urlscan.io logo urlscan.io
SecurityTrails logo

report.if.ua Open in urlscan Pro
212.24.97.24  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://report.if.ua/
Effective URL: https://report.if.ua/
Submission: On June 28 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 11 countries across 28 domains to perform 124 HTTP transactions. The main IP is 212.24.97.24, located in Lithuania and belongs to INTERNETO-VIZIJA, LT. The main domain is report.if.ua.
TLS certificate: Issued by R3 on June 4th 2022. Valid for: 3 months.
This is the only time report.if.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 28 212.24.97.24 212531 (INTERNETO...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:206... 16509 (AMAZON-02)
5 116.202.115.24 24940 (HETZNER-AS)
2 2600:9000:206... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:401... 15169 (GOOGLE)
1 193.239.68.97 39468 (BIGMIR-IN...)
6 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 193.239.71.100 39468 (BIGMIR-IN...)
2 2a00:1450:400... 15169 (GOOGLE)
4 37.157.2.239 198622 (ADFORM)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
8 34.98.64.218 15169 (GOOGLE)
2 147.75.85.234 54825 (PACKET)
4 212.77.99.29 12827 (WIRTUALNA...)
2 185.184.8.90 204995 (RTB-HOUSE...)
6 37.252.172.45 29990 (ASN-APPNEX)
5 2606:4700:10:... 13335 (CLOUDFLAR...)
2 178.250.2.131 44788 (ASN-CRITE...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::3 44788 (ASN-CRITE...)
2 4 2a02:2638::1c 44788 (ASN-CRITE...)
3 178.250.0.157 44788 (ASN-CRITE...)
2 151.101.193.108 54113 (FASTLY)
2 2 185.29.132.245 30419 (MEDIAMATH...)
4 35.244.159.8 15169 (GOOGLE)
2 2 2620:116:800d... 16509 (AMAZON-02)
4 4 37.157.4.25 198622 (ADFORM)
2 3.33.220.150 16509 (AMAZON-02)
2 4 142.250.184.194 15169 (GOOGLE)
2 212.77.98.32 12827 (WIRTUALNA...)
124 37
28    212.24.97.24 (Lithuania)

ASN212531 (INTERNETO-VIZIJA, LT)
PTR: 20371.s.serverhost.name
report.if.ua
7    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:206f:5200:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
5    116.202.115.24 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.24.115.202.116.clients.your-server.de
ep.umobile.pl
2    2600:9000:206f:c000:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:401b:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
6    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.co.uk
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua
i.bigmir.net
2    2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    37.157.2.239 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
8    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
optad360-d.openx.net
eu-u.openx.net
us-u.openx.net
2    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    212.77.99.29 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: ssp.wp.pl
ssp.wp.pl
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
6    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
5    2606:4700:10::6816:37ce (United States)

ASN13335 (CLOUDFLARENET, US)
i.connectad.io
cdn.connectad.io
sync-eu.connectad.io
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
3    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
2    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
eu-u.openx.net
2    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
4    37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
4    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
2    212.77.98.32 (Poland)

ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL)
PTR: wifi32.ras.wp.pl
std.wpcdn.pl
Apex Domain
Subdomains		 Transfer
28 report.if.ua
report.if.ua
1 MB
12 openx.net
optad360-d.openx.net — Cisco Umbrella Rank: 86798
eu-u.openx.net — Cisco Umbrella Rank: 1861
us-u.openx.net — Cisco Umbrella Rank: 387
3 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 120
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
266 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 744
gum.criteo.com — Cisco Umbrella Rank: 391
mug.criteo.com — Cisco Umbrella Rank: 2727
9 KB
8 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
acdn.adnxs.com — Cisco Umbrella Rank: 591
44 KB
8 adform.net
adx.adform.net — Cisco Umbrella Rank: 3956
c1.adform.net — Cisco Umbrella Rank: 583
3 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 54
stats.g.doubleclick.net — Cisco Umbrella Rank: 119
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
7 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
20 KB
5 connectad.io
i.connectad.io — Cisco Umbrella Rank: 6911
cdn.connectad.io — Cisco Umbrella Rank: 4190
sync-eu.connectad.io — Cisco Umbrella Rank: 3137
2 KB
5 umobile.pl
ep.umobile.pl
5 KB
4 wp.pl
ssp.wp.pl — Cisco Umbrella Rank: 27846
1006 B
4 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 124363
i.bigmir.net — Cisco Umbrella Rank: 260578
1 KB
4 gstatic.com
fonts.gstatic.com
114 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 44745
get.optad360.io — Cisco Umbrella Rank: 26439
550 KB
2 wpcdn.pl
std.wpcdn.pl — Cisco Umbrella Rank: 32941
32 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 367
529 B
2 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 443
983 B
2 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 606
56 KB
2 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6442
348 B
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1220
428 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2518
24 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 92
www.google.com — Cisco Umbrella Rank: 8
2 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 429
2 KB
1 google.co.uk
adservice.google.co.uk — Cisco Umbrella Rank: 4608
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 867
645 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 89
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
1 KB
124 28
Domain Requested by
28 report.if.ua 1 redirects report.if.ua
7 pagead2.googlesyndication.com report.if.ua
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 eu-u.openx.net get.optad360.io
eu-u.openx.net
6 ib.adnxs.com get.optad360.io
acdn.adnxs.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
report.if.ua
5 ep.umobile.pl report.if.ua
ep.umobile.pl
4 cm.g.doubleclick.net 2 redirects eu-u.openx.net
4 c1.adform.net 4 redirects
4 us-u.openx.net eu-u.openx.net
4 gum.criteo.com 2 redirects static.criteo.net
4 ssp.wp.pl get.optad360.io
4 adx.adform.net get.optad360.io
4 fonts.gstatic.com fonts.googleapis.com
3 mug.criteo.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
3 i.bigmir.net report.if.ua
2 std.wpcdn.pl ssp.wp.pl
2 match.adsrvr.org eu-u.openx.net
2 pixel.quantserve.com 2 redirects
2 sync.mathtag.com 2 redirects
2 acdn.adnxs.com get.optad360.io
2 cdn.connectad.io get.optad360.io
2 static.criteo.net get.optad360.io
static.criteo.net
2 bidder.criteo.com get.optad360.io
2 i.connectad.io get.optad360.io
2 prebid-eu.creativecdn.com get.optad360.io
2 prebid.a-mo.net get.optad360.io
2 optad360-d.openx.net get.optad360.io
2 script.4dex.io get.optad360.io
script.4dex.io
2 stats.g.doubleclick.net www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 get.optad360.io report.if.ua
get.optad360.io
1 sync-eu.connectad.io cdn.connectad.io
1 www.google.com tpc.googlesyndication.com
1 cdn.jsdelivr.net get.optad360.io
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.co.uk pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 c.bigmir.net report.if.ua
1 www.googletagmanager.com report.if.ua
1 cmp.optad360.io report.if.ua
1 fonts.googleapis.com report.if.ua
124 42
Subject Issuer Validity Valid
report.if.ua
R3		 2022-06-04 -
2022-09-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
ep.umobile.pl
R3		 2022-06-18 -
2022-09-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
c.bigmir.net
R3		 2022-06-08 -
2022-09-06		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
img.com.ua
R3		 2022-06-08 -
2022-09-06		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.a-mo.net
R3		 2022-05-05 -
2022-08-03		 3 months crt.sh
*.wp.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-10 -
2023-03-15		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
connectad.io
Cloudflare Inc ECC CA-3		 2022-04-15 -
2023-04-15		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.wpcdn.pl
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-13 -
2023-05-15		 a year crt.sh

This page contains 18 frames:

Primary Page: https://report.if.ua/
Frame ID: ED3BD4547AECC581691192E23E534ECB
Requests: 82 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/zrt_lookup.html
Frame ID: A071054BB47058A725AAE449F89A65A6
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22n2selbb8e0p3jk7b16en6h4ihb51656416457178%22,%22ac%22:1656416457356}
Frame ID: E1EDCC1052F5AA08C33D04DD2AED7EEC
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22a2k6ji02ojdlt513li0aotcnl1r1656416457179%22,%22ac%22:1656416457455}
Frame ID: A258826861311E812A877ACB4463E249
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1656416457&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656416457319&bpp=42&bdt=277&idt=325&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7023710603112&frm=20&pv=2&ga_vid=2043204372.1656416458&ga_sid=1656416458&ga_hid=1903988097&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068195%2C42531605&oid=2&pvsid=200302209512332&tmod=1866743392&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=364
Frame ID: 829373C7D7925E51F74E47AF6A7F7706
Requests: 1 HTTP requests in this frame

