dmp.io 2 redirects sync.1dmp.io	897 B
2	googleapis.com fonts.googleapis.com	2 KB
2	betweendigital.com 2 redirects ads.betweendigital.com	1017 B
2	buzzoola.com 1 redirects exchange.buzzoola.com	543 B
2	yandex.ru 1 redirects an.yandex.ru	802 B
2	new-programmatic.com 2 redirects match.new-programmatic.com	563 B
2	e-planning.net 1 redirects ads.us.e-planning.net	345 B
2	4finance.com 2 redirects rtb.4finance.com	2 KB
2	googletagservices.com www.googletagservices.com	45 KB
1	idealmedia.io cm.idealmedia.io	557 B
1	lentainform.com cm.lentainform.com	328 B
1	1rx.io sync.1rx.io	187 B
1	smadex.com 1 redirects cm.smadex.com	528 B
1	mookie1.com odr.mookie1.com	324 B
1	otm-r.com sync.dmp.otm-r.com	69 B
1	quantserve.com pixel.quantserve.com	372 B
1	gstatic.com fonts.gstatic.com	11 KB
1	adsinspidsp.com ads.adsinspidsp.com	800 B
1	adtarget.com.tr s.console.adtarget.com.tr
1	rqtrk.eu 1 redirects ws.rqtrk.eu	515 B
1	ismatlab.com ismatlab.com	149 B
1	smartadserver.com ww251.smartadserver.com	326 B
1	google.de adservice.google.de	832 B
1	googleadservices.com partner.googleadservices.com	624 B
155	47

	Domain	Requested by
18	i3.i.ua	mail.i.ua i3.i.ua
11	x.bidswitch.net	11 redirects
10	cdn.ampproject.org	securepubads.g.doubleclick.net
10	inv-nets.admixer.net	4 redirects cdn.admixer.net mail.i.ua
8	tpc.googlesyndication.com	mail.i.ua securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	inv-nets-eu.admixer.net	mail.i.ua
8	cdn.admixer.net	mail.i.ua cdn.admixer.net
7	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net mail.i.ua
6	cm.mgid.com	jsc.mgid.com mail.i.ua
6	x01.aidata.io	6 redirects
6	ad.mox.tv	mail.i.ua ad.mox.tv
6	cm.g.doubleclick.net	6 redirects
6	pagead2.googlesyndication.com	mail.i.ua pagead2.googlesyndication.com
5	s-img.mgid.com	mail.i.ua
4	unpkg.com	2 redirects mail.i.ua
4	bidder.criteo.com	static.criteo.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com mail.i.ua
4	kpmediagaua.hit.gemius.pl	1 redirects mail.i.ua kpmediagaua.hit.gemius.pl
3	sslpagestat.mmi.bemobile.ua	source.mmi.bemobile.ua
3	pa.tns-ua.com	source.mmi.bemobile.ua pa.tns-ua.com mail.i.ua
3	static.criteo.net	cdn.admixer.net mail.i.ua
3	h.holder.com.ua	mail.i.ua
3	mail.i.ua	2 redirects
2	stats.g.doubleclick.net	mail.i.ua
2	www.google.com	2 redirects
2	match.adsrvr.org	2 redirects
2	sync.crwdcntrl.net	2 redirects
2	px.adhigh.net	2 redirects
2	sync.1dmp.io	2 redirects
2	fonts.googleapis.com	mail.i.ua
2	ads.betweendigital.com	2 redirects
2	exchange.buzzoola.com	1 redirects mail.i.ua
2	creativecdn.com	2 redirects
2	an.yandex.ru	1 redirects mail.i.ua
2	match.new-programmatic.com	2 redirects
2	ads.us.e-planning.net	1 redirects mail.i.ua
2	rtb.4finance.com	2 redirects
2	prebid-eu.creativecdn.com	cdn.admixer.net
2	source.mmi.bemobile.ua	h.holder.com.ua source.mmi.bemobile.ua
2	www.googletagservices.com	pagead2.googlesyndication.com ad.mox.tv
1	gum.criteo.com	static.criteo.net
1	i.bigmir.net
1	c.bigmir.net	1 redirects
1	cm.idealmedia.io	mail.i.ua
1	cm.lentainform.com	mail.i.ua
1	sync.1rx.io	mail.i.ua
1	cm.smadex.com	1 redirects
1	eus.rubiconproject.com	cm.mgid.com
1	secure-assets.rubiconproject.com	1 redirects
1	f48c5b957f90253d941c6be181c0224a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	odr.mookie1.com	mail.i.ua
1	bgstats.mox.tv	mail.i.ua
1	sync.dmp.otm-r.com	mail.i.ua
1	pixel.quantserve.com	mail.i.ua
1	servicer.mgid.com	jsc.mgid.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.mgid.com	mail.i.ua
1	ads.adsinspidsp.com	mail.i.ua
1	s.console.adtarget.com.tr	mail.i.ua
1	ams.creativecdn.com	mail.i.ua
1	ws.rqtrk.eu	1 redirects
1	ismatlab.com	mail.i.ua
1	ww251.smartadserver.com	cdn.admixer.net
1	jsc.mgid.com	i.holder.com.ua
1	i.holder.com.ua	h.holder.com.ua
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ls.hit.gemius.pl	kpmediagaua.hit.gemius.pl
1	i.ua	mail.i.ua
1	r.i.ua	mail.i.ua
1	i.i.ua	mail.i.ua
1	passport.i.ua	1 redirects
155	73

This site contains links to these domains. Also see Links.

Domain
www.i.ua
passport.i.ua
finance.i.ua
map.i.ua
tv.i.ua
weather.i.ua
goroskop.i.ua
music.i.ua
radio.i.ua
kino.i.ua
perevod.i.ua
org.i.ua
files.i.ua
job.i.ua
catalog.i.ua
links.i.ua
rss.i.ua
board.i.ua
shop.i.ua
news.i.ua
otvet.i.ua
oboi.i.ua
cards.i.ua
group.i.ua
narod.i.ua
prikol.i.ua
love.i.ua
photo.i.ua
blog.i.ua
video.i.ua
cook.i.ua
help.i.ua
pda.i.ua
checker.i.ua
widgets.mgid.com
www.mgid.com
search.i.ua
soft.i.ua

Subject Issuer	Validity	Valid
i.ua Let's Encrypt Authority X3	`2020-09-14` - `2020-12-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2020-03-12` - `2021-06-21`	a year	crt.sh
holder.com.ua Let's Encrypt Authority X3	`2020-10-19` - `2021-01-17`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2019-09-11` - `2021-09-24`	2 years	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.mmi.bemobile.ua Sectigo RSA Domain Validation Secure Server CA	`2020-02-13` - `2021-02-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-09` - `2021-07-09`	a year	crt.sh
*.criteo.net DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
ismatlab.com RapidSSL RSA CA 2018	`2020-05-19` - `2021-05-20`	a year	crt.sh
ads.us.e-planning.net Let's Encrypt Authority X3	`2020-10-27` - `2021-01-25`	3 months	crt.sh
an.yandex.by Yandex CA	`2020-10-01` - `2021-04-01`	6 months	crt.sh
s.console.adtarget.com.tr Let's Encrypt Authority X3	`2020-10-05` - `2021-01-03`	3 months	crt.sh
*.buzzoola.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-30` - `2022-09-28`	2 years	crt.sh
*.mox.tv Sectigo RSA Domain Validation Secure Server CA	`2019-12-03` - `2020-12-02`	a year	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2020-09-04` - `2020-12-03`	3 months	crt.sh
juke.mmi.tns-ua.com Let's Encrypt Authority X3	`2020-10-13` - `2021-01-11`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
sync.dmp.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-07` - `2021-08-07`	a year	crt.sh
*.mookie1.com DigiCert SHA2 Secure Server CA	`2020-02-21` - `2021-03-22`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-02-13` - `2021-02-17`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.lentainform.com Go Daddy Secure Certificate Authority - G2	`2020-01-09` - `2021-01-20`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-10-06` - `2020-12-29`	3 months	crt.sh
img.com.ua Let's Encrypt Authority X3	`2020-09-04` - `2020-12-03`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://mail.i.ua/
Frame ID: 668B2F7C19C7F174208BF11979D43AAA
Requests: 126 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/zrt_lookup.html
Frame ID: 8602D3681EE2DD57A15D5762CCFDA209
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: CEDB56E844BCA6DF38B6CEA8E25E2187
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1604375503&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fmail.i.ua%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604375503605&bpp=12&bdt=308&idt=143&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5563208729492&frm=20&pv=2&ga_vid=2084935384.1604375504&ga_sid=1604375504&ga_hid=1756615149&ga_fc=0&iag=0&icsg=134250656&dssz=24&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067555&oid=3&pvsid=1420496748323193&pem=644&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=169
Frame ID: 57690476AF1E824AD127068B6346CCA3
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: 9B70DCE11FFC4E5DAD23584EC665F736
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=160437550459020703478
Frame ID: BF553F8B3238E53925F645FED366E333
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Frame ID: 86671581F95F147BB9A9631825D02033
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.js
Frame ID: D22543B37E19EE79F3C48B964F212FC9
Requests: 13 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.js
Frame ID: D62C3675133B34B67CC4ECEAE09B342C
Requests: 12 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=mail.i.ua
Frame ID: BCF2305CEAD13B9F7088A07C9951FA61
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html
Frame ID: 4B30BC6920107E0AFD9E42E8584D8C3B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://mail.i.ua/reg HTTP 302
https://passport.i.ua/redirect/?id=mail&url=mail.i.ua HTTP 302
http://mail.i.ua/ HTTP 301
https://mail.i.ua/ Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Gemius () Expand

Overall confidence: %
Detected patterns

script /hit\.gemius\.pl\/xgemius\.js/i
script /hit\.gemius\.pl/i
script /xgemius\.js/i

Page Statistics

155
Requests

100 %
HTTPS

32 %
IPv6

47
Domains

73
Subdomains

47
IPs

11
Countries

1397 kB
Transfer

3580 kB
Size

10
Cookies

57 Outgoing links

These are links going to different origins than the main page.

URL: https://www.i.ua/

Search URL Search Domain Scan URL

URL: https://passport.i.ua/login/
Title: Вход

Search URL Search Domain Scan URL

URL: https://passport.i.ua/registration/?_url=https%3A%2F%2Fmail.i.ua%2F
Title: Регистрация

Search URL Search Domain Scan URL

URL: https://finance.i.ua/
Title: Финансы

Search URL Search Domain Scan URL

URL: https://map.i.ua/
Title: Карты

Search URL Search Domain Scan URL

URL: https://tv.i.ua/
Title: TV

Search URL Search Domain Scan URL

URL: https://weather.i.ua/
Title: Погода

Search URL Search Domain Scan URL

URL: https://goroskop.i.ua/
Title: Гороскоп

Search URL Search Domain Scan URL

URL: http://music.i.ua/
Title: Музыка

Search URL Search Domain Scan URL

URL: http://radio.i.ua/
Title: Радио

Search URL Search Domain Scan URL

URL: http://kino.i.ua/
Title: Кино

Search URL Search Domain Scan URL

URL: https://perevod.i.ua/
Title: Перевод

Search URL Search Domain Scan URL

URL: http://org.i.ua/
Title: Органайзер

Search URL Search Domain Scan URL

URL: https://files.i.ua/
Title: Файлы

Search URL Search Domain Scan URL

URL: http://job.i.ua/
Title: Работа

Search URL Search Domain Scan URL

URL: http://catalog.i.ua/
Title: Каталог

Search URL Search Domain Scan URL

URL: http://links.i.ua/
Title: Закладки

Search URL Search Domain Scan URL

URL: http://rss.i.ua/
Title: RSS

Search URL Search Domain Scan URL

URL: http://board.i.ua/
Title: Объявления

Search URL Search Domain Scan URL

URL: http://shop.i.ua/
Title: Магазины

Search URL Search Domain Scan URL

URL: http://news.i.ua/
Title: Новости

Search URL Search Domain Scan URL

URL: http://otvet.i.ua/
Title: Ответы

Search URL Search Domain Scan URL

URL: http://oboi.i.ua/
Title: Обои

Search URL Search Domain Scan URL

URL: http://cards.i.ua/
Title: Открытки

Search URL Search Domain Scan URL

URL: http://group.i.ua/
Title: Группы

Search URL Search Domain Scan URL

URL: https://narod.i.ua/
Title: Народ

Search URL Search Domain Scan URL

URL: https://prikol.i.ua/
Title: Приколы

Search URL Search Domain Scan URL

URL: http://love.i.ua/
Title: Знакомства

Search URL Search Domain Scan URL

URL: http://photo.i.ua/
Title: Фото

Search URL Search Domain Scan URL

URL: http://blog.i.ua/
Title: Блоги

Search URL Search Domain Scan URL

URL: https://video.i.ua/
Title: Видео

Search URL Search Domain Scan URL

URL: http://cook.i.ua/
Title: Рецепты

Search URL Search Domain Scan URL

URL: https://passport.i.ua/?lang=
Title: Регистрация

Search URL Search Domain Scan URL

URL: https://passport.i.ua/recover/
Title: Напомнить пароль

Search URL Search Domain Scan URL

URL: http://help.i.ua/section/11/
Title: Помощь

Search URL Search Domain Scan URL

URL: http://pda.i.ua/
Title: pda.i.ua

Search URL Search Domain Scan URL

URL: https://checker.i.ua/
Title: Checker I.UA

Search URL Search Domain Scan URL

URL: https://widgets.mgid.com/?utm_source=mail.i.ua&utm_medium=referral&utm_campaign=widgets&utm_content=971124

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/6288128/i/132402/0/pp/1/1?h=EjICiz5n87p7O4vpcsYTo1YAbcA83-52gz2Fobs0jBkvk1OeizAAq-L3MpnLcYbu&rid=e3d66489-1d87-11eb-a7ac-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3901238/i/132402/0/pp/2/1?h=EjICiz5n87p7O4vpcsYTo4WOUyP1xfMmdVPTM1T4GC5225x9E0bg_sqTbpF0a-aq&rid=e3d66489-1d87-11eb-a7ac-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4060553/i/132402/0/pp/3/1?h=EjICiz5n87p7O4vpcsYTowv7pHmLMY2hVlQa_ZXaDOyRKuHLknEPyXzB6njiUImx&rid=e3d66489-1d87-11eb-a7ac-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/4023144/i/132402/0/pp/4/1?h=EjICiz5n87p7O4vpcsYTo20u8HK41rPXU_nsnIGaUIMtsGxe3ry49RxohUramsI4&rid=e3d66489-1d87-11eb-a7ac-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11

Search URL Search Domain Scan URL

URL: https://www.mgid.com/ghits/3908678/i/132402/0/pp/5/1?h=EjICiz5n87p7O4vpcsYTo1OEaYvy43FpnlwS3tYV0HXVuVtwBLb_yuIcYAj6Ap8J&rid=e3d66489-1d87-11eb-a7ac-d094662f8ab5&tt=Direct&cpm=1&gbpp=1&abd=1&iv=11

Search URL Search Domain Scan URL

URL: http://search.i.ua/
Title: Поиск

Search URL Search Domain Scan URL

URL: http://soft.i.ua/
Title: Программы

Search URL Search Domain Scan URL

URL: http://weather.i.ua/
Title: Погода

Search URL Search Domain Scan URL

URL: http://goroskop.i.ua/
Title: Гороскоп

Search URL Search Domain Scan URL

URL: http://tv.i.ua/
Title: Телепрограмма

Search URL Search Domain Scan URL

URL: http://finance.i.ua/
Title: Курсы валют

Search URL Search Domain Scan URL

URL: http://perevod.i.ua/
Title: Переводчик

Search URL Search Domain Scan URL

URL: http://narod.i.ua/
Title: Народ

Search URL Search Domain Scan URL

URL: http://prikol.i.ua/
Title: Приколы

Search URL Search Domain Scan URL

URL: http://video.i.ua/
Title: Видео

Search URL Search Domain Scan URL

URL: http://map.i.ua/
Title: Карты

Search URL Search Domain Scan URL

URL: http://files.i.ua/
Title: Файлы

Search URL Search Domain Scan URL

URL: http://help.i.ua/privacy-policy/
Title: Политика конфиденциальности

Search URL Search Domain Scan URL

URL: https://help.i.ua/privacy-policy/
Title: политике конфиденциальности

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://mail.i.ua/reg HTTP 302
https://passport.i.ua/redirect/?id=mail&url=mail.i.ua HTTP 302
http://mail.i.ua/ HTTP 301
https://mail.i.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://kpmediagaua.hit.gemius.pl/_1604375503859/rexdot.js?l=100&id=d1Yw5EtdZvzlzbDVgnMo_ceCDhswwIL03Gsu091xSCf.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmail.i.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=171&lsdata=YI16ybcEj6ml4zmeu2gq6aaVzFXr6w.Kee1vXbZFPE..x7o.LPcTJJG2Tc_3N8gIHPnKahtpOYHVtvNnMQsAKxrWqxSd/vKEEdx_niPm1C/&fpdata=jgjVbzw9ULyDoIuh0JvehxxOpJWfchaXLy7eaQm1GGj.l7&vis=1 HTTP 301
https://kpmediagaua.hit.gemius.pl/__/_1604375503859/rexdot.js?l=100&id=d1Yw5EtdZvzlzbDVgnMo_ceCDhswwIL03Gsu091xSCf.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmail.i.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=171&lsdata=YI16ybcEj6ml4zmeu2gq6aaVzFXr6w.Kee1vXbZFPE..x7o.LPcTJJG2Tc_3N8gIHPnKahtpOYHVtvNnMQsAKxrWqxSd/vKEEdx_niPm1C/&fpdata=jgjVbzw9ULyDoIuh0JvehxxOpJWfchaXLy7eaQm1GGj.l7&vis=1