Frame: https://ep.umobile.pl/video_player?data[act]=getextplayer&data[id]=300
Frame ID: 0A9AD9DDF75F130EC37A7098946239E4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6D1AEB1BC89B47121D071D889FEC9CA4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 83B4B18469E10BA2131F8AA383C3B72E
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=report.if.ua
Frame ID: 491D55D09000376EACEB98822EFC0E0D
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Frame ID: F76F79BBFB949C1D72B750C9FDEA3876
Requests: 7 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 9DA95CA182C7FDFB0C84FA6FF836BF72
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E7D737D5B88ED69050ECCF63C647E7A3
Requests: 3 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: 9BC9311C3C2789A807F44C0D1C3FC219
Requests: 2 HTTP requests in this frame

Frame: https://ssp.wp.pl/bidder/usersync?tcf=2
Frame ID: AFD91211D06089B307E7A3AE1A795973
Requests: 2 HTTP requests in this frame

Frame: https://cdn.connectad.io/connectmyusers.php
Frame ID: 10B187F2A03E3A3AE6DF18A7CEE275E6
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7A5769B4E5A3AFD65E993F9B364A8CF0
Requests: 3 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Frame ID: 804E6B7CA52B56633C7AC3D1D792DBFD
Requests: 7 HTTP requests in this frame

Frame: https://sync-eu.connectad.io/syncer/1
Frame ID: DAB1D19EFB1AB23B37A1A681F74B2CA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Репортер - новини Івано-Франківська та Прикарпаття

Page URL History Show full URLs

  1. http://report.if.ua/ HTTP 301
    https://report.if.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

124
Requests

92 %
HTTPS

49 %
IPv6

28
Domains

42
Subdomains

37
IPs

11
Countries

2613 kB
Transfer

4717 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://report.if.ua/ HTTP 301
    https://report.if.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 92
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=report.if.ua&sn=ChromeSyncframe&so=0&topUrl=report.if.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=dZaj4HxOK3FvT3hwd2E2eUp3ZHVCK2dSNkQ1U1gyUkkraWQ0R2tTdU5ZOFZqU0VoS2pYT1BKS0lnc3hKTzkva2JiL2J4MXp4Yy9lNkNxWFZueFRxUUwzWWplZHFRUWRpb1ZjeS8rMTlsTGtiWkMvbVQxM3FSSWw2VFBIdzRiaVAzb0Y3T0wxeUhIT2ZoVHIvRFZPODM0ZXZIckdzNUVjdk5Vc0VKUzdRQVNxU3k5Qyt1NWF0eUlLYm1OZEwzcHUyRUhsSkRIbU9vWCsvOWVjcnowSzNsMUZ3a3FsQmFBMDBDK3RiN0VYclNPZDFmTk92QWFVbGZNTFJUMDRGa2c5QjR2TGNuNHRDODlZOTM1VnlWcWo1dTYrZy8xUT09fA&cppv=2
Request Chain 94
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=IWneMnxpdUFNL2dtaGhKcnB0RnJmTTRScloyVVhzZDVGbWFyRXhOMmhLaitzUHUwQmxrU0NWSmFBb2pRMGF2L1dXU0FFRUhUV2V2Y0pIRElvdFNNTkZJS2xjSmM2aTlQckxjNVdBejl5TWY1Z1k5WUtUNXdLNWpXYnFsRjIxUjVKZ0hUaVdZZjZRdDBtMGFkbkdFSkliMWUrOTNxUmFMeVBFSEF1SEZteHV5Qld2dnMrL1p4WENwaUFQU0tkcTNKYTBGdWYvanNOajhZaFpPWEtSOThUSS9DYWpxelo5SWtoT0p3b1QxZmoxTmwxWmp4eUkzWEtIcUlwRjV6RXVuV1RjQlgyaVpqLzlLd0hsWW5nclRIdU9LTjhBUT09fA&cppv=2
Request Chain 104
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=53dc62ba-e8cd-4b00-ae88-db32433c792c
Request Chain 105
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=F-5og0TkaYYMvWvQFOwngBDtONIMuDjVEbqjgyuA
Request Chain 106
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3540432295684120013
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOOx9cvvMji9hAgwUXFPVCA&google_cver=1
Request Chain 110
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=725d62ba-e8cd-4700-b4fe-ae9173a167d7
Request Chain 111
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=RuH8IRXr_SRdsv9zROOzd0Pmp3ddsawmFLDe11Cz
Request Chain 112
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4357260699991836299
Request Chain 115
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIUf_Ql8c-AglGr0WklkSFM&google_cver=1

124 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
report.if.ua/
Redirect Chain
  • http://report.if.ua/
  • https://report.if.ua/
182 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
2e255dae325d9c269befa6b68161a1b40503e48cf3dd3060f18c14f9c6bd9f0e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 28 Jun 2022 11:40:56 GMT
server
nginx
x-cache-handler
cache-enabler-engine

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Tue, 28 Jun 2022 11:40:56 GMT
Location
https://report.if.ua/
Server
nginx
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27b58cb679ac47e68e39f71af81ab84fbb754aad7e2dc35ce0f7c1a10afda08f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56365
x-xss-protection
0
server
cafe
etag
6023195627716267601
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 28 Jun 2022 11:40:57 GMT
autoptimize_cc76c13dcac57a2b855958efed209d77.css
report.if.ua/wp-content/cache/autoptimize/css/ 		689 KB
88 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://report.if.ua/wp-content/cache/autoptimize/css/autoptimize_cc76c13dcac57a2b855958efed209d77.css
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
cfb8cf793f234253a8404d4b5221cb675709a3c15c8f5ca5416818c18fa17102

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 19:06:11 GMT
server
nginx
etag
W/"62323523-ac5da"
content-type
text/css
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1db3d8a4e35eb332c679bea44de7ac2e1e27cb5cfb8ffc1909a8cc420f00b5b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 11:40:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 28 Jun 2022 11:40:57 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Jun 2022 11:40:57 GMT
jquery.min.js
report.if.ua/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://report.if.ua/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
content-encoding
gzip
last-modified
Sun, 20 Jun 2021 14:33:11 GMT
server
nginx
etag
W/"60cf51a7-15d98"
content-type
application/javascript
4d4a3073-7c40-48e1-bbb9-4487f0b77435.min.js
cmp.optad360.io/items/ 		497 B
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/4d4a3073-7c40-48e1-bbb9-4487f0b77435.min.js
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:5200:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 01:11:59 GMT
via
1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
age
37739
etag
"7acdc116a0830ba0aef5e087010246ba"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
497
x-amz-cf-id
gXhaePZ0lnCF3i6QTVJ9bli-7H-EaOkQqjcxsVhfawp-B-I6iFQ0YQ==
js_banner
ep.umobile.pl/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22load%22}
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.24.115.202.116.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
064604e71bffa5ab18548ebb0f31771f4751bad5c46baa9056d4cc0d2e6c552c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 11:40:57 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
1385
Expires
Thu, 19 Nov 1981 08:52:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1934008481619997
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95175e6b60d8c091d4b1360b8d02e51f4046b4ff78fd7127e0a1b4b5976b4cbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56367
x-xss-protection
0
server
cafe
etag
3955112090626660732
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 28 Jun 2022 11:40:57 GMT
plugin.min.js
get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/ 		371 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/plugin.min.js
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a455924192c13db118d571bd894b18a4ce83c939708219cef08a7550fcef0d21

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:32:16 GMT
content-encoding
gzip
last-modified
Tue, 16 Nov 2021 08:58:05 GMT
server
AmazonS3
age
522
etag
W/"a1f68c1c7c64925394855df7d8e42aaa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
GtVX0yi3oEv9X1CLaYv0pqtb7fcXF7gdbYnHtgPtk-AzhcpxeTRuBg==
js_banner
ep.umobile.pl/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22load%22}
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.24.115.202.116.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
3bb812978314795429571fecdf3e5018323ba7c0723318ffd2b1533ce5535579