Request Chain 52

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEEhtDjeiEbEmYMh5NFa_klE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NWExNDg0ODlhMWZlNDA1YjliMDNjNTcxYTRmMDMzZTY&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESENE4Av0a5yNuIAzt0h_wRzI&google_cver=1 HTTP 302
https://x.bidswitch.net/sync?ssp=admixer&user_id=5a148489a1fe405b9b03c571a4f033e6&gdpr=0&gdpr_consent=null&us_privacy=null HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=5a148489a1fe405b9b03c571a4f033e6&gdpr=0&gdpr_consent=null&us_privacy=null HTTP 302
https://rtb.4finance.com/sync?ssp=bidswitch&bidswitch_ssp_id=admixer&bsw_user_id=49a1a226-e759-4cf4-8166-bfaaf2f80904&bsw_param=49a1a226-e759-4cf4-8166-bfaaf2f80904 HTTP 302
https://rtb.4finance.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer&bsw_user_id=49a1a226-e759-4cf4-8166-bfaaf2f80904&bsw_param=49a1a226-e759-4cf4-8166-bfaaf2f80904 HTTP 302
https://x.bidswitch.net/sync?dsp_id=159&expires=14&user_id=75d9473a-bba2-47dd-8ba5-fc3e0811e560&ssp=admixer&user_group=&bsw_param=49a1a226-e759-4cf4-8166-bfaaf2f80904 HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=49a1a226-e759-4cf4-8166-bfaaf2f80904&gdpr=&consent=&gdpr_pd=

Request Chain 54

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NWExNDg0ODlhMWZlNDA1YjliMDNjNTcxYTRmMDMzZTY&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESENE4Av0a5yNuIAzt0h_wRzI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NWExNDg0ODlhMWZlNDA1YjliMDNjNTcxYTRmMDMzZTY&google_cm HTTP 302
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESENE4Av0a5yNuIAzt0h_wRzI&google_cver=1 HTTP 302
https://x.bidswitch.net/sync?ssp=admixer&user_id=5a148489a1fe405b9b03c571a4f033e6&gdpr=0&gdpr_consent=null&us_privacy=null HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=5a148489a1fe405b9b03c571a4f033e6&gdpr=0&gdpr_consent=null&us_privacy=null HTTP 302
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=admixer&g=1&gdpr_pd=&gdpr=0&gdpr_consent=null HTTP 302
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=admixer HTTP 302
https://inv-nets.admixer.net/bs/cm.aspx?id=49a1a226-e759-4cf4-8166-bfaaf2f80904&gdpr=&consent=&gdpr_pd=

Request Chain 55

https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID HTTP 302
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID

Request Chain 56

https://match.new-programmatic.com/userbind?src=admixer&id=5a148489a1fe405b9b03c571a4f033e6 HTTP 302
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1 HTTP 302
https://an.yandex.ru/setud/target_rtb/?sign=1615146367 HTTP 302
https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1615146367

Request Chain 57

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 59

https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=5a148489a1fe405b9b03c571a4f033e6 HTTP 307
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=5a148489a1fe405b9b03c571a4f033e6

Request Chain 61

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID} HTTP 302
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bbaa286f-cc86-5234-91fd-a7e8ce5d7438

Request Chain 85

https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@6.3.5/swiper-bundle.min.css

Request Chain 88

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@6.3.5/swiper-bundle.min.js

Request Chain 91

https://x01.aidata.io/0.gif?pid=MEDIAWAYSS&id=75593c1c-b33c-4a1a-99bb-1672f7a08941 HTTP 302
https://x01.aidata.io/0.gif?pid=MEDIAWAYSS&id=75593c1c-b33c-4a1a-99bb-1672f7a08941&bounce=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=SYNC2&google_cm HTTP 302
https://x01.aidata.io/0.gif?pid=GOOGLE&back=SYNC2&google_gid=CAESEBuTAEllq9Hmgpq-KM0xkBs&google_cver=1 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=f3c5784e-9a1e-4a1c-887d-dfe2e0b8668b&pid=fe3f3a81-853f-42c7-992a-63a613fc388f&uid=PKpxcp1EhbVybC635eEYHQ&ru=https%3A//x01.aidata.io/0.gif%3Fpid%3DSYNC2 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=f3c5784e-9a1e-4a1c-887d-dfe2e0b8668b&pid=fe3f3a81-853f-42c7-992a-63a613fc388f&uid=PKpxcp1EhbVybC635eEYHQ&ru=https%3A//x01.aidata.io/0.gif%3Fpid%3DSYNC2&cs=1 HTTP 302
https://x01.aidata.io/0.gif?pid=SYNC2 HTTP 302
https://px.adhigh.net/p/cm/aidata?u=PKpxcp1EhbVybC635eEYHQ&back=SYNC2 HTTP 302
https://px.adhigh.net/p/cm/aidata?u=PKpxcp1EhbVybC635eEYHQ&back=SYNC2&bounced=1 HTTP 302
https://x01.aidata.io/0.gif?pid=GETINTENT&id=egIyV8jaXc2.AikABlF1jDspDw&back=SYNC2 HTTP 302
https://sync.crwdcntrl.net/map/c=7645/tp=AIDA/?https://x01.aidata.io/0.gif?pid=LOTAME&id=PKpxcp1EhbVybC635eEYHQ&back=SYNC2 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=7645/tp=AIDA/?https://x01.aidata.io/0.gif?pid=LOTAME&id=PKpxcp1EhbVybC635eEYHQ&back=SYNC2 HTTP 302
https://x01.aidata.io/0.gif?pid=LOTAME&id=PKpxcp1EhbVybC635eEYHQ&back=SYNC2 HTTP 302
https://sync.dmp.otm-r.com/match/aidata?back=SYNC2&rp=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTM%26id%3D%7Bpid%7D

Request Chain 93

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=75593c1c-b33c-4a1a-99bb-1672f7a08941&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=75593c1c-b33c-4a1a-99bb-1672f7a08941&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=49a1a226-e759-4cf4-8166-bfaaf2f80904&ssp=prodoohmox&gdpr=0&gdpr_consent=

Request Chain 110

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

Request Chain 111

https://x.bidswitch.net/sync?ssp=mgid HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=49a1a226-e759-4cf4-8166-bfaaf2f80904 HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=b18b387a-a628-483d-9f99-93565bf82a4e&expires=10&ssp=mgid&bsw_param=49a1a226-e759-4cf4-8166-bfaaf2f80904 HTTP 302
https://cm.mgid.com/m?cdsp=433145&c=49a1a226-e759-4cf4-8166-bfaaf2f80904&gdpr=&gdpr_consent=&us_privacy=

Request Chain 112

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2EySURQSUYzalBq&muidn=ka2IDPIF3jPj HTTP 302
https://cm.mgid.com/google?muidn=ka2IDPIF3jPj&google_ula={guid},5&google_gid=CAESEG9d6k0bRUu7MptxDoUJTUY&google_cver=1

Request Chain 113

https://creativecdn.com/cm-notify?pi=mgid HTTP 302
https://cm.mgid.com/m?cdsp=501037&c=LfKSQAt65MVrUjppSokr&pi=mgid

Request Chain 114

https://x.bidswitch.net/sync?dsp_id=303&user_id=ka2IDPIF3jPj HTTP 302
https://sync.1rx.io/usersync/bidswitch/49a1a226-e759-4cf4-8166-bfaaf2f80904?gdpr=&gdpr_consent=

Request Chain 117

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1 HTTP 302
https://cm.mgid.com/m?cdsp=371158&c=8854842c-b46a-4dfc-af5a-8072a7406824&ttl=1606967505

Request Chain 143

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 144

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 146

https://c.bigmir.net/?s134156&t6&n0.2119746587482938&c1&d24&r1600&f HTTP 302
https://i.bigmir.net/cnt/06.gif

155 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
mail.i.ua/
Redirect Chain

https://mail.i.ua/reg
https://passport.i.ua/redirect/?id=mail&url=mail.i.ua
http://mail.i.ua/
https://mail.i.ua/

43 KB
18 KB

55ms
54ms

Document
text/html

91.198.36.14
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.14 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: www.i.ua
Software: nginx /
Resource Hash: 90f45bc851eb8c65591227caf2e17a7c2ab38c70e9434481ee617c7022d2a6ce

Request headers

Host: mail.i.ua
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Tue, 03 Nov 2020 03:51:43 GMT
Content-Type: text/html; charset=windows-1251
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Vary: Accept-Encoding
Content-Encoding: gzip

Redirect headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Server: Apache/1.3.42 (Unix) mod_deflate/1.0.21
Location: https://mail.i.ua/
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=windows-1251

GET
H/1.1 200
OK mail.y2016369a.css
i3.i.ua/css/i2/blue/ 229 KB
37 KB 155ms
52ms Stylesheet
text/css 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: 2bcb06d6faa4ca062642d7b2e98970ef0343614d2ec8364f52d2a78d42b3732b

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Content-Encoding: gzip
Last-Modified: Fri, 10 Apr 2020 11:38:15 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 37787
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK util.ya033ba43.js Show response
i3.i.ua/js/ 14 KB
15 KB 154ms
51ms Script
application/x-javascript 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://i3.i.ua/js/util.ya033ba43.js
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: 0aafcf7215f16bffb8bd442910b5d318a004d91f2d7018163bed08e3446cab6d

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Wed, 12 Oct 2016 10:16:54 GMT
Server: nginx
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 14697
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK JSHttpRequest.y989b751f.js Show response
i3.i.ua/js/ 13 KB
14 KB 156ms
51ms Script
application/x-javascript 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://i3.i.ua/js/JSHttpRequest.y989b751f.js
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: 77651d06d987b95f32821dd3800c754db04b4ab74f6e7cebec2e7f59cda47b1f

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Thu, 06 Apr 2017 10:11:42 GMT
Server: nginx
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 13522
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK global.y18bbae35.js Show response
i3.i.ua/js/i/ 25 KB
25 KB 156ms
51ms Script
application/x-javascript 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://i3.i.ua/js/i/global.y18bbae35.js
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: 937511b9ff4b72a44415cbf3bbcf0fa2723781a9174d031f9cdc2d44b117c1d5

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Mon, 14 May 2018 09:28:34 GMT
Server: nginx
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 25256
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK autoload.y718797e6.js Show response
i3.i.ua/js/i/ 13 KB
13 KB 155ms
50ms Script
application/x-javascript 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://i3.i.ua/js/i/autoload.y718797e6.js
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: 43ce5e5fc944426f117531e92e0f3b86daa5fd4d4a9230a8019fdb5c1e2d1dd1

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Tue, 15 Sep 2020 12:20:26 GMT
Server: nginx
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 13118
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 134 KB
46 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9f94cbc52555c85e6567b8f2878996d03bd5cb272f92cde9429b3b20a13df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 46515
x-xss-protection: 0
server: cafe
etag: 10321196751818987736
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 03 Nov 2020 03:51:43 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 27 KB
12 KB 47ms
12ms Script
application/javascript 2a03:90c0:9994::9994
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9994::9994 , Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: c0356898e638418615fd774549be037b3e5393af49f8973bcc0c6f648f76e0e1

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: nkf-up-gc9
date: Tue, 03 Nov 2020 03:51:43 GMT
content-encoding: gzip
last-modified: Mon, 02 Nov 2020 15:48:00 GMT
server: nginx
etag: W/"5fa02a30-6cec"
status: 200
x-cached-since: 2020-11-03T03:48:42+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=600
cache: HIT
expires: Mon, 02 Nov 2020 16:06:58 GMT

GET
H/1.1 200
OK button_registration_ru.png
i3.i.ua/v2/mail/ 3 KB
3 KB 49ms
48ms Image
image/png 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.i.ua/v2/mail/button_registration_ru.png
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: 9d1b34b11ccdac9862d314258cbdbbbcbe8354eac135e7e45a74926095d3b2cc

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Thu, 04 Nov 2010 14:28:54 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 3226
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK i Show response
h.holder.com.ua/ 234 B
723 B 144ms
47ms Script
application/x-javascript 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/i?1604375503
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash: 5f3b80b9c9d0a734101de679b20cca1d75012e826c35b1e06e6950d10dd3696c

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Nov 2020 03:51:43 GMT
Server: nginx
P3P: policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Content-Type: application/x-javascript; charset=windows-1251
Keep-Alive: timeout=5
Content-Length: 234
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK s Show response
h.holder.com.ua/ 2 KB
2 KB 157ms
62ms Script
text/javascript 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?b5009&tj&c1&r824254633&hmail.i.ua%2F
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash: cbfd78acde187c4bdcd31b5ae55eb113297f9ef37300af20c57148c9f56adf24

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Nov 2020 03:51:43 GMT
Server: nginx
P3P: policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Content-Type: text/javascript; charset=windows-1251
Keep-Alive: timeout=5
Content-Length: 1560
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 3_1_2.png
i.i.ua/r/ 2 KB
2 KB 161ms
61ms Image
image/png 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.i.ua/r/3_1_2.png
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: 11322d98807a606db0ee33e701418e86e952c81fbfcbf4a025e5244c4e734c36

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Thu, 28 Sep 2006 16:33:08 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2196
Expires: Wed, 03 Nov 2021 03:51:42 GMT

GET
H2 200 xgemius.js Show response
kpmediagaua.hit.gemius.pl/ 40 KB
11 KB 163ms
50ms Script
application/x-javascript 149.202.221.211
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://kpmediagaua.hit.gemius.pl/xgemius.js
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.221.211 , France, ASN16276 (OVH, FR),
Reverse DNS: ua2.host.hit.gemius.pl
Software: GHC /
Resource Hash: 6ff27d656411d10ed46df878159d86e37bda5f9d7b9698c5ec1349799e4adf89

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:43 GMT
content-encoding: gzip
last-modified: Mon, 19 Oct 2020 07:18:40 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: max-age=43200
accept-ranges: none
content-type: application/x-javascript
content-length: 10928
expires: Tue, 03 Nov 2020 15:51:43 GMT

GET
H/1.1 200
OK s
r.i.ua/ 43 B
486 B 148ms
48ms Image
image/gif 91.198.36.16
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.i.ua/s?u100&p0&n0.06296986558561435&c1&d24&w1600&h1200&rmail.i.ua/
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.16 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: r.i.ua
Software: nginx /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Nov 2020 03:51:43 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="http://i.i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Expires: 0

GET
H/1.1 200
OK iua_logo.svg
i3.i.ua/v2/header2014/ 2 KB
3 KB 49ms
48ms Image
image/svg+xml 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.i.ua/v2/header2014/iua_logo.svg
Requested by: Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: b1d0602272ae1a1a50d071170b1d810f3a09925fe2e530a739663a7f12e3f98d

Request headers

Referer: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Wed, 27 Aug 2014 12:51:49 GMT
Server: nginx
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 2511
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK brandingleft_blue_day.png
i3.i.ua/v2/header2014/skin/fall/ 45 KB
45 KB 49ms
48ms Image
image/png 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.i.ua/v2/header2014/skin/fall/brandingleft_blue_day.png
Requested by: Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: 8843c84f2798c5749f882b13abf226a6c508809e4c079c2aed418232c9c3c7e3

Request headers

Referer: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Wed, 22 Aug 2012 13:36:14 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 45604
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK brandingright_blue_day.png
i3.i.ua/v2/header2014/skin/fall/ 32 KB
32 KB 49ms
48ms Image
image/png 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.i.ua/v2/header2014/skin/fall/brandingright_blue_day.png
Requested by: Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: 5fe82819f06be3d61a0e289e4341d05b705fb1a2826f980a4fa686ce80bd5ee3

Request headers

Referer: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Wed, 22 Aug 2012 13:36:14 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 32510
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK branding_blue_day.jpg
i3.i.ua/v2/header2014/skin/fall/ 14 KB
14 KB 48ms
48ms Image
image/jpeg 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.i.ua/v2/header2014/skin/fall/branding_blue_day.jpg
Requested by: Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: e4691d8dda613214cb90dc9097823b94e7eb9c48303932a999192740d1fcdfcd

Request headers

Referer: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Wed, 22 Aug 2012 13:48:02 GMT
Server: nginx
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 14080
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK shadow_bottom_bg.png
i3.i.ua/v2/bg/ 118 B
423 B 78ms
48ms Image
image/png 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.i.ua/v2/bg/shadow_bottom_bg.png?r
Requested by: Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: d41478a8574c785058d0145576d696cd83de38a293b6f20d553bc5f69c78501e

Request headers

Referer: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Fri, 03 Sep 2010 09:49:50 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 118
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK corners_border_blue_shadow.png
i3.i.ua/v2/gamma/ 562 B
867 B 54ms
48ms Image
image/png 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.i.ua/v2/gamma/corners_border_blue_shadow.png?r
Requested by: Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: 97ce8ab21f20c49ac4f5f581cbf8dde59b5c314ed7c97c6fbb1a1e21e6b63541

Request headers

Referer: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Fri, 13 Aug 2010 09:04:04 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 562
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK top_gradient_bg_blue.png
i3.i.ua/v2/gamma/ 155 B
460 B 87ms
57ms Image
image/png 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.i.ua/v2/gamma/top_gradient_bg_blue.png?r
Requested by: Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: e0754399a6b65b8ec41171e4462edad8a3105cb0e624aceb45d64b05d718b8e2

Request headers

Referer: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Fri, 03 Dec 2010 12:45:48 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 155
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK mail_main_screen_ru_1.png
i3.i.ua/v2/mail/ 31 KB
31 KB 59ms
48ms Image
image/png 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.i.ua/v2/mail/mail_main_screen_ru_1.png?1
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: 92d292af41bdad8a7e5cdea19da14fd3f496bc02965aacd93a013c3b6464edee

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Mon, 02 Jul 2012 08:32:21 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 31265
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK search_letter_ru.png
i3.i.ua/v2/mail/ 4 KB
4 KB 87ms
55ms Image
image/png 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.i.ua/v2/mail/search_letter_ru.png?1
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: 16b32184cbd9833b9808463219857d6ef0f6abb8832c3e9d305a7a972ee1e52b

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Mon, 19 Dec 2011 14:16:29 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 3876
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK mail_main_screen_ru_2.png
i3.i.ua/v2/mail/ 2 KB
2 KB 92ms
48ms Image
image/png 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.i.ua/v2/mail/mail_main_screen_ru_2.png?1
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: ae31dd5732a2f7e44b749c738632e61ec6cccb4bf62c871842f100196d18646a

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Mon, 19 Dec 2011 11:55:46 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1570
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK numbers_letter_ru.png
i3.i.ua/v2/mail/ 3 KB
4 KB 97ms
48ms Image
image/png 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.i.ua/v2/mail/numbers_letter_ru.png?1
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: d7d7eee7eab46d218652eb981e64483ebe6157186cf779e11f0a99fec70ef0e2

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Mon, 19 Dec 2011 14:17:35 GMT
Server: nginx
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 3581
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H2 200 5e58871d883bdc35155a.b.js Show response
cdn.admixer.net/scripts3/ 63 KB
19 KB 15ms
14ms Script
application/javascript 2a03:90c0:9994::9994
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/5e58871d883bdc35155a.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9994::9994 , Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 71bc00cfba8940ed910c6632b0b6f75ae1461db25525aff7971c1e2556415fab

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: nkf-up-gc9
date: Tue, 03 Nov 2020 03:51:43 GMT
content-encoding: gzip
last-modified: Tue, 27 Oct 2020 08:44:49 GMT
server: nginx
status: 200
etag: W/"5f97de01-fa2a"
vary: Accept-Encoding
x-cached-since: 2020-10-30T14:07:38+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Sun, 31 Oct 2021 14:07:40 GMT

GET
H2 200 c87bc9c95353d4c2ef60.b.js Show response
cdn.admixer.net/scripts3/ 89 KB
25 KB 18ms
17ms Script
application/javascript 2a03:90c0:9994::9994
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/c87bc9c95353d4c2ef60.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9994::9994 , Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 8dda0c872a62f386b4746491ee4f441dbc208f0bb0bb339e04b60872d6055025

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: nkf-up-gc9
date: Tue, 03 Nov 2020 03:51:43 GMT
content-encoding: gzip
last-modified: Tue, 27 Oct 2020 08:44:55 GMT
server: nginx
status: 200
etag: W/"5f97de07-16484"
vary: Accept-Encoding
x-cached-since: 2020-10-30T14:07:40+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Sun, 31 Oct 2021 14:07:29 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/ 230 KB
87 KB 56ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 88237
x-xss-protection: 0
server: cafe
etag: 8916267561321754551
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Nov 2020 03:51:43 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/ Frame 8602 0
0 7ms
6ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201029/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201029/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mail.i.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mail.i.ua/

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Tue, 03 Nov 2020 02:23:42 GMT
expires: Tue, 17 Nov 2020 02:23:42 GMT
content-type: text/html; charset=UTF-8
etag: 5228831996244654541
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4745
x-xss-protection: 0
age: 5281
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK uh.php Show response
i.ua/ 8 B
645 B 164ms
48ms Script
text/html 91.198.36.14
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://i.ua/uh.php?UH=c2636963c5382585&US=0&r=1604375503
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.14 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: www.i.ua
Software: nginx /
Resource Hash: 0de7a49f6d21fbef846aba4bd271502d7ec9489bfbb3fd96f5ff7cf19140875e

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Server: nginx
Connection: keep-alive
Content-Type: text/html; charset=windows-1251
Keep-Alive: timeout=5
Transfer-Encoding: chunked
P3P: policyref="http://i.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"

GET
H2 200 fpdata.js Show response
kpmediagaua.hit.gemius.pl/ 262 B
374 B 50ms
50ms Script
application/x-javascript 149.202.221.211
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://kpmediagaua.hit.gemius.pl/fpdata.js?href=mail.i.ua
Requested by: Host: kpmediagaua.hit.gemius.pl
URL: https://kpmediagaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.221.211 , France, ASN16276 (OVH, FR),
Reverse DNS: ua2.host.hit.gemius.pl
Software: GHC /
Resource Hash: 7ebcdfca177dc75e9d1c1cf6e8ffc10d5b904637686911d154d8e0688e6a8c7f

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:43 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: private, max-age=2592000
accept-ranges: none
content-type: application/x-javascript
content-length: 262
expires: Thu, 03 Dec 2020 03:51:43 GMT

GET
H2 200 lsget.html
ls.hit.gemius.pl/ Frame CEDB 0
0 153ms
50ms Document
text/html 149.202.208.196
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: kpmediagaua.hit.gemius.pl
URL: https://kpmediagaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.208.196 , France, ASN16276 (OVH, FR),
Reverse DNS: ovhfr5.host.hit.gemius.pl
Software: GHC /
Resource Hash

Request headers

:method: GET
:authority: ls.hit.gemius.pl
:scheme: https
:path: /lsget.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mail.i.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mail.i.ua/

Response headers

status: 200
date: Tue, 03 Nov 2020 03:51:43 GMT
expires: Thu, 03 Dec 2020 03:51:43 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2719
content-encoding: gzip

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 194 B
624 B 165ms
57ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=mail.i.ua&callback=_gfp_s_&client=ca-pub-3755662197386269

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

6202768ba7dab7a3f085b9db064bcd664c630caeaf8428d95daf8d48a7f9297e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: private
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 186
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
832 B 35ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=mail.i.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Nov 2020 03:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
832 B 37ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=mail.i.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Nov 2020 03:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 403 ads
googleads.g.doubleclick.net/pagead/ Frame 5769 0
0 29ms
29ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1604375503&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fmail.i.ua%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604375503605&bpp=12&bdt=308&idt=143&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5563208729492&frm=20&pv=2&ga_vid=2084935384.1604375504&ga_sid=1604375504&ga_hid=1756615149&ga_fc=0&iag=0&icsg=134250656&dssz=24&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067555&oid=3&pvsid=1420496748323193&pem=644&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=169

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1604375503&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fmail.i.ua%2F&ea=0&flash=0&pra=5&wgl=1&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d&dt=1604375503605&bpp=12&bdt=308&idt=143&shv=r20201029&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5563208729492&frm=20&pv=2&ga_vid=2084935384.1604375504&ga_sid=1604375504&ga_hid=1756615149&ga_fc=0&iag=0&icsg=134250656&dssz=24&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21067555&oid=3&pvsid=1420496748323193&pem=644&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=169
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mail.i.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mail.i.ua/

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 03 Nov 2020 03:51:43 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 03-Nov-2020 04:06:43 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
28 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

552daf5addd8238a948f53993357830b2f7e18ffca4457f8fecd9e12b8fd8171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1604344539233351"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27555
x-xss-protection: 0
expires: Tue, 03 Nov 2020 03:51:43 GMT

GET
H/1.1 200
OK holder.y307.js Show response
i.holder.com.ua/t/ 9 KB
4 KB 182ms
47ms Script
application/x-javascript 91.198.36.26
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://i.holder.com.ua/t/holder.y307.js
Requested by: Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?b5009&tj&c1&r824254633&hmail.i.ua%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: i1.i.ua
Software: nginx /
Resource Hash: 8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 14:14:15 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H2 200 cmeter_an.js Show response
source.mmi.bemobile.ua/cm/ 10 KB
4 KB 241ms
78ms Script
application/javascript 194.247.175.38
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cmeter_an.js
Requested by: Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?b5009&tj&c1&r824254633&hmail.i.ua%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:43 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:55:53 GMT
server: nginx/1.13.0
etag: W/"5dc27c89-2699"
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:55:53 GMT

GET
H/1.1 200
OK i_radio.svg
i3.i.ua/v2/header2014/sections/ 2 KB
2 KB 48ms
48ms Image
image/svg+xml 91.198.36.78
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i3.i.ua/v2/header2014/sections/i_radio.svg
Requested by: Host: i3.i.ua
URL: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.198.36.78 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: sh02.mi6.kiev.ua
Software: nginx /
Resource Hash: 1d4af9cf7fd74a43e7640f0d828823068c6d6dfe7688ca8a122cc1cf6fd6ca03

Request headers

Referer: https://i3.i.ua/css/i2/blue/mail.y2016369a.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Last-Modified: Thu, 04 Sep 2014 11:06:56 GMT
Server: nginx
Content-Type: image/svg+xml
Cache-Control: max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=5
Content-Length: 1672
Expires: Wed, 03 Nov 2021 03:51:43 GMT

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 24 KB
24 KB 218ms
123ms Script
text/javascript 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&data=%7B%22id%22%3A%2238ddc0f5-dafe-c905-5bee-6d7300436d02%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fmail.i.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22883ab5a7-13a8-b537-084b-fd27f1c3138a%22%2C%22tagid%22%3A%2210c147c0-92a2-4910-a618-1fbaf92467d1%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_rm_inner%22%2C%22pos%22%3A1%7D%2C%22sender%22%3Anull%7D%2C%7B%22id%22%3A%222b4e7668-10ab-1794-f3bc-d1900a9a33d3%22%2C%22tagid%22%3A%222724cbf4-a4a5-49cb-84fb-c8dd977b5901%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_top_mail%22%2C%22pos%22%3A1%7D%2C%22sender%22%3Anull%7D%2C%7B%22id%22%3A%22181a85c2-ba08-2551-3439-592cfd59b8e6%22%2C%22tagid%22%3A%22c3c218c0-1f63-4c63-bd3c-c6409ae94d33%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_mobile_inner%22%2C%22pos%22%3A0%7D%2C%22sender%22%3Anull%7D%5D%2C%22allimps%22%3A3%7D&rnd=8631520371837766&cpv=7ff494bc-abdf-a411-5257-d70c969ea2de&am-uid=null&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/c87bc9c95353d4c2ef60.b.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c119ab2772620b2fbba9e27b15051e1424daf64c4c51b47d8ff499f9db182da1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:43 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
X-XSS-Protection: 0

GET
H2

200

rexdot.js Show response
kpmediagaua.hit.gemius.pl/__/_1604375503859/
Redirect Chain

https://kpmediagaua.hit.gemius.pl/_1604375503859/rexdot.js?l=100&id=d1Yw5EtdZvzlzbDVgnMo_ceCDhswwIL03Gsu091xSCf.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fma...
https://kpmediagaua.hit.gemius.pl/__/_1604375503859/rexdot.js?l=100&id=d1Yw5EtdZvzlzbDVgnMo_ceCDhswwIL03Gsu091xSCf.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2...

169 B
431 B

50ms
50ms

Script
application/x-javascript

149.202.221.211
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://kpmediagaua.hit.gemius.pl/__/_1604375503859/rexdot.js?l=100&id=d1Yw5EtdZvzlzbDVgnMo_ceCDhswwIL03Gsu091xSCf.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmail.i.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=171&lsdata=YI16ybcEj6ml4zmeu2gq6aaVzFXr6w.Kee1vXbZFPE..x7o.LPcTJJG2Tc_3N8gIHPnKahtpOYHVtvNnMQsAKxrWqxSd/vKEEdx_niPm1C/&fpdata=jgjVbzw9ULyDoIuh0JvehxxOpJWfchaXLy7eaQm1GGj.l7&vis=1
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 149.202.221.211 , France, ASN16276 (OVH, FR),
Reverse DNS: ua2.host.hit.gemius.pl
Software: GHC /
Resource Hash: ec1fa4e33e9ee5f146fdb3ac9174ca059a3dbf1d01714a700576028da0381aee

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:43 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
status: 200
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Mon, 02 Nov 2020 03:51:43 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:43 GMT
server: GHC
status: 301
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1604375503859/rexdot.js?l=100&id=d1Yw5EtdZvzlzbDVgnMo_ceCDhswwIL03Gsu091xSCf.m7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=-60&fv=-&href=https%3A%2F%2Fmail.i.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=171&lsdata=YI16ybcEj6ml4zmeu2gq6aaVzFXr6w.Kee1vXbZFPE..x7o.LPcTJJG2Tc_3N8gIHPnKahtpOYHVtvNnMQsAKxrWqxSd/vKEEdx_niPm1C/&fpdata=jgjVbzw9ULyDoIuh0JvehxxOpJWfchaXLy7eaQm1GGj.l7&vis=1
cache-control: no-store, no-cache, must-revalidate, max-age=0
accept-ranges: none
content-length: 0
expires: Mon, 02 Nov 2020 03:51:43 GMT

GET
H2 200 i.ua.971124.js Show response
jsc.mgid.com/i/u/ 280 KB
77 KB 176ms
68ms Script
text/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/i/u/i.ua.971124.js
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.y307.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1276704f590aac43d76f558ee1a190e33f616e1939757db3b72b87f3c15a3d54

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 522
cf-polished: origSize=286272
status: 200
last-modified: Wed, 28 Oct 2020 07:38:43 GMT
x-amz-request-id: 5CE01BFEBE03D7A8
x-amz-id-2: P6IN7wvbI+rPYGhFjjCNNVqemBAA8/ddQXD36/52MgARkz4RVniZZ/3waEy8xBKZmk9Rc3+XvHQ=
cf-bgj: minify
server: cloudflare
etag: W/"33618662c2a385617f5119ea11bf9f56"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-request-id: 062dd47d0000001e9916a64000000001
cf-ray: 5ec32374ccd21e99-AMS
expires: Tue, 03 Nov 2020 06:51:44 GMT

GET
H/1.1 200
OK s
h.holder.com.ua/ 3 B
371 B 48ms
47ms Image
application/x-www-form-urlencoded 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://h.holder.com.ua/s?tv&p1&b5009&r382860213
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Nov 2020 03:51:44 GMT
Server: nginx
Content-Type: application/x-www-form-urlencoded; charset=windows-1251
Cache-Control: no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 3
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 b617b3518f77075ddd9b.b.js Show response
cdn.admixer.net/scripts3/ 65 KB
16 KB 16ms
14ms Script
application/javascript 2a03:90c0:9994::9994
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/b617b3518f77075ddd9b.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9994::9994 , Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: b97d2e6a66a5dda69f9b8df0f7c35755fe4638967edab7e9aefddaa596f6e905

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: nkf-up-gc9
date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: gzip
last-modified: Tue, 27 Oct 2020 08:44:54 GMT
server: nginx
status: 200
etag: W/"5f97de06-104a1"
vary: Accept-Encoding
x-cached-since: 2020-10-30T14:07:53+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Sun, 31 Oct 2021 14:07:52 GMT

GET
H2 200 0c041d0472a1e9937f43.b.js Show response
cdn.admixer.net/scripts3/ 28 KB
11 KB 16ms
15ms Script
application/javascript 2a03:90c0:9994::9994
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/0c041d0472a1e9937f43.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9994::9994 , Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: d45c81284c2e259e75fee13ce5f55222aab6e2d953bbc241f234ec4fd1ed25cb

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: nkf-up-gc9
date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: gzip
last-modified: Tue, 27 Oct 2020 08:44:45 GMT
server: nginx
status: 200
etag: W/"5f97ddfd-7029"
vary: Accept-Encoding
x-cached-since: 2020-10-30T14:07:26+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Sun, 31 Oct 2021 14:07:26 GMT

GET
H2 200 41a864b609924a98ff78.b.js Show response
cdn.admixer.net/scripts3/ 42 KB
18 KB 19ms
18ms Script
application/javascript 2a03:90c0:9994::9994
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/41a864b609924a98ff78.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9994::9994 , Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: 0bb2ecec828231314c53eeddb929ac4a79bde0975a7405d6f0fdfce309b1e76c

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: nkf-up-gc9
date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: gzip
last-modified: Tue, 27 Oct 2020 08:44:48 GMT
server: nginx
status: 200
etag: W/"5f97de00-a7af"
vary: Accept-Encoding
x-cached-since: 2020-10-30T14:07:35+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Sun, 31 Oct 2021 14:07:17 GMT

GET
H2 200 74f4cdef0798513d6ef8.b.js Show response
cdn.admixer.net/scripts3/ 13 KB
5 KB 19ms
18ms Script
application/javascript 2a03:90c0:9994::9994
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/74f4cdef0798513d6ef8.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9994::9994 , Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: ace9d28180ae3b890ae427d99a7020a6a3230c6df6b4e8c6e422b575298c2640

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: nkf-up-gc9
date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: gzip
last-modified: Tue, 27 Oct 2020 08:44:51 GMT
server: nginx
status: 200
etag: W/"5f97de03-326c"
vary: Accept-Encoding
x-cached-since: 2020-10-30T14:07:23+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Sun, 31 Oct 2021 14:07:25 GMT

GET
H2 200 572d2083c4bf06beeede.b.js Show response
cdn.admixer.net/scripts3/ 222 KB
76 KB 25ms
25ms Script
application/javascript 2a03:90c0:9994::9994
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/572d2083c4bf06beeede.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:9994::9994 , Russian Federation, ASN199524 (GCORE, AT),
Reverse DNS
Software: nginx /
Resource Hash: bdeaf1abf47e61f59c72cffee9d2fd04adf9cb0b6c4638c491bf92bf05ef31ce

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-id: nkf-up-gc9
date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: gzip
last-modified: Tue, 27 Oct 2020 08:44:49 GMT
server: nginx
status: 200
etag: W/"5f97de01-37941"
vary: Accept-Encoding
x-cached-since: 2020-10-30T14:17:07+00:00
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31622400
cache: HIT
expires: Sun, 31 Oct 2021 14:17:09 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 107 KB
35 KB 43ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/c87bc9c95353d4c2ef60.b.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 586f76dc6bb5b23638b5952b115013e6cde86c5d0b18d071fc7a5b2a21787ff7

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:20:45 GMT
server: nginx
etag: W/"5f8eabed-1ada9"
status: 200
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Wed, 04 Nov 2020 03:51:44 GMT

POST
H/1.1 200
OK v1 Show response
ww251.smartadserver.com/prebid/ 0
326 B 233ms
117ms XHR
application/json 185.86.137.43
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww251.smartadserver.com/prebid/v1
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/5e58871d883bdc35155a.b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.43 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:43 GMT
x-smrt-d: 3%3b15%3b127
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://mail.i.ua
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
163 B 184ms
63ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/5e58871d883bdc35155a.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 03 Nov 2020 03:51:44 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://mail.i.ua
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
163 B 184ms
63ms XHR
text/plain 185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/5e58871d883bdc35155a.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Tue, 03 Nov 2020 03:51:44 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://mail.i.ua
access-control-max-age: 3600
access-control-allow-methods: POST