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 11:40:57 GMT
Content-Encoding
gzip
Server
nginx/1.18.0
Vary
Accept-Encoding
Access-Control-Allow-Methods
*
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
1384
Expires
Thu, 19 Nov 1981 08:52:00 GMT
autoptimize_6def8e87be108548b5cfee70eeed7f4a.js
report.if.ua/wp-content/cache/autoptimize/js/ 		155 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://report.if.ua/wp-content/cache/autoptimize/js/autoptimize_6def8e87be108548b5cfee70eeed7f4a.js
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
30fc397eff83c164fd33a177ddd2d3de2e1814c402b4ec3647f7313685bc64b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
content-encoding
gzip
last-modified
Thu, 09 Jun 2022 13:20:25 GMT
server
nginx
etag
W/"62a1f399-26d8f"
content-type
application/javascript
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/ 		339 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f8dab8871a6005ab8d97c0c6b1fa0be2cb359ca3ca7864f92e8e89d78ce6883
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122441
x-xss-protection
0
server
cafe
etag
11159068828932734119
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 28 Jun 2022 11:40:57 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/ Frame A071 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220623/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4857462492105343
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
46612
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4414
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Jun 2022 22:44:05 GMT
etag
10429905676100781186
expires
Mon, 11 Jul 2022 22:44:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		123 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W8FPFJ7
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c38ce2e75f4ed26bbbe1c4f6485a05c0ca4a97aee02ebf4365a446183525e2c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44369
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Jun 2022 11:40:57 GMT
js_banner
ep.umobile.pl/ Frame E1ED 		381 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22n2selbb8e0p3jk7b16en6h4ihb51656416457178%22,%22ac%22:1656416457356}
Requested by
Host: ep.umobile.pl
URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210820,%22act%22:%22load%22}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.24.115.202.116.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
c138384c780b3723f40bdf020a828e3b414aaa14d0ab55c00e7f518e838b253f

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods
*
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
289
Content-Type
text/html;charset=UTF-8
Date
Tue, 28 Jun 2022 11:40:57 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0
Vary
Accept-Encoding
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v29/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 14:39:11 GMT
x-content-type-options
nosniff
age
75706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 14:39:11 GMT
fontawesome-webfont.woff2
report.if.ua/wp-content/themes/reporternew/css/fontawesome/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://report.if.ua/wp-content/themes/reporternew/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: report.if.ua
URL: https://report.if.ua/wp-content/cache/autoptimize/css/autoptimize_cc76c13dcac57a2b855958efed209d77.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer
https://report.if.ua/wp-content/cache/autoptimize/css/autoptimize_cc76c13dcac57a2b855958efed209d77.css
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
last-modified
Sun, 12 Nov 2017 09:46:16 GMT
server
nginx
accept-ranges
bytes
etag
"5a081868-118d8"
content-length
71896
content-type
application/octet-stream
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 27 Jun 2022 16:06:16 GMT
x-content-type-options
nosniff
age
70481
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44800
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 27 Jun 2023 16:06:16 GMT
player.png
report.if.ua/wp-content/uploads/2017/12/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2017/12/player.png
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
7022ca758ad0b7f4bd8269777b4a697ef25e950e23403b0da91a6857dd1484bc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
last-modified
Tue, 12 Dec 2017 14:50:58 GMT
server
nginx
accept-ranges
bytes
etag
"5a2fecd2-10da"
content-length
4314
content-type
image/png
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 09:27:41 GMT
x-content-type-options
nosniff
age
7996
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Jun 2023 09:27:41 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A400%2C400i%2C700%2C900%7COpen+Sans%3A400%2C600%2C700%2C800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:401b:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://report.if.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 17:10:38 GMT
x-content-type-options
nosniff
age
585019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Jun 2023 17:10:38 GMT
js_banner
ep.umobile.pl/ Frame A258 		381 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22get%22,%22server%22:%22https://ep.umobile.pl/%22,%22iframeId%22:%22a2k6ji02ojdlt513li0aotcnl1r1656416457179%22,%22ac%22:1656416457455}
Requested by
Host: ep.umobile.pl
URL: https://ep.umobile.pl/js_banner?data={%22id_area%22:210823,%22act%22:%22load%22}
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.24.115.202.116.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
39515949a009264d8438b4dc1af695b838973afc66408b3b9d0c90c5b68850b6

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods
*
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
289
Content-Type
text/html;charset=UTF-8
Date
Tue, 28 Jun 2022 11:40:57 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0
Vary
Accept-Encoding
/
c.bigmir.net/ 		133 B
424 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n339184&w0&y0&d24&r1600
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
c.bigmir.net
Software
nginx /
Resource Hash
5986d107045f5a26232acfd742721f7c76e519f4bb3d63f564363b139971c86d