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_dmp&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_gid=CAESEEhtDjeiEbEmYMh5NFa_klE&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NWExNDg0ODlhMWZlNDA1YjliMDNjNTcxYTRmMDMzZTY&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESENE4Av0a5yNuIAzt0h_wRzI&google_cver=1
https://x.bidswitch.net/sync?ssp=admixer&user_id=5a148489a1fe405b9b03c571a4f033e6&gdpr=0&gdpr_consent=null&us_privacy=null
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=5a148489a1fe405b9b03c571a4f033e6&gdpr=0&gdpr_consent=null&us_privacy=null
https://rtb.4finance.com/sync?ssp=bidswitch&bidswitch_ssp_id=admixer&bsw_user_id=49a1a226-e759-4cf4-8166-bfaaf2f80904&bsw_param=49a1a226-e759-4cf4-8166-bfaaf2f80904
https://rtb.4finance.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=admixer&bsw_user_id=49a1a226-e759-4cf4-8166-bfaaf2f80904&bsw_param=49a1a226-e759-4cf4-8166-bfaaf2f80904
https://x.bidswitch.net/sync?dsp_id=159&expires=14&user_id=75d9473a-bba2-47dd-8ba5-fc3e0811e560&ssp=admixer&user_group=&bsw_param=49a1a226-e759-4cf4-8166-bfaaf2f80904
https://inv-nets.admixer.net/bs/cm.aspx?id=49a1a226-e759-4cf4-8166-bfaaf2f80904&gdpr=&consent=&gdpr_pd=

43 B
448 B

47ms
47ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=49a1a226-e759-4cf4-8166-bfaaf2f80904&gdpr=&consent=&gdpr_pd=

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:45 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

status: 302
date: Tue, 03 Nov 2020 03:51:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //inv-nets.admixer.net/bs/cm.aspx?id=49a1a226-e759-4cf4-8166-bfaaf2f80904&gdpr=&consent=&gdpr_pd=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cm.php
ismatlab.com/cp/api/ 43 B
149 B 208ms
66ms Image
image/gif 99.80.32.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ismatlab.com/cp/api/cm.php?t=5a148489a1fe405b9b03c571a4f033e6&rurl=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DE74212A8-B685-43DE-96BE-5625F08BF373%26id%3D%5Baclid%5D45

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.80.32.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-80-32-159.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 03 Nov 2020 03:51:44 GMT
server: nginx
strict-transport-security: max-age=31536000
content-type: image/gif

GET
H/1.1

200
OK

cm.aspx
inv-nets.admixer.net/bs/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NWExNDg0ODlhMWZlNDA1YjliMDNjNTcxYTRmMDMzZTY&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESENE4Av0a5yNuIAzt0h_wRzI&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=admixer_technologies&google_hm=NWExNDg0ODlhMWZlNDA1YjliMDNjNTcxYTRmMDMzZTY&google_cm
https://inv-nets.admixer.net/gadx/cm.aspx?google_nid=admixer_technologies&google_gid=CAESENE4Av0a5yNuIAzt0h_wRzI&google_cver=1
https://x.bidswitch.net/sync?ssp=admixer&user_id=5a148489a1fe405b9b03c571a4f033e6&gdpr=0&gdpr_consent=null&us_privacy=null
https://x.bidswitch.net/ul_cb/sync?ssp=admixer&user_id=5a148489a1fe405b9b03c571a4f033e6&gdpr=0&gdpr_consent=null&us_privacy=null
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=a...
https://x.bidswitch.net/sync?dsp_id=193&user_id=&expires=1&ssp=admixer
https://inv-nets.admixer.net/bs/cm.aspx?id=49a1a226-e759-4cf4-8166-bfaaf2f80904&gdpr=&consent=&gdpr_pd=

43 B
448 B

47ms
46ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/bs/cm.aspx?id=49a1a226-e759-4cf4-8166-bfaaf2f80904&gdpr=&consent=&gdpr_pd=

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:44 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

status: 302
date: Tue, 03 Nov 2020 03:51:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //inv-nets.admixer.net/bs/cm.aspx?id=49a1a226-e759-4cf4-8166-bfaaf2f80904&gdpr=&consent=&gdpr_pd=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

55453de97a118ce9
ads.us.e-planning.net/uspd/1/
Redirect Chain

https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID

0
0

59ms
58ms

Image
text/html

5.178.65.246
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.us.e-planning.net/uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.246 Renswoude, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

status: 302
date: Tue, 03 Nov 2020 03:51:44 GMT
content-type: text/html; charset=iso-8859-1
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /uspd/1/55453de97a118ce9?ct=1&ruimd=1&du=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DD56DC09D-C39C-4BD6-BD73-03CAB4DA9C50%26id%3D%24UID
x-sid: AMS-601

GET
H2

404

/
an.yandex.ru/setud/target_rtb/
Redirect Chain

https://match.new-programmatic.com/userbind?src=admixer&id=5a148489a1fe405b9b03c571a4f033e6
https://match.new-programmatic.com/userbind?src=yandex&pbf=1&gi=1
https://an.yandex.ru/setud/target_rtb/?sign=1615146367
https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1615146367

43 B
290 B

55ms
55ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1615146367
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:44 GMT
last-modified: Tue, 03 Nov 2020 03:51:44 GMT
server: nginx/1.12.2
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
status: 404
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif; charset=windows-1251
content-length: 43
expires: Tue, 03 Nov 2020 03:51:44 GMT

Redirect headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:44 GMT
last-modified: Tue, 03 Nov 2020 03:51:44 GMT
server: nginx/1.12.2
status: 302
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/target_rtb/?redir-setuniq=1&sign=1615146367
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
content-length: 0
x-xss-protection: 1; mode=block
expires: Tue, 03 Nov 2020 03:51:44 GMT

GET
H2

200

cm-notify
ams.creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
252 B

62ms
59ms

Image
image/gif

185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 , Poland, ASN204995 (RTB-HOUSE-AMS, NL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Tue, 03 Nov 2020 03:51:44 GMT, Tue, 03 Nov 2020 03:51:44 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

status: 302
date: Tue, 03 Nov 2020 03:51:44 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
location: https://ams.creativecdn.com/cm-notify?pi=admixer&tc=1
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sync.html
s.console.adtarget.com.tr/ 0
0 275ms
90ms Image
text/html 2a06:8640:448:0:ec4:7aff:fe7e:db36
24SHELLS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.console.adtarget.com.tr/sync.html?aid=517350
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:8640:448:0:ec4:7aff:fe7e:db36 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://mail.i.ua
Access-Control-Allow-Credentials: true

GET
H2

200

admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=5a148489a1fe405b9b03c571a4f033e6
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=5a148489a1fe405b9b03c571a4f033e6

43 B
130 B

53ms
52ms

Image
image/gif

148.251.156.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=5a148489a1fe405b9b03c571a4f033e6
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 148.251.156.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.156.251.148.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 03 Nov 2020 03:51:44 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

date: Tue, 03 Nov 2020 03:51:44 GMT
server: nginx
status: 307
etag: W/"41e567d17c55b144a8305fbea491774a55c601e1469df961dea02271221960a8"
serverid: TODO
content-type: text/html; charset=utf-8
location: /cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=5a148489a1fe405b9b03c571a4f033e6
content-length: 122

GET
H2 200 /
ads.adsinspidsp.com/ 0
800 B 37ms
13ms Image
text/html 2606:4700:3031::6818:61f6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adsinspidsp.com/?cmid=18&sid=136&user_id=5a148489a1fe405b9b03c571a4f033e6
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6818:61f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=juGmyMmMmU4dbQba3z%2BOEI%2B6uz%2F3d17MeHq%2FnP5gXBUaGNHGoRtA%2BEq9WnROm2mUNvo9%2Bv2YOQp%2BvykkJeRtO8Wg5hSmHi7TJ7Zr%2FL7fiTph8uDvrFV1SAX1iltdEkXE"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
status: 200
cf-ray: 5ec32374d95cdfa5-FRA
cf-request-id: 062dd47d080000dfa57f8ca000000001

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}&crf=1
https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bbaa286f-cc86-5234-91fd-a7e8ce5d7438

43 B
448 B

53ms
53ms

Image
image/gif

146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bbaa286f-cc86-5234-91fd-a7e8ce5d7438

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:44 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

status: 302
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
location: https://inv-nets.admixer.net/adxcm.aspx?ssp=70C88C54-8654-4219-A50A-E344F86A4A28&id=bbaa286f-cc86-5234-91fd-a7e8ce5d7438

GET
H2 200 cm.js Show response
source.mmi.bemobile.ua/cm/ 52 KB
20 KB 129ms
129ms Script
application/javascript 194.247.175.38
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://source.mmi.bemobile.ua/cm/cm.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cmeter_an.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.38 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: gzip
last-modified: Wed, 06 Nov 2019 07:55:53 GMT
server: nginx/1.13.0
etag: W/"5dc27c89-d0f6"
content-type: application/javascript; charset=utf-8
status: 200
cache-control: no-cache
expires: Thu, 07 Nov 2019 07:55:53 GMT

GET
H2 200 mwayss_invocation.min.js Show response
ad.mox.tv/mox/ 27 KB
9 KB 168ms
55ms Script
application/javascript 185.180.223.67
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1552&height=300&width=400&tld=www.i.ua&ctype=div
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.67 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-67.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: f9e403b779620794dfdd500dfd47768c51f65f941024cea0aeb2d4f613b31975

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: gzip
last-modified: Mon, 19 Oct 2020 15:27:25 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5f8db05d-6ac6"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 03 Nov 2020 04:51:44 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 143ms
50ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?item=4b4c6d43-3812-4db3-af0c-895d7ff523c8&cc=PL%2F14%2F756135&am-uid=5a148489a1fe405b9b03c571a4f033e6&cet=4&profile=ea4ca8e5-6ece-461c-8a10-d3c839ff9999&zone=10c147c0-92a2-4910-a618-1fbaf92467d1&device=24&rule=367981d1-53b6-4dd6-8a3e-50db6709e57c&requestId=fd747696-5933-4f56-b942-f4066c81e353&page=mail.i.ua%2F&sw=[e=screen.width]&sh=[e=screen.height]&adv=Mediawayss&dsp=UMH+Digital&ts=637399723039468430&ap=NDM%3D&asign=-284836171&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Apple&mod=Apple+Chrome+-+OS+X&os=OS+X&osv=10_14_5&adtype=2&crid=4b4c6d43-3812-4db3-af0c-895d7ff523c8&pvid=03df5d7a-be5c-476e-baf3-b315bf9eaa3f&extpubid=10c147c0-92a2-4910-a618-1fbaf92467d1&inst=ADS-EU-4&pxl=0&sf=0

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:44 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
139 B 173ms
57ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=184&cb=79398120551
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Tue, 03 Nov 2020 03:51:43 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://mail.i.ua
timing-allow-origin: *
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
139 B 171ms
58ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=99&profileId=184&cb=4899162903
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

status: 204
date: Tue, 03 Nov 2020 03:51:43 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://mail.i.ua
timing-allow-origin: *
vary: Origin

GET
H2 200 cds.js Show response
pa.tns-ua.com/viewability/ 2 KB
3 KB 237ms
69ms Script
application/javascript 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cds.js
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
last-modified: Mon, 02 Jul 2018 17:27:00 GMT
server: nginx/1.13.0
etag: "5b3a6064-9c3"
content-type: application/javascript; charset=utf-8
status: 200
accept-ranges: bytes
content-length: 2499

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 16ms
15ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Nov 2020 02:47:06 GMT
server: ESF
date: Tue, 03 Nov 2020 03:51:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Nov 2020 03:51:44 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
646 B 23ms
23ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 03 Nov 2020 02:18:07 GMT
server: ESF
date: Tue, 03 Nov 2020 03:51:44 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 03 Nov 2020 03:51:44 GMT

GET
H2 200 ByMGID.svg
cdn.mgid.com/images/logos/ 2 KB
1 KB 63ms
58ms Image
image/svg+xml 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/ByMGID.svg
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 4070
status: 200
x-amz-request-id: EDD0957952C83C96
x-amz-id-2: 5KTvy9umK7Q9q7ayYfRhARbIRy2XVYo4Q/XpLliaGD20EGMrNCeynM9vzhfKBPhTvzrfw18tEFk=
last-modified: Thu, 07 May 2020 09:36:25 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1588844166/ctime:1588844166/gid:0/gname:root/md5:17534e4d893e6f9d5f70f8483530ae6e/mode:33206/mtime:1588844166/uid:0/uname:root
etag: W/"17534e4d893e6f9d5f70f8483530ae6e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cf-request-id: 062dd47dc700001e99e5ba5000000001
cf-ray: 5ec323760e881e99-AMS

GET
DATA 200
OK truncated
/ 507 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3d888993db1a22a73b8d834d45dcbf14c0ecca608fde8da2d23d9690910e7c60

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 127ms
51ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=8167273d-0350-4192-a2a7-6e2a0fb7cfff&cc=PL%2F14%2F756135&am-uid=5a148489a1fe405b9b03c571a4f033e6&cet=18&profile=36dba250-021e-4192-bb34-f2ee916251dd&zone=2724cbf4-a4a5-49cb-84fb-c8dd977b5901&device=24&rule=44b79aa5-6d98-4282-b061-968a02126bc6&requestId=33124ba7-6f03-4cd6-b0d0-3f7fbc75334a&page=mail.i.ua%2F&size=350x240&adv=N%2FA&dsp=UMH+Digital&ts=637399723039468430&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Apple&mod=Apple+Chrome+-+OS+X&os=OS+X&osv=10_14_5&adtype=0&crid=8167273d-0350-4192-a2a7-6e2a0fb7cfff&pvid=03df5d7a-be5c-476e-baf3-b315bf9eaa3f&extpubid=10c147c0-92a2-4910-a618-1fbaf92467d1&inst=ADS-EU-4&pxl=0

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 03 Nov 2020 03:51:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 124ms
51ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=5e5ec4a4-287f-4613-8d3b-354b1602dcd2&cc=PL%2F14%2F756135&am-uid=5a148489a1fe405b9b03c571a4f033e6&cet=18&profile=a01bdf0b-f125-40f1-9022-c7f2f7f7f847&zone=2724cbf4-a4a5-49cb-84fb-c8dd977b5901&device=24&rule=44b79aa5-6d98-4282-b061-968a02126bc6&requestId=33124ba7-6f03-4cd6-b0d0-3f7fbc75334a&page=mail.i.ua%2F&size=350x240&adv=N%2FA&dsp=UMH+Digital&ts=637399723039468430&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Apple&mod=Apple+Chrome+-+OS+X&os=OS+X&osv=10_14_5&adtype=0&crid=5e5ec4a4-287f-4613-8d3b-354b1602dcd2&pvid=03df5d7a-be5c-476e-baf3-b315bf9eaa3f&extpubid=10c147c0-92a2-4910-a618-1fbaf92467d1&inst=ADS-EU-4&pxl=0

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 03 Nov 2020 03:51:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 145ms
53ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=9b1b0305-7d25-4d27-94d9-2aab9ca411f2&cc=PL%2F14%2F756135&am-uid=5a148489a1fe405b9b03c571a4f033e6&cet=18&profile=a30acb44-18f1-45ca-ba85-5b440b44c7df&zone=2724cbf4-a4a5-49cb-84fb-c8dd977b5901&device=24&rule=44b79aa5-6d98-4282-b061-968a02126bc6&requestId=33124ba7-6f03-4cd6-b0d0-3f7fbc75334a&page=mail.i.ua%2F&size=350x240&adv=N%2FA&dsp=UMH+Digital&ts=637399723039468430&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Apple&mod=Apple+Chrome+-+OS+X&os=OS+X&osv=10_14_5&adtype=0&crid=9b1b0305-7d25-4d27-94d9-2aab9ca411f2&pvid=03df5d7a-be5c-476e-baf3-b315bf9eaa3f&extpubid=10c147c0-92a2-4910-a618-1fbaf92467d1&inst=ADS-EU-4&pxl=0

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 03 Nov 2020 03:51:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://mail.i.ua
Referer: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap&subset=cyrillic,greek,vietnamese
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 23:06:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 362730
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Fri, 29 Oct 2021 23:06:14 GMT

POST
H2 204 csm
bidder.criteo.com/ 0
139 B 57ms
56ms Other
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Tue, 03 Nov 2020 03:51:44 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://mail.i.ua
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 12ms
12ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 29 Oct 2021 03:51:44 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
260 B 13ms
12ms Image
image/gif 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
etag: "493ea254-2b"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Fri, 29 Oct 2021 03:51:44 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 103ms
47ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=f742cb4d-d761-4791-8285-5efe7567c557&cc=PL%2F14%2F756135&am-uid=5a148489a1fe405b9b03c571a4f033e6&cet=18&profile=8df08fbb-d83b-40e6-a788-390159bb4be9&zone=2724cbf4-a4a5-49cb-84fb-c8dd977b5901&device=24&rule=50ffdcf3-dfec-4e73-b3be-2ab4df1205b6&requestId=33124ba7-6f03-4cd6-b0d0-3f7fbc75334a&page=mail.i.ua%2F&size=970x90&adv=Criteo+RU&dsp=Criteo+RU&ts=637399723039468430&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Apple&mod=Apple+Chrome+-+OS+X&os=OS+X&osv=10_14_5&adtype=0&crid=f742cb4d-d761-4791-8285-5efe7567c557&pvid=03df5d7a-be5c-476e-baf3-b315bf9eaa3f&extpubid=10c147c0-92a2-4910-a618-1fbaf92467d1&inst=ADS-EU-4&pxl=0