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 11:40:57 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W8FPFJ7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
2724
date
Tue, 28 Jun 2022 10:55:33 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 28 Jun 2022 12:55:33 GMT
cookie.js
partner.googleadservices.com/gampad/ 		216 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=report.if.ua&callback=_gfp_s_&client=ca-pub-4857462492105343
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
aaabb5cd0814895afd2c1fba22945ec385581f25c811b4fcb7073b9d3a23064a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=report.if.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Jun 2022 11:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=report.if.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Jun 2022 11:40:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8293 		603 B
67 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1656416457&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656416457319&bpp=42&bdt=277&idt=325&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7023710603112&frm=20&pv=2&ga_vid=2043204372.1656416458&ga_sid=1656416458&ga_hid=1903988097&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068195%2C42531605&oid=2&pvsid=200302209512332&tmod=1866743392&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=364
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 11:40:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
b59_top.gif
i.bigmir.net/cnt/samples/diagonal/ 		65 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bigmir.net/cnt/samples/diagonal/b59_top.gif
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
last-modified
Tue, 23 Jan 2007 13:14:28 GMT
server
nginx
etag
"45b60a34-41"
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
65
expires
Fri, 01 Jul 2022 11:40:58 GMT
b59_center.gif
i.bigmir.net/cnt/samples/diagonal/ 		78 B
249 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bigmir.net/cnt/samples/diagonal/b59_center.gif
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
last-modified
Tue, 23 Jan 2007 13:14:28 GMT
server
nginx
etag
"45b60a34-4e"
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
78
expires
Fri, 01 Jul 2022 11:40:58 GMT
b59_bottom.gif
i.bigmir.net/cnt/samples/diagonal/ 		66 B
237 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.bigmir.net/cnt/samples/diagonal/b59_bottom.gif
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
rs.img.com.ua
Software
nginx /
Resource Hash
35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
last-modified
Tue, 23 Jan 2007 13:14:28 GMT
server
nginx
etag
"45b60a34-42"
content-type
image/gif
cache-control
max-age=259200
accept-ranges
bytes
content-length
66
expires
Fri, 01 Jul 2022 11:40:58 GMT
prebid5.14.0.js
get.optad360.io/sf/ 		460 KB
461 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/f3e5ff0e-747d-11e8-90f0-06048607e8f8/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:c000:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 00:35:49 GMT
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
7902309
etag
"6dd0a13bde35d2daa452bba998871016"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
471445
x-amz-cf-id
EamaPPND41ZBLTtwq7TNVsp7CbcjRQ2x8Ux4OKcc3KJE1ReOR7oQ2A==
video_player
ep.umobile.pl/ Frame 0A9A 		0
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ep.umobile.pl/video_player?data[act]=getextplayer&data[id]=300
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
116.202.115.24 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.24.115.202.116.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods
*
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
application/javascript
Date
Tue, 28 Jun 2022 11:40:57 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.18.0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1903988097&t=pageview&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=2081132849&gjid=1699260596&cid=2043204372.1656416458&tid=UA-7446216-8&_gid=1295598230.1656416458&_r=1&gtm=2wg6m0W8FPFJ7&z=516062350
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:40:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1903988097&t=pageview&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAAC~&jid=1557526211&gjid=255940832&cid=2043204372.1656416458&tid=UA-7446216-8&_gid=1295598230.1656416458&_r=1&_slc=1&z=1070710245
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:40:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1903988097&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sidebar%20banners&ea=Sidebar%202%20banner%20view&_u=YAjAAEABAAAAAC~&jid=&gjid=&cid=2043204372.1656416458&tid=UA-7446216-8&_gid=1295598230.1656416458&gtm=2wg6m0W8FPFJ7&z=1535849778
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jun 2022 14:31:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
76169
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
logo_r_eu-1.svg
report.if.ua/wp-content/uploads/2017/12/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2017/12/logo_r_eu-1.svg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
1159ba1e605fff6cdf2a2d9b390446ca25df82d99b25cf1c4885ba173991590d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
last-modified
Sat, 09 Dec 2017 15:35:26 GMT
server
nginx
accept-ranges
bytes
etag
"5a2c02be-2369"
content-length
9065
content-type
image/svg+xml
vijna-8-370x247.jpg
report.if.ua/wp-content/uploads/2022/06/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/vijna-8-370x247.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
1fc65583a139502d8603398f94b66aa9af126cae8bc6d72346a496bfc0c3efc9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
last-modified
Tue, 28 Jun 2022 04:58:09 GMT
server
nginx
accept-ranges
bytes
etag
"62ba8a61-a787"
content-length
42887
content-type
image/jpeg
avtoservis-4-110x73.jpg
report.if.ua/wp-content/uploads/2022/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/avtoservis-4-110x73.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
e6088f859710b679bdf8f4694d65d66b92be7b6edc2ce21f27f34426b14cf213

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
last-modified
Mon, 27 Jun 2022 14:08:40 GMT
server
nginx
accept-ranges
bytes
etag
"62b9b9e8-12fa"
content-length
4858
content-type
image/jpeg
vijna-6-110x73.jpg
report.if.ua/wp-content/uploads/2022/06/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/vijna-6-110x73.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
a0018ab327befdb75104b7ff8f033ed3d84eb30934548cd9cb0f3c4822995479

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
last-modified
Wed, 15 Jun 2022 05:02:56 GMT
server
nginx
accept-ranges
bytes
etag
"62a96800-1123"
content-length
4387
content-type
image/jpeg
zsu-1-110x73.jpg
report.if.ua/wp-content/uploads/2022/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/zsu-1-110x73.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
a61ff7be93bae5ee9148e9b9005736c1fab9ed97aca28c7432de49e545644b64

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
last-modified
Mon, 27 Jun 2022 05:06:32 GMT
server
nginx
accept-ranges
bytes
etag
"62b93ad8-14da"
content-length
5338
content-type
image/jpeg
znimok-ekrana-2022-06-26-o-17.36.00-110x73.png
report.if.ua/wp-content/uploads/2022/06/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/znimok-ekrana-2022-06-26-o-17.36.00-110x73.png
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
fde8505bc5354e71ef5093ba67b6d0957362d3935e7861f86929b7c61f2a29a6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
last-modified
Sun, 26 Jun 2022 14:36:19 GMT
server
nginx
accept-ranges
bytes
etag
"62b86ee3-4b92"
content-length
19346
content-type
image/png
300h250-traven.jpg
report.if.ua/wp-content/uploads/2022/06/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/300h250-traven.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
a9ddf516da77057e7d8efbb2320b9ba9390acf206f7806d21ab389c9d23350c8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
last-modified
Mon, 20 Jun 2022 07:55:46 GMT
server
nginx
accept-ranges
bytes
etag
"62b02802-1450e"
content-length
83214
content-type
image/jpeg
bila-hata.jpg
report.if.ua/wp-content/uploads/2018/11/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2018/11/bila-hata.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
704d1d0fc963c213f27b42d57bb7257c003c8eb372305fbca4e2b436323d4d7e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
last-modified
Sat, 24 Nov 2018 13:14:19 GMT
server
nginx
accept-ranges
bytes
etag
"5bf94eab-aefc"
content-length
44796
content-type
image/jpeg
290734039_404856985016854_5341350392374500123_n-370x247.jpg
report.if.ua/wp-content/uploads/2022/06/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/290734039_404856985016854_5341350392374500123_n-370x247.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
442cced2321c6ef43afadfdfce3ad62e1fc6cfef52a8f831212cf5fb67aa2ce9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
last-modified
Mon, 27 Jun 2022 10:52:32 GMT
server
nginx
accept-ranges
bytes
etag
"62b98bf0-7b9b"
content-length
31643
content-type
image/jpeg
jakisni-velosypedy.gif
report.if.ua/wp-content/uploads/2022/06/ 		226 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/jakisni-velosypedy.gif
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
2e956dc1ba3121986410046936c4c61aa00b47adca90e2c7a12d33e3ac41fe04