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 03 Nov 2020 03:51:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST
H2 204 csm
bidder.criteo.com/ 0
139 B 60ms
60ms Other
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm?ptv=99&profileId=184
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

status: 204
date: Tue, 03 Nov 2020 03:51:44 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: https://mail.i.ua
timing-allow-origin: *
vary: Origin

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets-eu.admixer.net/ 0
220 B 106ms
50ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_prebid.aspx?item=c2ff041e-df23-4d0e-b9e7-a0b3cab25f4a&cc=PL%2F14%2F756135&am-uid=5a148489a1fe405b9b03c571a4f033e6&cet=18&profile=45e1c560-b605-4ab3-8c1a-822d47b1c6b0&zone=2724cbf4-a4a5-49cb-84fb-c8dd977b5901&device=24&rule=50ffdcf3-dfec-4e73-b3be-2ab4df1205b6&requestId=33124ba7-6f03-4cd6-b0d0-3f7fbc75334a&page=mail.i.ua%2F&size=728x90&adv=Criteo+RU&dsp=Criteo+RU&ts=637399723039468430&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Apple&mod=Apple+Chrome+-+OS+X&os=OS+X&osv=10_14_5&adtype=0&crid=c2ff041e-df23-4d0e-b9e7-a0b3cab25f4a&pvid=03df5d7a-be5c-476e-baf3-b315bf9eaa3f&extpubid=10c147c0-92a2-4910-a618-1fbaf92467d1&inst=ADS-EU-4&pxl=0

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 03 Nov 2020 03:51:44 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 99ms
46ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?item=66a850f8-eabc-4071-9a6a-e77e83e69e3c&cc=PL%2F14%2F756135&am-uid=5a148489a1fe405b9b03c571a4f033e6&cet=4&profile=986afcc4-0306-4c04-873b-86e6a1e24eab&zone=2724cbf4-a4a5-49cb-84fb-c8dd977b5901&device=24&rule=96c82bec-b531-4b18-9dca-c68c264fac72&requestId=33124ba7-6f03-4cd6-b0d0-3f7fbc75334a&page=mail.i.ua%2F&sw=[e=screen.width]&sh=[e=screen.height]&size=728x90&adv=Mediawayss&dsp=UMH+Digital&ts=637399723039468430&ap=MC4zODU4Mjc%3D&asign=174039384&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Apple&mod=Apple+Chrome+-+OS+X&os=OS+X&osv=10_14_5&adtype=0&crid=66a850f8-eabc-4071-9a6a-e77e83e69e3c&pvid=03df5d7a-be5c-476e-baf3-b315bf9eaa3f&extpubid=10c147c0-92a2-4910-a618-1fbaf92467d1&inst=ADS-EU-4&pxl=0&sf=0

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:44 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2 200 1 Show response
servicer.mgid.com/971124/ 4 KB
2 KB 112ms
111ms Script
application/x-javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/971124/1?w=1390&h=361&p1_w=264&p1_h=310&cols=5&pv=5&cbuster=1604375504351796876561&uniqId=0c37e&niet=4g&nisd=false&ref=&cxurl=https%3A%2F%2Fmail.i.ua%2F&lu=https%3A%2F%2Fmail.i.ua%2F&pageView=1&pvid=1758c3b65e0a6f2257a&implVersion=11&dpr=1
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/u/i.ua.971124.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f12f966462e605148f567d9d75e2f4e523b5637bbdd5d6ee7da4233f5526f0e

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ec323770fdb1e99-AMS
content-type: application/x-javascript; charset=utf-8
cf-request-id: 062dd47e6900001e99c10f5000000001

GET
H2 200 impress Show response
ad.mox.tv/delivery/ 13 KB
6 KB 89ms
89ms XHR
application/json 185.180.223.67
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1552&height=300&width=400&tld=www.i.ua&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=mail.i.ua&top_url=https%3A%2F%2Fmail.i.ua%2F&domain=mail.i.ua&url=https%3A%2F%2Fmail.i.ua%2F&referrer=&async=1&uid=118564852
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1552&height=300&width=400&tld=www.i.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.67 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-67.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 008542382c97313ab94734bf4831d01efc4827bf4c101a1ed7b93a26c69a2925

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
status: 200
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://mail.i.ua
access-control-allow-credentials: true

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@6.3.5/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.css
https://unpkg.com/swiper@6.3.5/swiper-bundle.min.css

13 KB
4 KB

12ms
12ms

Stylesheet
text/css

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@6.3.5/swiper-bundle.min.css

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8629be6cc3e10ce33c4fabb9c9dfb1343affc91b21d13f26fe2c48663f631f8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 312218
status: 200
vary: Accept-Encoding
cf-request-id: 062dd47e9a0000325805996000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3571-wSyh7QV2IYCbi1g9R8MqVLQ4hCI"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: c043987f9f0b54ebe9aa9d4385ab1ae5
cache-control: public, max-age=31536000
cf-ray: 5ec32377599b3258-FRA

Redirect headers

date: Tue, 03 Nov 2020 03:51:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 271
status: 302
vary: Accept, Accept-Encoding
content-length: 57
cf-request-id: 062dd47e89000032581bba8000000001
access-control-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
location: /swiper@6.3.5/swiper-bundle.min.css
x-cloud-trace-context: d8300cfa27dfd5b00c364391a3a80e94
cache-control: public, s-maxage=600, max-age=60
cf-ray: 5ec3237749783258-FRA

GET
H2 200 achernar.min.js Show response
ad.mox.tv/js/achernar/ 8 KB
2 KB 55ms
53ms Script
application/javascript 185.180.223.67
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/achernar.min.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1552&height=300&width=400&tld=www.i.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.67 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-67.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6dced161bfabefbe357aa2f4d472c955b4d7bc3782889ee0efdfafe57362b023

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: gzip
last-modified: Mon, 05 Oct 2020 12:35:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5f7b1308-1fdc"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=3600, public, max-age=3600
expires: Tue, 03 Nov 2020 04:51:44 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ 53 KB
18 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1552&height=300&width=400&tld=www.i.ua&ctype=div

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8cd39d5199f3887c60ebb78e0e4c455f32ca7d13de204e5381c125b72c097274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "682 / 828 of 1000 / last-modified: 1604358551"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 17899
x-xss-protection: 0
expires: Tue, 03 Nov 2020 03:51:44 GMT

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@6.3.5/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@6.3.5/swiper-bundle.min.js

138 KB
34 KB

26ms
25ms

Script
application/javascript

2606:4700::6810:7daf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@6.3.5/swiper-bundle.min.js

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7daf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a35ce74f2794876945ceee84fb3ec25273d51919405c018475981d446d8b529f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 312346
status: 200
vary: Accept-Encoding
cf-request-id: 062dd47e9a0000325823b14000000001
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"228ae-cN40Qq5UJHd8kCDkmajp3ddGYKA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 00a96996a5985ab1f73ef9a152e1dbd0
cache-control: public, max-age=31536000
cf-ray: 5ec3237759983258-FRA

Redirect headers

date: Tue, 03 Nov 2020 03:51:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 261
status: 302
vary: Accept, Accept-Encoding
content-length: 56
cf-request-id: 062dd47e89000032581631f000000001
access-control-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/plain; charset=utf-8
location: /swiper@6.3.5/swiper-bundle.min.js
x-cloud-trace-context: ed1afd79bf17a375c9e643895fe74d0c
cache-control: public, s-maxage=600, max-age=60
cf-ray: 5ec3237749793258-FRA

GET
H2 200 mwayss_invocation.min.css
ad.mox.tv/mox/ 3 KB
850 B 55ms
53ms Stylesheet
text/css 185.180.223.67
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1552&height=300&width=400&tld=www.i.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.67 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-67.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-a0a"
vary: Accept-Encoding
content-type: text/css
status: 200

GET
H2 200 p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 35 B
372 B 23ms
7ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:44 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
status: 200
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

204

aidata
sync.dmp.otm-r.com/match/
Redirect Chain

https://x01.aidata.io/0.gif?pid=MEDIAWAYSS&id=75593c1c-b33c-4a1a-99bb-1672f7a08941
https://x01.aidata.io/0.gif?pid=MEDIAWAYSS&id=75593c1c-b33c-4a1a-99bb-1672f7a08941&bounce=1
https://cm.g.doubleclick.net/pixel?google_nid=aidata_ddp&back=SYNC2&google_cm
https://x01.aidata.io/0.gif?pid=GOOGLE&back=SYNC2&google_gid=CAESEBuTAEllq9Hmgpq-KM0xkBs&google_cver=1
https://sync.1dmp.io/pixel.gif?cid=f3c5784e-9a1e-4a1c-887d-dfe2e0b8668b&pid=fe3f3a81-853f-42c7-992a-63a613fc388f&uid=PKpxcp1EhbVybC635eEYHQ&ru=https%3A//x01.aidata.io/0.gif%3Fpid%3DSYNC2
https://sync.1dmp.io/pixel.gif?cid=f3c5784e-9a1e-4a1c-887d-dfe2e0b8668b&pid=fe3f3a81-853f-42c7-992a-63a613fc388f&uid=PKpxcp1EhbVybC635eEYHQ&ru=https%3A//x01.aidata.io/0.gif%3Fpid%3DSYNC2&cs=1
https://x01.aidata.io/0.gif?pid=SYNC2
https://px.adhigh.net/p/cm/aidata?u=PKpxcp1EhbVybC635eEYHQ&back=SYNC2
https://px.adhigh.net/p/cm/aidata?u=PKpxcp1EhbVybC635eEYHQ&back=SYNC2&bounced=1
https://x01.aidata.io/0.gif?pid=GETINTENT&id=egIyV8jaXc2.AikABlF1jDspDw&back=SYNC2
https://sync.crwdcntrl.net/map/c=7645/tp=AIDA/?https://x01.aidata.io/0.gif?pid=LOTAME&id=PKpxcp1EhbVybC635eEYHQ&back=SYNC2
https://sync.crwdcntrl.net/map/ct=y/c=7645/tp=AIDA/?https://x01.aidata.io/0.gif?pid=LOTAME&id=PKpxcp1EhbVybC635eEYHQ&back=SYNC2
https://x01.aidata.io/0.gif?pid=LOTAME&id=PKpxcp1EhbVybC635eEYHQ&back=SYNC2
https://sync.dmp.otm-r.com/match/aidata?back=SYNC2&rp=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTM%26id%3D%7Bpid%7D

0
69 B

141ms
46ms

Image
text/plain

195.201.152.104
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.dmp.otm-r.com/match/aidata?back=SYNC2&rp=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTM%26id%3D%7Bpid%7D
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 195.201.152.104 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.104.152.201.195.clients.your-server.de
Software: nginx/1.17.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Tue, 03 Nov 2020 03:51:46 GMT
server: nginx/1.17.6
access-control-allow-origin: *

Redirect headers

Pragma: no-cache
Date: Tue, 03 Nov 2020 03:51:46 GMT
Last-Modified: Tue, 03 Nov 2020 03:51:45 GMT
Server: nginx
P3P: CP='NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA'
Location: https://sync.dmp.otm-r.com/match/aidata?back=SYNC2&rp=https%3A%2F%2Fx01.aidata.io%2F0.gif%3Fpid%3DOTM%26id%3D%7Bpid%7D
Cache-Control: no-cache, no-store, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 0
Expires: Tue, 03 Nov 2020 03:51:45 GMT

GET
H2 200 magic.png
bgstats.mox.tv/ 0
66 B 182ms
58ms Image
image/png 167.71.9.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgstats.mox.tv/magic.png
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 03 Nov 2020 03:51:44 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 0
content-type: image/png

GET
H2

200

sync
odr.mookie1.com/t/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=75593c1c-b33c-4a1a-99bb-1672f7a08941&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=75593c1c-b33c-4a1a-99bb-1672f7a08941&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=49a1a226-e759-4cf4-8166-bfaaf2f80904&ssp=prodoohmox&gdpr=0&gdpr_consent=

43 B
324 B

167ms
59ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=49a1a226-e759-4cf4-8166-bfaaf2f80904&ssp=prodoohmox&gdpr=0&gdpr_consent=
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:44 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

status: 302
date: Tue, 03 Nov 2020 03:51:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=49a1a226-e759-4cf4-8166-bfaaf2f80904&ssp=prodoohmox&gdpr=0&gdpr_consent=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 cm.html
pa.tns-ua.com/viewability/ Frame 9B70 0
0 70ms
69ms Document
text/html 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pa.tns-ua.com/viewability/cm.html
Requested by: Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash

Request headers

:method: GET
:authority: pa.tns-ua.com
:scheme: https
:path: /viewability/cm.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mail.i.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mail.i.ua/

Response headers

status: 200
server: nginx/1.13.0
date: Tue, 03 Nov 2020 03:51:44 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 25 Jun 2018 15:00:29 GMT
etag: W/"5b31038d-b5f"
content-encoding: gzip

GET
H2 200 pubads_impl_2020102901.js Show response
securepubads.g.doubleclick.net/gpt/ 273 KB
97 KB 172ms
70ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

2f61e74f8dfd64debe6c2f8272986e4bc0c1d83f115d2a44c3f601d0e2f39ca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 29 Oct 2020 08:43:31 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98487
x-xss-protection: 0
expires: Tue, 03 Nov 2020 03:51:44 GMT

GET
H2 200 i.js Show response
cm.mgid.com/ 1 KB
783 B 255ms
247ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1604375504585926380681
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/u/i.ua.971124.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aed62a6a72e10a034ddb8b09be775c7e1bf830b7ea188e576a1e327d0f03767

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5ec32377e8f21e99-AMS
pragma: no-cache
date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9067f12f-856b-4417-a2f7-d9104b26d377
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: application/javascript
cf-request-id: 062dd47eed00001e99bea9f000000001
server: cloudflare

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame BF55 19 B
392 B 162ms
159ms Script
application/javascript 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=160437550459020703478
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/i/u/i.ua.971124.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cf-ray: 5ec32377e8f51e99-AMS
pragma: no-cache
date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
x-mg-request-uuid: 6fe17f8d-68a2-4e1b-8f78-deb2ef876250
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: application/javascript
cf-request-id: 062dd47eed00001e99e5bb9000000001
server: cloudflare

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp
s-img.mgid.com/g/6288128/328x328/0x0x900x900/ 6 KB
6 KB 140ms
137ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288128/328x328/0x0x900x900/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc.webp?v=1604375504-9l75f1Xu-hJqYc48zRnw6DiTbeW07b-VjpTMX6QWYn0
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f801699c153bb3a5b5b1b91c5710dbf9e6ab2e197f52ae5d1669f03d2380a9e

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
cf-cache-status: HIT
x-mg-request-uuid: 3794d7c4-338e-487f-93d0-2d15f74106df
age: 2470502
status: 200
content-length: 5698
cf-request-id: 062dd47ef400001e99e00bc000000001
last-modified: Mon, 05 Oct 2020 11:13:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5ec32377e9071e99-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5YjFiMjlkZjY5ZTBkNTgyZTQ4ODAyOTM1MjY3ZDVkLmpwZWc.webp
s-img.mgid.com/g/3901238/328x328/0x518x476x476/ 8 KB
8 KB 97ms
95ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3901238/328x328/0x518x476x476/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzE5YjFiMjlkZjY5ZTBkNTgyZTQ4ODAyOTM1MjY3ZDVkLmpwZWc.webp?v=1604375504-Pk74Wltl_HsgFtz7w79z5bJtryvyOD1Pt2gixx0TwHQ
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ce44a6f4d9bac520efda3a5652c976458723c624decbe8cbd41f44e5784a914

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
cf-cache-status: HIT
x-mg-request-uuid: d3e2d433-ad03-4920-bfa1-883ff67c5f35
age: 2468685
status: 200
content-length: 8332
cf-request-id: 062dd47ef400001e99f02e1000000001
last-modified: Mon, 05 Oct 2020 11:23:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5ec32377e9061e99-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzhhNDdkYWZkOTI0YzViOTk5MzQ0ZTgyNjQyODViNWIxLmpwZWc.webp
s-img.mgid.com/g/4060553/328x328/16x0x530x530/ 11 KB
11 KB 59ms
59ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4060553/328x328/16x0x530x530/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0LzhhNDdkYWZkOTI0YzViOTk5MzQ0ZTgyNjQyODViNWIxLmpwZWc.webp?v=1604375504-IQbITZeE9bulC_iZII-9nj6wIwSDYz2n1WuHEyU2lEY
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 574f71dce5992a11aec94396f9f88c3e77f63d00ec31c1c4ca7daec16e745268

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
cf-cache-status: HIT
x-mg-request-uuid: 84f1bb2e-0703-4efa-89b1-22910f720e90
age: 3525
status: 200
content-length: 11622
cf-request-id: 062dd47f3100001e99c3abc000000001
last-modified: Mon, 05 Oct 2020 11:26:23 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5ec3237849691e99-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp
s-img.mgid.com/g/4023144/328x328/417x0x552x552/ 13 KB
13 KB 60ms
60ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/4023144/328x328/417x0x552x552/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDgvMTAxOTI0L2ZiZjE5MDlmMTRjNzNhMWEzNGU5YTA3YWRmNGE5ZmM0LnBuZw.webp?v=1604375504-Ze7UvjP9QHvhePDYmTYWrfIWCX24SUe7XsRiOq6dolo
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04ea75754b567bbe9552b5b5c6ccb53119d9d72249e0e377dbb59270f0561b0d

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
cf-cache-status: HIT
x-mg-request-uuid: b347e725-55c3-4c10-9f89-1575755f2ad7
age: 2468698
status: 200
content-length: 12916
cf-request-id: 062dd47f4f00001e99ee3a4000000001
last-modified: Mon, 05 Oct 2020 11:25:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5ec32378799e1e99-AMS

GET
H2 200 aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzAzN2I3MmM5MDViNjVlNWI2Y2Y2MmMzZmJkNGRhNWViLmpwZWc.webp
s-img.mgid.com/g/3908678/328x328/0x0x582x582/ 8 KB
8 KB 58ms
57ms Image
image/webp 104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/3908678/328x328/0x0x582x582/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0LzAzN2I3MmM5MDViNjVlNWI2Y2Y2MmMzZmJkNGRhNWViLmpwZWc.webp?v=1604375504-ZJ-9zpygWjZRjIFf8gLqWh6n6cw6-WqeWUOcE_CgSCs
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 977a9367d1fe9af25cb310a4947174f0aae9de9c45683943669f416ef077b7e5

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:44 GMT
cf-cache-status: HIT
x-mg-request-uuid: d3c50323-ad97-40bd-902e-17bc69cf5038
age: 2466014
status: 200
content-length: 8158
cf-request-id: 062dd47f5500001e99c420e000000001
last-modified: Mon, 05 Oct 2020 14:24:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5ec3237889a41e99-AMS

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 218ms
69ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=FAD978382706443589EEED017734F313&time=1604375504230&location=https%3A%2F%2Fmail.i.ua%2F&referrer=&is_flash=0&session_id=691839938&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=holder&param1=~cm_timer~&param2=0&param3=1200&param5=1&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 03 Nov 2020 03:51:44 GMT
server: nginx/1.13.0
access-control-allow-origin: *
content-length: 36
content-type: application/json

GET
H2 200 pic.gif
pa.tns-ua.com/bug/ 56 B
230 B 70ms
70ms Image
image/gif 194.247.175.19
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pa.tns-ua.com/bug/pic.gif?uid=FAD978382706443589EEED017734F313&time=1604375504610
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.19 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 03 Nov 2020 03:51:44 GMT
cache-control: no-cache
server: nginx/1.13.0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 425 B
820 B 235ms
182ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1420496748323193&correlator=1885737191268911&output=ldjh&impl=fifs&adsid=NT&vrg=2020102901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201103&iu_parts=21679382043%2Cmt_banners%2Cmt_umh_www.i.ua_banner_S&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=mt_fln%3D1&cookie=ID%3D964221d5ac994fff-22ee230d20b90026%3AT%3D1604375503%3ART%3D1604375503%3AS%3DALNI_MYgocJGpA_P6kpun8HvsdXK46fTPA&bc=31&abxe=1&lmt=1604375504&dt=1604375504875&dlt=1604375503297&idt=1537&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=950&adks=2741693600&ucis=1&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmail.i.ua%2F&dssz=48&icsg=175921862574080&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=2084935384.1604375504&ga_sid=1604375504&ga_hid=1756615149&fws=516&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

43c96b1aa570116cc3edb321cf072d293a382f28ffe1c064ab9983e058b60583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 222
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.i.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f48c5b957f90253d941c6be181c0224a.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 45ms
14ms Other
text/html 2a00:1450:4001:818::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f48c5b957f90253d941c6be181c0224a.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
11 KB 425ms
372ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1420496748323193&correlator=1885737191268911&output=ldjh&impl=fifs&adsid=NT&vrg=2020102901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201103&iu_parts=52555387%2Ci.ua_300x250_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&prev_scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm5%26yb_tt%3Dtt9%26yb_ff%3D1%26yb_th%3D19%26yb_tm%3D51%26yb_wd%3D1&cookie=ID%3D964221d5ac994fff-22ee230d20b90026%3AT%3D1604375503%3ART%3D1604375503%3AS%3DALNI_MYgocJGpA_P6kpun8HvsdXK46fTPA&bc=31&abxe=1&lmt=1604375504&dt=1604375504885&dlt=1604375503297&idt=1537&frm=20&biw=1600&bih=1200&oid=3&adxs=300&adys=950&adks=878540109&ucis=2&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmail.i.ua%2F&dssz=48&icsg=175921862574080&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=2084935384.1604375504&ga_sid=1604375504&ga_hid=1756615149&fws=516&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

383b92b176b7b931854795b97795e38ce8698c2fd98d34e8fbb2d04439bff780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10730
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.i.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 376ms
323ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1420496748323193&correlator=1885737191268911&output=ldjh&impl=fifs&adsid=NT&vrg=2020102901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20201103&iu_parts=21830442390%2Ci.ua%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250&fluid=height&cookie=ID%3D964221d5ac994fff-22ee230d20b90026%3AT%3D1604375503%3ART%3D1604375503%3AS%3DALNI_MYgocJGpA_P6kpun8HvsdXK46fTPA&bc=31&abxe=1&lmt=1604375504&dt=1604375504888&dlt=1604375503297&idt=1537&frm=20&biw=1600&bih=1200&oid=3&adxs=600&adys=950&adks=2301465409&ucis=3&ifi=3&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmail.i.ua%2F&dssz=48&icsg=175921862574080&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&ga_vid=2084935384.1604375504&ga_sid=1604375504&ga_hid=1756615149&fws=516&ohw=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

cdb449e2dc338e6792b9a38552860f6f3ed2a97e3511ca7db655e45b5e6d9a27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10302
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://mail.i.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 8667
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=mgid&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu

0
0

164ms
52ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Requested by: Host: cm.mgid.com
URL: https://cm.mgid.com/i.js?&cbuster=1604375504585926380681
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.230.142 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://mail.i.ua/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mail.i.ua/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Tue, 03 Nov 2020 03:51:45 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=mgid&endpoint=eu
Date: Tue, 03 Nov 2020 03:51:45 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=mgid
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=mgid&bds_param=49a1a226-e759-4cf4-8166-bfaaf2f80904
https://x.bidswitch.net/sync?dsp_id=340&user_id=b18b387a-a628-483d-9f99-93565bf82a4e&expires=10&ssp=mgid&bsw_param=49a1a226-e759-4cf4-8166-bfaaf2f80904
https://cm.mgid.com/m?cdsp=433145&c=49a1a226-e759-4cf4-8166-bfaaf2f80904&gdpr=&gdpr_consent=&us_privacy=

43 B
323 B

105ms
105ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=433145&c=49a1a226-e759-4cf4-8166-bfaaf2f80904&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:45 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 7b218201-9902-437f-92cc-d4a5d668b0a0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ec3237c4e601e99-AMS
content-type: image/gif
cf-request-id: 062dd481ad00001e99c1b1b000000001
server: cloudflare

Redirect headers

status: 302
date: Tue, 03 Nov 2020 03:51:45 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //cm.mgid.com/m?cdsp=433145&c=49a1a226-e759-4cf4-8166-bfaaf2f80904&gdpr=&gdpr_consent=&us_privacy=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

google
cm.mgid.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=marketgid&google_cm=&google_ula={guid}&google_hm=a2EySURQSUYzalBq&muidn=ka2IDPIF3jPj
https://cm.mgid.com/google?muidn=ka2IDPIF3jPj&google_ula={guid},5&google_gid=CAESEG9d6k0bRUu7MptxDoUJTUY&google_cver=1

0
150 B

99ms
99ms

Image
text/plain

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/google?muidn=ka2IDPIF3jPj&google_ula={guid},5&google_gid=CAESEG9d6k0bRUu7MptxDoUJTUY&google_cver=1
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ec32379eb3c1e99-AMS
content-type: text/plain
cf-request-id: 062dd4803500001e991c388000000001

Redirect headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:44 GMT
server: HTTP server (unknown)
status: 302
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.mgid.com/google?muidn=ka2IDPIF3jPj&google_ula={guid},5&google_gid=CAESEG9d6k0bRUu7MptxDoUJTUY&google_cver=1
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 327
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=mgid
https://cm.mgid.com/m?cdsp=501037&c=LfKSQAt65MVrUjppSokr&pi=mgid

43 B
322 B

104ms
104ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=501037&c=LfKSQAt65MVrUjppSokr&pi=mgid
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:45 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: c74bc46b-117f-4e99-abd7-582213646bcd
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ec3237a3b9f1e99-AMS
content-type: image/gif
cf-request-id: 062dd4806000001e990b280000000001
server: cloudflare

Redirect headers

status: 302
pragma: no-cache
date: Tue, 03 Nov 2020 03:51:44 GMT, Tue, 03 Nov 2020 03:51:44 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
location: https://cm.mgid.com/m?cdsp=501037&c=LfKSQAt65MVrUjppSokr&pi=mgid
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

49a1a226-e759-4cf4-8166-bfaaf2f80904
sync.1rx.io/usersync/bidswitch/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=303&user_id=ka2IDPIF3jPj
https://sync.1rx.io/usersync/bidswitch/49a1a226-e759-4cf4-8166-bfaaf2f80904?gdpr=&gdpr_consent=

0
187 B

198ms
49ms

Image
text/plain

213.19.147.150
LEVEL3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/bidswitch/49a1a226-e759-4cf4-8166-bfaaf2f80904?gdpr=&gdpr_consent=
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.19.147.150 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 03 Nov 2020 03:51:45 GMT
Cache-Control: no-store, no-cache, must-revalidate
Server: Tengine
Connection: keep-alive
Expires: 0

Redirect headers

status: 302
date: Tue, 03 Nov 2020 03:51:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
location: //sync.1rx.io/usersync/bidswitch/49a1a226-e759-4cf4-8166-bfaaf2f80904?gdpr=&gdpr_consent=
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 /
cm.lentainform.com/setmuidn/ 0
328 B 277ms
90ms Image
image/gif 23.105.245.4
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lentainform.com/setmuidn/?muidf=ka2IDPIF3jPj
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.105.245.4 , Russian Federation, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.19.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:45 GMT
server: nginx/1.19.0
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif

GET
H2 200 /
cm.idealmedia.io/setmuidn/ 0
557 B 218ms
109ms Image
image/gif 104.16.199.73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.idealmedia.io/setmuidn/?muidf=ka2IDPIF3jPj
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.199.73 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ec3237a7b4d1fd2-AMS
content-type: image/gif
cf-request-id: 062dd4808d00001fd20e285000000001

GET
H2

200

m
cm.mgid.com/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=omn67hl&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=omn67hl&ttd_tpi=1
https://cm.mgid.com/m?cdsp=371158&c=8854842c-b46a-4dfc-af5a-8072a7406824&ttl=1606967505

43 B
411 B

107ms
106ms

Image
image/gif

104.19.132.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.mgid.com/m?cdsp=371158&c=8854842c-b46a-4dfc-af5a-8072a7406824&ttl=1606967505
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.132.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:45 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 4f25c78c-7e71-4fc6-a5e4-7742a99613d8
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5ec3237b7d2c1e99-AMS
content-type: image/gif
cf-request-id: 062dd4812b00001e99c1b13000000001
server: cloudflare

Redirect headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:45 GMT
x-aspnet-version: 4.0.30319
status: 302
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.mgid.com/m?cdsp=371158&c=8854842c-b46a-4dfc-af5a-8072a7406824&ttl=1606967505
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 205

GET
H2 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010270040000/ Frame D225 204 KB
57 KB 30ms
4ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f566d8761b3cdb46344a002ab97bd65b99262bcade6eaac28d42795871b9f97d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35005
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56865
x-xss-protection: 0
server: sffe
date: Mon, 02 Nov 2020 18:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d9b9e5f0fe1d7d70"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Nov 2021 18:08:20 GMT

GET
H2 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D225 14 KB
5 KB 43ms
17ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b1ac3e3dac03cc7b55db95d3e2f6db06359e9f83c31edfe7e8948fe1b005ece

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35005
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5339
x-xss-protection: 0
server: sffe
date: Mon, 02 Nov 2020 18:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f32966a1dd31423f"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Nov 2021 18:08:20 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D225 96 KB
29 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53e860d5c71786683ef080150431ccdef7f285ecc24fea1abf56f8bb41109a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35005
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29532
x-xss-protection: 0
server: sffe
date: Mon, 02 Nov 2020 18:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7e22568992b3e519"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Nov 2021 18:08:20 GMT

GET
H2 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D225 4 KB
2 KB 41ms
16ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a084f9fa314be804daeb5314c0dcf00022a8d8a1319a990b9546860e2ca8753

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35005
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1794
x-xss-protection: 0
server: sffe
date: Mon, 02 Nov 2020 18:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "97d72cd21f25600f"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Nov 2021 18:08:20 GMT

GET
H2 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D225 45 KB
14 KB 38ms
13ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8637b0501ace1a66eb37373c3440baf7ac214692ac755d90d901d1c1587f3f6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35005
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14173
x-xss-protection: 0
server: sffe
date: Mon, 02 Nov 2020 18:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e02eb5bdf732790a"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Nov 2021 18:08:20 GMT

GET
DATA 200
OK truncated
/ Frame D225 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4abb2d1b2f2e15f3d50b4f790a143f881df97f56bfa220103edaf4c6b8dc7fce

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 5634992672600918762
tpc.googlesyndication.com/daca_images/simgad/ Frame D225 43 KB
43 KB 28ms
7ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/5634992672600918762

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

281122b76e469ae9897d6cb6b6639df72368d7af3887f8b9ab5140c5b6ea3f26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 23:07:09 GMT
x-content-type-options: nosniff
age: 362676
x-dns-prefetch-control: off
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44015
x-xss-protection: 0
last-modified: Tue, 29 Sep 2020 14:13:40 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Oct 2021 23:07:09 GMT

GET
H2 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D225 3 KB
3 KB 27ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Nov 2020 12:59:55 GMT
x-content-type-options: nosniff
server: cafe
age: 53510
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Tue, 03 Nov 2020 12:59:55 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D225 344 B
800 B 27ms
6ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 58696
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 03 Nov 2020 11:33:29 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D225 0
0 58ms
56ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CCfz40dOgX5J9jdfeA-O5r5AMpIzcvl_O4sG5uwzKoLCn9QoQASCZvb92YOnkyYXYGqABwYy7jAPIAQKpArf3Ucqo-JA-4AIAqAMByAMIqgTUAU_QwEGeqOBXoDziAEqw5XupoeoC3akSyW6zuqtiwRlt9TNYKeNBj9GUx-rQSLsZ7ejdNmIvZhA0VSpPd8UqlBE60vDNrWXD4SzK2zXFI7c4-QyFHCy1dDqd2Sz5e3tEsNOAJfCA0RoNEZkNZIh_pzEz750IH3Y67D0i6bzHa445M_f42LBjO0nDAWonSdzgzEMF3aCHTC9SCK8vwJOKv0w0OqhdmQgSg0ntqK3zKPgxpmCIe3eEd2QHE3C0vU_pv6xyMOgeTLQ43C82V8uJbLkH_9dZwASprrjlkgPgBAGgBgKAB6fzxHOoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQnMkB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xOTgyNDQ4NDIyNDk4MjI5gAoDyAsBsgwUcHViLTMxMzI4OTM3MjU2MDM5MzXCDAIIAdgTAw&sigh=i9sE7gXLgW8&tpd=AGWhJmvms5zTkpDqHHaC4CUeBhfAHyzB85jw1Q4x3Q0Tt-EdzQ
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 63ms
63ms Image
text/html 185.180.223.67
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=aDM2ZTF6Uk5HUW5YZDRQR25taEpaMldlQ1JMblVYSk1oMGYzQlM2MkluMjQ0TkJCQUpyaS81TU9UVFhUM2RJZk5jdjlyS1QzYnJ2L1JHTW1VcnJDR3hCcmV3eHI5ZUlERUV3Nm9WdjNuMmNCdnlNU0xsanpNakhpRVRoQzI5T2JTWGdMdmNsOEwweXVSQ2dYbUNJR0xVTUpqTm5NdWc1bWNnWjFXMVlPRUc3VHVwT3E0TnpVaVNJZngvZmtZUXFYMWdmd1hDdThPN2VZNm1DYmZoQ25wNStrUnkrYlg0S29wTTJZLzM3SFdPZ3Jadkw1d0pzb2t3ajYzRDRNU3pnUQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.67 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-67.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 03 Nov 2020 03:51:45 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ev_view.aspx
inv-nets-eu.admixer.net/ 43 B
300 B 47ms
46ms Image
image/gif 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets-eu.admixer.net/ev_view.aspx?item=66a850f8-eabc-4071-9a6a-e77e83e69e3c&cc=PL%2F14%2F756135&am-uid=5a148489a1fe405b9b03c571a4f033e6&cet=9&profile=986afcc4-0306-4c04-873b-86e6a1e24eab&zone=2724cbf4-a4a5-49cb-84fb-c8dd977b5901&device=24&rule=96c82bec-b531-4b18-9dca-c68c264fac72&requestId=33124ba7-6f03-4cd6-b0d0-3f7fbc75334a&page=mail.i.ua%2F&sw=[e=screen.width]&sh=[e=screen.height]&size=728x90&adv=Mediawayss&dsp=UMH+Digital&ts=637399723039468430&ap=MC4zODU4Mjc%3D&asign=174039384&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Apple&mod=Apple+Chrome+-+OS+X&os=OS+X&osv=10_14_5&adtype=0&crid=66a850f8-eabc-4071-9a6a-e77e83e69e3c&pvid=03df5d7a-be5c-476e-baf3-b315bf9eaa3f&extpubid=10c147c0-92a2-4910-a618-1fbaf92467d1&inst=ADS-EU-4&pxl=0&sf=0

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 03 Nov 2020 03:51:45 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 49ms
45ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=10c147c0-92a2-4910-a618-1fbaf92467d1

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 03 Nov 2020 03:51:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3-Q050 200 amp4ads-v0.js Show response
cdn.ampproject.org/rtv/012010270040000/ Frame D62C 204 KB
56 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f566d8761b3cdb46344a002ab97bd65b99262bcade6eaac28d42795871b9f97d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35005
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56865
x-xss-protection: 0
server: sffe
date: Mon, 02 Nov 2020 18:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d9b9e5f0fe1d7d70"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Nov 2021 18:08:20 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D62C 14 KB
5 KB 38ms
23ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-ad-exit-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b1ac3e3dac03cc7b55db95d3e2f6db06359e9f83c31edfe7e8948fe1b005ece

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35005
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5339
x-xss-protection: 0
server: sffe
date: Mon, 02 Nov 2020 18:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f32966a1dd31423f"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Nov 2021 18:08:20 GMT

GET
H3-Q050 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D62C 96 KB
29 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-analytics-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b53e860d5c71786683ef080150431ccdef7f285ecc24fea1abf56f8bb41109a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35005
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29532
x-xss-protection: 0
server: sffe
date: Mon, 02 Nov 2020 18:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7e22568992b3e519"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Nov 2021 18:08:20 GMT

GET
H3-Q050 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D62C 4 KB
2 KB 38ms
23ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-fit-text-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a084f9fa314be804daeb5314c0dcf00022a8d8a1319a990b9546860e2ca8753

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35005
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1794
x-xss-protection: 0
server: sffe
date: Mon, 02 Nov 2020 18:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "97d72cd21f25600f"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Nov 2021 18:08:20 GMT

GET
H3-Q050 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012010270040000/v0/ Frame D62C 45 KB
14 KB 38ms
24ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012010270040000/v0/amp-form-0.1.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8637b0501ace1a66eb37373c3440baf7ac214692ac755d90d901d1c1587f3f6c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 35005
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14173
x-xss-protection: 0
server: sffe
date: Mon, 02 Nov 2020 18:08:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e02eb5bdf732790a"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Nov 2021 18:08:20 GMT

GET
H3-Q050 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D62C 3 KB
3 KB 35ms
21ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Nov 2020 12:59:55 GMT
x-content-type-options: nosniff
server: cafe
age: 53510
etag: 6726277462267614359
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Tue, 03 Nov 2020 12:59:55 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame D62C 344 B
438 B 35ms
22ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020102901.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 02 Nov 2020 11:33:29 GMT
x-content-type-options: nosniff
server: cafe
age: 58696
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: public, max-age=86400
content-type: image/png
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Tue, 03 Nov 2020 11:33:29 GMT

GET
DATA 200
OK truncated
/ Frame D62C 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9637fd046315e12ae5a572597267af04f583f7ba33a0c4ddbffb8456c3a44360

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 13873337879909349674
tpc.googlesyndication.com/simgad/ Frame D62C 41 KB
41 KB 33ms
22ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13873337879909349674?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm_zGy5LaVtn8q9g7dEa41Acpgs_A

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6d3e6e838ae7bddb2ee416933dc81827deffea143355d4509a9d0edffdad356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 29 Oct 2020 23:40:26 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Mar 2020 11:07:16 GMT
server: sffe
age: 360679
status: 200
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42155
x-xss-protection: 0
expires: Fri, 29 Oct 2021 23:40:26 GMT

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D62C 0
0 60ms
59ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2gh30dOgX9_JAYTX3gOJgJnQCs6r_dlcsf2KrZQLFBABIJvciSJg6eTJhdgaoAHGwf6TA8gBAuACAKgDAcgDCKoE0gFP0A4oM2zZoOqvVJ0v65RaTiDRwicgOttuVF-agJoQdyAxv7K4yaeHNl1PbTcUMOtLDbRfxpLqoxBaa6wKwkaRUtmNgI7jnIeFlmlSYw7RMjANf2JLcMnUInS2x9XKnyoHw94kkEljXwTYj8NK0QnoqMLkmTkT9pcBPiIBFfpKMagh49O8XqbT5pTOOA4Mxqj3HgL0X6NUoJ8o99tqt1pMwN5Q8aS9mu7HsVMNISS9uEGunviaouo6G0Jljb-p1GtJZWrrpxoEgsr0yQr5gTichRTABJzlp8z8AuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeivoFsqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEMKJAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNDM1NDMxNzQxMDgzMjgyNoAKA8gLAbIMFHB1Yi04MjQxMDQ5NDk3NjA4OTk3wgwCCAHYEw2YFgE&sigh=iVOGsczaYRc&tpd=AGWhJms1zg1NyxLPCXcaJ6LQ05EnpcboU7pYke3AIvlmDLEe5Q
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 tracking
ad.mox.tv/delivery/ 50 B
50 B 78ms
78ms Image
text/html 185.180.223.67
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=czVUM09BemlOYlc5cUhpWXo1akxKRlFtQ2VRSUVlK1J1UG1yaVlRVjVyNi9Jd2ZHaXhuSHRML0d3MFFvTitNZWdUL2x0cFhrTDV4M3ExUi9La1BrZU1xU01LelJtWmdqeFFtNFljVzQvRXFUd0ZTVWdkMUV0VWQwY3duZU9NZVNZN2dLZHByOWEwVXdKRFRIM0ZPODN6endKS3VRelBSS1dTM0llSWVGbnMzcjBNVFdMYlh3M2N2MnYwZHJFQjBRODM3VmVTOFU4MS9oZ1Z5bGdQOHN5NUsreEF2YXpFMzlxdzM4b3BXMUdBST0%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.223.67 , Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 185-180-223-67.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 03 Nov 2020 03:51:45 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
access-control-allow-origin: *
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 69ms
68ms Image
text/plain 146.0.227.110
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=2724cbf4-a4a5-49cb-84fb-c8dd977b5901

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Germany, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 03 Nov 2020 03:51:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D225
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 03 Nov 2020 03:51:45 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame D62C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
14ms

Image
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: mail.i.ua
URL: https://mail.i.ua/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Redirect headers

date: Tue, 03 Nov 2020 03:51:45 GMT
x-content-type-options: nosniff
server: safe
status: 302
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D62C 42 B
101 B 21ms
21ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvemA5HSGqn69SSF05jq6MgfjEXbjNsLINAHTbyRd71SR2-HfR-WBLz8enOgaOlEpOF2DwxjE-m4OoqxMjgZ2pnS7hLXhrVV8tMOyAEbSiIuFqE8g67Y3agBEFzEQ&sai=AMfl-YTaDB8CiYAMANp3YyJE9CNgpNZoZfqca9LZhJgoxr_Jei2xGugrpxX1NYi3sJjBpJQa5q7O3IhbzJMnMa88yXzfXGqmXkEPj2F46JuyUsC5IiE4FZmMq9VhjtcT&sig=Cg0ArKJSzKt9G7XlG9kuEAE&cid=CAASF-RoB0Sc4DJiimAp8nY5VwdaF6K3KvHJ&id=ampim&o=0,950&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=105&tls=1106&g=100&h=100&tt=1106&r=v&avms=ampa&adk=878540109

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

06.gif
i.bigmir.net/cnt/
Redirect Chain

https://c.bigmir.net/?s134156&t6&n0.2119746587482938&c1&d24&r1600&f
https://i.bigmir.net/cnt/06.gif

43 B
185 B

191ms
60ms

Image
image/gif

193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/06.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:46 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
content-type: image/gif
status: 200
cache-control: max-age=315360000
content-length: 43
expires: Thu, 31 Dec 2037 23:55:55 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 03 Nov 2020 03:51:46 GMT
Server: nginx
Transfer-Encoding: chunked
Location: //i.bigmir.net/cnt/06.gif
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 16ms
15ms Script
text/javascript 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: mail.i.ua
URL: https://mail.i.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 3398
date: Tue, 03 Nov 2020 02:55:08 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Tue, 03 Nov 2020 04:55:08 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
30ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201029&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d2e1a19034f8a95de639b4b9dad889817c402b9dfb478f3454cafe2f07dac0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 03 Nov 2020 03:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0

GET
H2 200 syncframe
gum.criteo.com/ Frame BCF2 0
0 52ms
15ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=mail.i.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=mail.i.ua
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mail.i.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mail.i.ua/

Response headers

status: 200
cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
server-processing-duration-in-ticks: 598
date: Tue, 03 Nov 2020 03:51:46 GMT
content-length: 0

GET
H3-Q050 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
433 B 75ms
37ms Image
image/gif 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1144844885&utmhn=mail.i.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%9F%D0%BE%D1%87%D1%82%D0%B0%20-%20%D1%8D%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0%D1%8F%20%D0%BF%D0%BE%D1%87%D1%82%D0%B0%20%D1%81%20%D0%B4%D0%BE%D0%BC%D0%B5%D0%BD%D0%B0%D0%BC%D0%B8%20%40i.ua%2C%20%40ua.fm%20%D0%B8%20%40email.ua%2C%20%D1%81%D0%BE%D0%B7%D0%B4%D0%B0%D0%B9%D1%82%D0%B5%20%D1%81%D0%B5%D0%B1%D0%B5%20e-mail%20%D0%B0%D0%B4%D1%80%D0%B5%D1%81%20%D0%BD%D0%B0%20%D0%BD%D0%B0%D1%88%D0%B5%D0%BC%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB%D0%B5%20%C2%A0&utmhid=1756615149&utmr=-&utmp=%2F&utmht=1604375506631&utmac=UA-34374057-1&utmcc=__utma%3D11729771.1251041630.1604375507.1604375507.1604375507.1%3B%2B__utmz%3D11729771.1604375507.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=646750814&utmredir=3&utmu=qBEAAAAAAAAAAAAAAAAAAAAE~

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 03 Nov 2020 03:51:46 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201029/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 03 Nov 2020 03:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1603823857801521"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6015
x-xss-protection: 0
expires: Tue, 03 Nov 2020 03:51:46 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/219/ Frame 4B30 0
0 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/219/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/219/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://mail.i.ua/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://mail.i.ua/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4867
date: Tue, 03 Nov 2020 00:09:04 GMT
expires: Wed, 03 Nov 2021 00:09:04 GMT
last-modified: Mon, 05 Oct 2020 22:33:01 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 13362
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
128 B 15ms
15ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=219&t=2&li=gda_r20201029&jk=1420496748323193&bg=!3N-l3__NAAVJFlVVSVj3vqRdiKhopwIAAAC3UgAAABhoAQcKAgo6W-jtWtq-xo7NjLOVO9CdJQGMHf225BbUFAT1A_XoshOtOEdudfg9WcK8F9odIcpauDnw3RaNsq370XS-bheSFz2DYK3jcHHRJOl_3wyQuCXrtTkdorasHMxuPp_nQXh6UoiPYj6sk45_soQxv7h3ia3te_lruSZvFNgJVQRfknr3jQHSVHjqRTF-uClqdD9ZQhe-wtpS74DWorR0t3m9JIIn0pXYVw4gT1znyHjDlkNuGT_ZYWTQ5TZIfwhPIE7wmCe8skA15izu7iovmzS81KL0vmv8bUm7y-wxN_201baDMmzpfkgGpXD-mHXPw10ClLGBTE_tic5leEfBcyLJwjl01viPP4NRkEqndlZUYMASHAkwlMsUYR8WFNdn7HHetsTnMXMzEkiEDJlsqz7OpjMAxYUrb49pQGNj1gd1ebf8g0LyjgkJDT8YYvvb5uIBFteOdP5DeOSXiuWG1qZ17nQlENDwhYFw90rLqV-Qd2gYYVk5am81N6CIuKd690lwpQy3walH4mWLHKxD-Jy1fIb7OYvtAJjvWvsgYnrJL8Ah6qOzFa0iLWRBVnQiWe8W33E1jWd60lNxd-f0o3mtQUezBmvsXEnPdbPeLKoObXKFOPdl4VWeGdW3LmlYuANrf0tkczaELqgTXHl2AISxZEwL3Ze8ClTTo1XJ_flB-UslRacVQy2yVV6ZAaJ-oRzZVo9UD-H3ICttk-z5cn6ktIWZTK1dK9yHLIupFZy7KmY1CsusVTkdAlSilEFGs1FLpm5sa9Mdg4pCZmsARiF4f2AsJNuFHTvT6GSsQDlvXxQPjRPW4AYowA6y1cDn5kWb-ttrZgw98ffLMDNrR1tfevqniVMQrCQaUGaf8gcCEFPBFlRAm4lpNqRJuzwtkeksleRrMOfeN9K2j6j7KgqpXy69mHt7KDiIwy8xyqkilvldOW8Epr26CGW8YqnxcmWqcC55sgsPBGeuecBOJM7vb-cLn3UTJS857LOiGzNcpB2rFE_zkplWe4aZrw-aXieSPAbT_SQnHonz2WVtYhaYsCONC754A7euYi2rkysuNeTizYYTGGA0a8lMMSJFAYR3FQ4kzz1WF9a3O-QATFv7LUJpbb33XvyfOaFXUv1hTUfLvsoVPQBMAjtS5B5PW50TTd4D3vvaDiQo8Jr7jAn9A7u_qI5OYrd64XJMoGTokiSzHJiqWK-gWo4Y0SqL-yyVjU_u00ghiit_1lOrM7pc9eNw_LgKevomKy3OpU5u

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 74ms
73ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

status: 200
date: Tue, 03 Nov 2020 03:51:49 GMT
server: nginx/1.13.0
access-control-allow-origin: *
content-length: 36
content-type: application/json

GET
H2 200 PageStatEntry Show response
sslpagestat.mmi.bemobile.ua/pagestat/ 36 B
130 B 72ms
72ms XHR
application/json 194.247.175.26
BEMOBILE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=FAD978382706443589EEED017734F313&time=1604375509268&location=https%3A%2F%2Fmail.i.ua%2F&referrer=&is_flash=0&session_id=691839938&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=holder&param1=~cm_timer~&param2=5&param3=1200&param4=3837&param5=7&vt=d
Requested by: Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software: nginx/1.13.0 /
Resource Hash: 147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept: application/json
Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Tue, 03 Nov 2020 03:51:49 GMT
server: nginx/1.13.0
access-control-allow-origin: *
content-length: 36
content-type: application/json

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D225 0
0 56ms
56ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C6uq_0dOgX5J9jdfeA-O5r5AMpIzcvl_O4sG5uwzKoLCn9QoQASCZvb92YOnkyYXYGqABwYy7jAPIAQKpArf3Ucqo-JA-4AIAqAMBqgTUAU_QwEGeqOBXoDziAEqw5XupoeoC3akSyW6zuqtiwRlt9TNYKeNBj9GUx-rQSLsZ7ejdNmIvZhA0VSpPd8UqlBE60vDNrWXD4SzK2zXFI7c4-QyFHCy1dDqd2Sz5e3tEsNOAJfCA0RoNEZkNZIh_pzEz750IH3Y67D0i6bzHa445M_f42LBjO0nDAWonSdzgzEMF3aCHTC9SCK8vwJOKv0w0OqhdmQgSg0ntqK3zKPgxpmCIe3eEd2QHE3C0vU_pv6xyMOgeTLQ43C82V8uJbLkH_9dZwASprrjlkgPgBAGgBgKAB6fzxHOoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQnMkB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xOTgyNDQ4NDIyNDk4MjI5gAoDyAsBsgwUcHViLTMxMzI4OTM3MjU2MDM5MzXCDAIIAdgTAw&sigh=u55E5KVNC9A&vt=1
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: ams15s22-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 activeview
pagead2.googlesyndication.com/pcs/ Frame D225 42 B
111 B 21ms
21ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvs3tXFpJc-MnGVaUnGceqnkIz_WGGEN2CcHvFm-QLczuClZ5RQkzn8dnSU0vDFUT-lXnReCwVH6EsSzXqDgr2rr3FJaVIkjXguwUzLYDfZt4jUNKpnQ1Ez44NYlA&sai=AMfl-YSnX5R8RlZLzTFIUWd1rvoLsbfhxSkQi3lT2mev307zUZj3vjrJtgluC5vQ3qs54Cpud1XcQ_ybcZ2u-zWys2tIqGyOKGoBuLu4chblmlfXPfVXo7dGIGg2cOb3&sig=Cg0ArKJSzJ6VK7zdW0qiEAE&cid=CAASF-RoFPTONX2V1Yu3o1jSI1gDNbdN-o6q&id=ampim&o=0,950&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=5054&tls=6154&g=68.2604193687439&h=100&tt=6154&r=v&avms=ampa&adk=2301465409

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://mail.i.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Nov 2020 03:51:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

250 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hit.gemius.pl/	1970-01-21 11:31:12	Name: Gdyn Value: KlGSbMMGQMGGvEmmpWsZxq8WssGMXP8c25nSGJHeIrg5M5eSX9tXZeLaojQGmsRGxRQWQMhrGGnRysJ8EFQpmsMQGs..
.doubleclick.net/	1970-01-19 23:01:11	Name: IDE Value: AHWqTUkaUnEegzbgkzOYquIwhGb5Yw_CVduFvbc8U6t3Cq2Bl0glLS7J9eTD-WVr
.i.ua/	1970-01-19 23:01:11	Name: __gads Value: ID=964221d5ac994fff:T=1604375503:S=ALNI_Mbhl3cXeJugKdlfoZZ8Foo1GSneKg
.i.ua/	1970-01-20 13:39:35	Name: __gfp_64b Value: jgjVbzw9ULyDoIuh0JvehxxOpJWfchaXLy7eaQm1GGj.l7
.hit.gemius.pl/	1970-01-21 11:31:12	Name: Gtest Value: KlxSZMGGQMGGvEmmpWsZxq8WssGMXP8c25nSGJHeIrg5M5eSX9tXZesiMG..
.doubleclick.net/	1970-01-19 13:39:39	Name: DSID Value: NO_DATA
mail.i.ua/	1969-12-31 23:59:59	Name: b Value: b
.i.ua/	1970-01-19 13:53:59	Name: US Value: 0
mail.i.ua/	1969-12-31 23:59:59	Name: MarketGidStorage Value: %7B%220%22%3A%7B%7D%2C%22C971124%22%3A%7B%22page%22%3A1%2C%22time%22%3A1604375504580%7D%7D
.i.ua/	1970-01-19 13:53:59	Name: UH Value: c2636963c5382585

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://cdn.admixer.net/scripts3/c87bc9c95353d4c2ef60.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/c87bc9c95353d4c2ef60.b.js(Line 1) Message: Mraid Ready false
console-api	log	URL: https://i3.i.ua/js/i/autoload.y718797e6.js(Line 80) Message: == DOMLoaded ==
console-api	log	URL: https://i3.i.ua/js/i/autoload.y718797e6.js(Line 80) Message: Autoload._init: initialize
console-api	log	URL: https://cdn.admixer.net/scripts3/c87bc9c95353d4c2ef60.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/c87bc9c95353d4c2ef60.b.js(Line 1) Message: Chrome
console-api	log	URL: https://cdn.admixer.net/scripts3/c87bc9c95353d4c2ef60.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?item=4b4c6d43-3812-4db3-af0c-895d7ff523c8&cc=PL%2F14%2F756135&am-uid=5a148489a1fe405b9b03c571a4f033e6&cet=4&profile=ea4ca8e5-6ece-461c-8a10-d3c839ff9999&zone=10c147c0-92a2-4910-a618-1fbaf92467d1&device=24&rule=367981d1-53b6-4dd6-8a3e-50db6709e57c&requestId=fd747696-5933-4f56-b942-f4066c81e353&page=mail.i.ua%2F&sw=[e=screen.width]&sh=[e=screen.height]&adv=Mediawayss&dsp=UMH+Digital&ts=637399723039468430&ap=NDM%3D&asign=-284836171&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Apple&mod=Apple+Chrome+-+OS+X&os=OS+X&osv=10_14_5&adtype=2&crid=4b4c6d43-3812-4db3-af0c-895d7ff523c8&pvid=03df5d7a-be5c-476e-baf3-b315bf9eaa3f&extpubid=10c147c0-92a2-4910-a618-1fbaf92467d1&inst=ADS-EU-4&pxl=0&sf=0
console-api	log	(Line 12) Message: [object HTMLDivElement]
console-api	log	URL: https://cdn.admixer.net/scripts3/c87bc9c95353d4c2ef60.b.js(Line 1) Message: Event view https://inv-nets-eu.admixer.net/ev_view.aspx?item=66a850f8-eabc-4071-9a6a-e77e83e69e3c&cc=PL%2F14%2F756135&am-uid=5a148489a1fe405b9b03c571a4f033e6&cet=4&profile=986afcc4-0306-4c04-873b-86e6a1e24eab&zone=2724cbf4-a4a5-49cb-84fb-c8dd977b5901&device=24&rule=96c82bec-b531-4b18-9dca-c68c264fac72&requestId=33124ba7-6f03-4cd6-b0d0-3f7fbc75334a&page=mail.i.ua%2F&sw=[e=screen.width]&sh=[e=screen.height]&size=728x90&adv=Mediawayss&dsp=UMH+Digital&ts=637399723039468430&ap=MC4zODU4Mjc%3D&asign=174039384&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Apple&mod=Apple+Chrome+-+OS+X&os=OS+X&osv=10_14_5&adtype=0&crid=66a850f8-eabc-4071-9a6a-e77e83e69e3c&pvid=03df5d7a-be5c-476e-baf3-b315bf9eaa3f&extpubid=10c147c0-92a2-4910-a618-1fbaf92467d1&inst=ADS-EU-4&pxl=0&sf=0
console-api	debug	URL: https://jsc.mgid.com/i/u/i.ua.971124.js(Line 1) Message: [object HTMLImageElement]
console-api	log	URL: https://cdn.admixer.net/scripts3/c87bc9c95353d4c2ef60.b.js(Line 1) Message: Event confirmview https://inv-nets-eu.admixer.net/ev_view.aspx?item=66a850f8-eabc-4071-9a6a-e77e83e69e3c&cc=PL%2F14%2F756135&am-uid=5a148489a1fe405b9b03c571a4f033e6&cet=9&profile=986afcc4-0306-4c04-873b-86e6a1e24eab&zone=2724cbf4-a4a5-49cb-84fb-c8dd977b5901&device=24&rule=96c82bec-b531-4b18-9dca-c68c264fac72&requestId=33124ba7-6f03-4cd6-b0d0-3f7fbc75334a&page=mail.i.ua%2F&sw=[e=screen.width]&sh=[e=screen.height]&size=728x90&adv=Mediawayss&dsp=UMH+Digital&ts=637399723039468430&ap=MC4zODU4Mjc%3D&asign=174039384&sync=45&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Apple&mod=Apple+Chrome+-+OS+X&os=OS+X&osv=10_14_5&adtype=0&crid=66a850f8-eabc-4071-9a6a-e77e83e69e3c&pvid=03df5d7a-be5c-476e-baf3-b315bf9eaa3f&extpubid=10c147c0-92a2-4910-a618-1fbaf92467d1&inst=ADS-EU-4&pxl=0&sf=0
console-api	log	URL: https://cdn.admixer.net/scripts3/c87bc9c95353d4c2ef60.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=10c147c0-92a2-4910-a618-1fbaf92467d1
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://mail.i.ua/
console-api	log	URL: https://cdn.admixer.net/scripts3/c87bc9c95353d4c2ef60.b.js(Line 1) Message: Event confirmview https://inv-nets.admixer.net/logcz.aspx?zone=2724cbf4-a4a5-49cb-84fb-c8dd977b5901
console-api	info	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.js(Line 416) Message: Powered by AMP ⚡ HTML – Version 2010270040000 https://mail.i.ua/
console-api	log	URL: https://i3.i.ua/js/i/autoload.y718797e6.js(Line 80) Message: == TIMEOUT ==
console-api	log	URL: https://i3.i.ua/js/i/autoload.y718797e6.js(Line 80) Message: == ONLOAD ==
console-api	warning	URL: https://cdn.ampproject.org/rtv/012010270040000/amp4ads-v0.js(Line 22) Message: [amp-analytics/transport] Response unparseable or failed to send image request https://securepubads.g.doubleclick.net/pagead/adview?ai=C6uq_0dOgX5J9jdfeA-O5r5AMpIzcvl_O4sG5uwzKoLCn9QoQASCZvb92YOnkyYXYGqABwYy7jAPIAQKpArf3Ucqo-JA-4AIAqAMBqgTUAU_QwEGeqOBXoDziAEqw5XupoeoC3akSyW6zuqtiwRlt9TNYKeNBj9GUx-rQSLsZ7ejdNmIvZhA0VSpPd8UqlBE60vDNrWXD4SzK2zXFI7c4-QyFHCy1dDqd2Sz5e3tEsNOAJfCA0RoNEZkNZIh_pzEz750IH3Y67D0i6bzHa445M_f42LBjO0nDAWonSdzgzEMF3aCHTC9SCK8vwJOKv0w0OqhdmQgSg0ntqK3zKPgxpmCIe3eEd2QHE3C0vU_pv6xyMOgeTLQ43C82V8uJbLkH_9dZwASprrjlkgPgBAGgBgKAB6fzxHOoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQnMkB0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0xOTgyNDQ4NDIyNDk4MjI5gAoDyAsBsgwUcHViLTMxMzI4OTM3MjU2MDM5MzXCDAIIAdgTAw&sigh=u55E5KVNC9A&vt=1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.mox.tv
ads.adsinspidsp.com
ads.betweendigital.com
ads.us.e-planning.net
adservice.google.com
adservice.google.de
ams.creativecdn.com
an.yandex.ru
bgstats.mox.tv
bidder.criteo.com
c.bigmir.net
cdn.admixer.net
cdn.ampproject.org
cdn.mgid.com
cm.g.doubleclick.net
cm.idealmedia.io
cm.lentainform.com
cm.mgid.com
cm.smadex.com
creativecdn.com
eus.rubiconproject.com
exchange.buzzoola.com
f48c5b957f90253d941c6be181c0224a.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gum.criteo.com
h.holder.com.ua
i.bigmir.net
i.holder.com.ua
i.i.ua
i.ua
i3.i.ua
inv-nets-eu.admixer.net
inv-nets.admixer.net
ismatlab.com
jsc.mgid.com
kpmediagaua.hit.gemius.pl
ls.hit.gemius.pl
mail.i.ua
match.adsrvr.org
match.new-programmatic.com
odr.mookie1.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
passport.i.ua
pixel.quantserve.com
prebid-eu.creativecdn.com
px.adhigh.net
r.i.ua
rtb.4finance.com
s-img.mgid.com
s.console.adtarget.com.tr
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
servicer.mgid.com
source.mmi.bemobile.ua
sslpagestat.mmi.bemobile.ua
static.criteo.net
stats.g.doubleclick.net
sync.1dmp.io
sync.1rx.io
sync.crwdcntrl.net
sync.dmp.otm-r.com
tpc.googlesyndication.com
unpkg.com
ws.rqtrk.eu
ww251.smartadserver.com
www.google.com
www.googletagservices.com
x.bidswitch.net
x01.aidata.io
104.111.230.142
104.16.199.73
104.19.132.78
13.226.132.94
146.0.227.110
148.251.156.238
149.202.208.196
149.202.221.211
167.71.9.19
178.250.2.131
184.30.212.16
185.180.223.67
185.184.8.30
185.86.137.43
188.42.191.196
193.232.148.149
193.239.68.97
193.239.71.100
194.247.175.19
194.247.175.26
194.247.175.38
195.201.152.104
213.19.147.150
216.58.205.226
216.58.212.162
217.65.2.150
23.105.245.4
2606:4700:3031::6818:61f6
2606:4700::6810:7daf
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:800::2001
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:814::2001
2a00:1450:4001:817::2004
2a00:1450:4001:818::2001
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2004
2a00:1450:400c:c07::9a
2a00:1450:400c:c07::9b
2a02:2638:1::3
2a02:2638::1c
2a02:6b8::90
2a03:90c0:9994::9994
2a06:8640:448:0:ec4:7aff:fe7e:db36
34.98.67.61
35.156.19.236
35.206.141.96
5.178.65.246
51.75.146.159
54.171.173.220
88.99.213.228
89.108.120.68
91.198.36.14
91.198.36.16
91.198.36.26
91.198.36.35
91.198.36.78
99.80.249.40
99.80.32.159
008542382c97313ab94734bf4831d01efc4827bf4c101a1ed7b93a26c69a2925
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
04ea75754b567bbe9552b5b5c6ccb53119d9d72249e0e377dbb59270f0561b0d
0aafcf7215f16bffb8bd442910b5d318a004d91f2d7018163bed08e3446cab6d
0bb2ecec828231314c53eeddb929ac4a79bde0975a7405d6f0fdfce309b1e76c
0ce44a6f4d9bac520efda3a5652c976458723c624decbe8cbd41f44e5784a914
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0de7a49f6d21fbef846aba4bd271502d7ec9489bfbb3fd96f5ff7cf19140875e
0f801699c153bb3a5b5b1b91c5710dbf9e6ab2e197f52ae5d1669f03d2380a9e
11322d98807a606db0ee33e701418e86e952c81fbfcbf4a025e5244c4e734c36
1276704f590aac43d76f558ee1a190e33f616e1939757db3b72b87f3c15a3d54
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
16b32184cbd9833b9808463219857d6ef0f6abb8832c3e9d305a7a972ee1e52b
1d4af9cf7fd74a43e7640f0d828823068c6d6dfe7688ca8a122cc1cf6fd6ca03
281122b76e469ae9897d6cb6b6639df72368d7af3887f8b9ab5140c5b6ea3f26
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2bcb06d6faa4ca062642d7b2e98970ef0343614d2ec8364f52d2a78d42b3732b
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f61e74f8dfd64debe6c2f8272986e4bc0c1d83f115d2a44c3f601d0e2f39ca8
31a2141f6b680b8ec183d8de67eaae2ac43bee3ccee46235e0c988761615210c
383b92b176b7b931854795b97795e38ce8698c2fd98d34e8fbb2d04439bff780
3d2e1a19034f8a95de639b4b9dad889817c402b9dfb478f3454cafe2f07dac0a
3d888993db1a22a73b8d834d45dcbf14c0ecca608fde8da2d23d9690910e7c60
43c96b1aa570116cc3edb321cf072d293a382f28ffe1c064ab9983e058b60583
43ce5e5fc944426f117531e92e0f3b86daa5fd4d4a9230a8019fdb5c1e2d1dd1
44c7a313987266137f475859395cfa30414abf12182bf74b06b33d804b0c29f9
4abb2d1b2f2e15f3d50b4f790a143f881df97f56bfa220103edaf4c6b8dc7fce
4c9f94cbc52555c85e6567b8f2878996d03bd5cb272f92cde9429b3b20a13df3
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
552daf5addd8238a948f53993357830b2f7e18ffca4457f8fecd9e12b8fd8171
574f71dce5992a11aec94396f9f88c3e77f63d00ec31c1c4ca7daec16e745268
586f76dc6bb5b23638b5952b115013e6cde86c5d0b18d071fc7a5b2a21787ff7
5b1ac3e3dac03cc7b55db95d3e2f6db06359e9f83c31edfe7e8948fe1b005ece
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5f12f966462e605148f567d9d75e2f4e523b5637bbdd5d6ee7da4233f5526f0e
5f3b80b9c9d0a734101de679b20cca1d75012e826c35b1e06e6950d10dd3696c
5fe82819f06be3d61a0e289e4341d05b705fb1a2826f980a4fa686ce80bd5ee3
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6202768ba7dab7a3f085b9db064bcd664c630caeaf8428d95daf8d48a7f9297e
66bfa6dd42535b06a283b3844a0bddcfd7f1aca1368baae035a7cda89a6b97fd
6a084f9fa314be804daeb5314c0dcf00022a8d8a1319a990b9546860e2ca8753
6dced161bfabefbe357aa2f4d472c955b4d7bc3782889ee0efdfafe57362b023
6ff27d656411d10ed46df878159d86e37bda5f9d7b9698c5ec1349799e4adf89
71bc00cfba8940ed910c6632b0b6f75ae1461db25525aff7971c1e2556415fab
77651d06d987b95f32821dd3800c754db04b4ab74f6e7cebec2e7f59cda47b1f
7ebcdfca177dc75e9d1c1cf6e8ffc10d5b904637686911d154d8e0688e6a8c7f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8629be6cc3e10ce33c4fabb9c9dfb1343affc91b21d13f26fe2c48663f631f8d
8637b0501ace1a66eb37373c3440baf7ac214692ac755d90d901d1c1587f3f6c
8843c84f2798c5749f882b13abf226a6c508809e4c079c2aed418232c9c3c7e3
8aed62a6a72e10a034ddb8b09be775c7e1bf830b7ea188e576a1e327d0f03767
8cd39d5199f3887c60ebb78e0e4c455f32ca7d13de204e5381c125b72c097274
8dda0c872a62f386b4746491ee4f441dbc208f0bb0bb339e04b60872d6055025
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
90f45bc851eb8c65591227caf2e17a7c2ab38c70e9434481ee617c7022d2a6ce
92d292af41bdad8a7e5cdea19da14fd3f496bc02965aacd93a013c3b6464edee
937511b9ff4b72a44415cbf3bbcf0fa2723781a9174d031f9cdc2d44b117c1d5
9637fd046315e12ae5a572597267af04f583f7ba33a0c4ddbffb8456c3a44360
977a9367d1fe9af25cb310a4947174f0aae9de9c45683943669f416ef077b7e5
97ce8ab21f20c49ac4f5f581cbf8dde59b5c314ed7c97c6fbb1a1e21e6b63541
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9d1b34b11ccdac9862d314258cbdbbbcbe8354eac135e7e45a74926095d3b2cc
9ebc35ba9f607eefdc973225a8c6831d1472714df5da1b43d5e72611bac8c2ad
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20070fc475f7befb15e531f7212f19fa7502ee9a53fcabf36d42a09ac9260b2
a35ce74f2794876945ceee84fb3ec25273d51919405c018475981d446d8b529f
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aae80a8125affd8e33409d76e77ae2918d62c2028ee68e0d9fd6093d41ca0aad
ace9d28180ae3b890ae427d99a7020a6a3230c6df6b4e8c6e422b575298c2640
ae31dd5732a2f7e44b749c738632e61ec6cccb4bf62c871842f100196d18646a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1d0602272ae1a1a50d071170b1d810f3a09925fe2e530a739663a7f12e3f98d
b53e860d5c71786683ef080150431ccdef7f285ecc24fea1abf56f8bb41109a5
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b97d2e6a66a5dda69f9b8df0f7c35755fe4638967edab7e9aefddaa596f6e905
bdeaf1abf47e61f59c72cffee9d2fd04adf9cb0b6c4638c491bf92bf05ef31ce
c0356898e638418615fd774549be037b3e5393af49f8973bcc0c6f648f76e0e1
c119ab2772620b2fbba9e27b15051e1424daf64c4c51b47d8ff499f9db182da1
cbfd78acde187c4bdcd31b5ae55eb113297f9ef37300af20c57148c9f56adf24
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cdb449e2dc338e6792b9a38552860f6f3ed2a97e3511ca7db655e45b5e6d9a27
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d41478a8574c785058d0145576d696cd83de38a293b6f20d553bc5f69c78501e
d45c81284c2e259e75fee13ce5f55222aab6e2d953bbc241f234ec4fd1ed25cb
d6d3e6e838ae7bddb2ee416933dc81827deffea143355d4509a9d0edffdad356
d7d7eee7eab46d218652eb981e64483ebe6157186cf779e11f0a99fec70ef0e2
e0754399a6b65b8ec41171e4462edad8a3105cb0e624aceb45d64b05d718b8e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4691d8dda613214cb90dc9097823b94e7eb9c48303932a999192740d1fcdfcd
ec1fa4e33e9ee5f146fdb3ac9174ca059a3dbf1d01714a700576028da0381aee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f566d8761b3cdb46344a002ab97bd65b99262bcade6eaac28d42795871b9f97d
f9e403b779620794dfdd500dfd47768c51f65f941024cea0aeb2d4f613b31975
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

mail.i.ua Open in urlscan Pro 91.198.36.14 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

155 Requests

100 %HTTPS

32 %IPv6

47 Domains

73 Subdomains

47 IPs

11 Countries

1397 kBTransfer

3580 kBSize

10 Cookies

57 Outgoing links

Page URL History

Redirected requests

155 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

mail.i.ua Open in urlscan Pro
91.198.36.14 Public Scan

Screenshot
Live screenshot

Full Image

155
Requests

100 %
HTTPS

32 %
IPv6

47
Domains

73
Subdomains

47
IPs

11
Countries

1397 kB
Transfer

3580 kB
Size

10
Cookies

155 HTTP transactions
4 data transactions