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
last-modified
Thu, 09 Jun 2022 13:17:42 GMT
server
nginx
accept-ranges
bytes
etag
"62a1f2f6-386c1"
content-length
231105
content-type
image/gif
spilka-zabudivnykiv_580x96.gif
report.if.ua/wp-content/uploads/2021/11/ 		275 KB
275 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2021/11/spilka-zabudivnykiv_580x96.gif
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
133974970cd7dafaa652f6cff32bc1a0dafd5ccd58e428ff06edd3c74e31833e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
last-modified
Mon, 08 Nov 2021 16:45:18 GMT
server
nginx
accept-ranges
bytes
etag
"6189541e-44b9e"
content-length
281502
content-type
image/gif
collect
stats.g.doubleclick.net/j/ 		1 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7446216-8&cid=2043204372.1656416458&jid=1557526211&gjid=255940832&_gid=1295598230.1656416458&_u=YAjAAEABAAAAAC~&z=405064599
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 28 Jun 2022 11:40:58 GMT
content-type
text/plain
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7446216-8&cid=2043204372.1656416458&jid=2081132849&gjid=1699260596&_gid=1295598230.1656416458&_u=YAhAAEAAAAAAAC~&z=18957361
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 28 Jun 2022 11:40:58 GMT
content-type
text/plain
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://report.if.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://report.if.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 28 Jun 2022 11:40:58 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220628
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
830fc1a1a04c9c07c4a5a574220105ba177da937c895bfab19fbdc47783fea9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
31194
x-jsd-version
1.0.1385
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19125-FRA, cache-iad-kiad7000134-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"668-jAPxNAaVllog8tMf4+2E5IVnZoM"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4mBD7ZDTeq98jINnbrAy79E%2FBgNurrby2vdM8wlTiO9ryEvqX6XhUCWImotDzDZDXcsYJ9NXNw%2FFpPjr6Yno6bG3Q%2BffbdaEv2uDHkFLcv3M%2BFUAAJpbA34chpG0UQtUPm93zp9zp1wnACuHWI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
722626902f620204-ZRH
access-control-expose-headers
*
localstore.js
script.4dex.io/ 		483 B
944 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1809666
x-amz-request-id
txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2
txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KUvVNyw1nW2Do8LyTyuyT13s2j2u%2BVXakgSN4XXoRkvrsg%2FZAJhr%2B%2FfDpaaR4dUA5qOXeCK%2Fo6DfhUBsmH02HMGNP4qB0s87%2Bw1C3sCD3ZL8AVHhrRepLLkowX5FDIC84e2RPnvKYGhz0pNS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1652176652152482
cf-ray
722626907f6c3753-MXP
arj
optad360-d.openx.net/w/1.0/ 		172 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optad360-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Freport.if.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=62aeb298-9ae9-40fc-b49e-1ce24b4d99ed&nocache=1656416458153&gdpr=0&schain=1.0%2C1!optad360.com%2C4214681%2C1%2C%2C%2C&aus=728x90%2C750x100%2C970x90&divids=oa-360-1656416457936_46g8hfp9a-undefined&aucs=&auid=543540636
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
c65d44a2e2167527c8dad3b71f6c1821371c564667b68769f73a1dd18c35c63b

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:40:58 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://report.if.ua
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		0
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://report.if.ua
date
Tue, 28 Jun 2022 11:40:57 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
/
ssp.wp.pl/bidder/ 		0
221 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://report.if.ua
access-control-allow-credentials
true
uber-trace-id
0000000000000000174fce61caafe9c9:edcf0338b3dbeedf:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
openrtb
adx.adform.net/adx/ 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:40:58 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://report.if.ua
date
Tue, 28 Jun 2022 11:40:58 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		144 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ed36cf1c0dd8a407d9c0f73e23012cb590d59bb774337e8983aad325ef7bc198
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 11:40:58 GMT
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
47e373e6-7fdc-41cb-bc9d-ccaf429cdab6
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://report.if.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
144
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
v2
i.connectad.io/api/ 		0
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7226269058c001f4-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdb
bidder.criteo.com/ 		0
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=87591899168
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://report.if.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
cdb
bidder.criteo.com/ 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.14.0&cb=75317074686
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 11:40:57 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://report.if.ua
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
c
prebid.a-mo.net/a/ 		0
274 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://report.if.ua
date
Tue, 28 Jun 2022 11:40:58 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
arj
optad360-d.openx.net/w/1.0/ 		172 B
590 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://optad360-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Freport.if.ua%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8af340ad-bb46-47f0-b190-fe52d90d6643&nocache=1656416458169&gdpr=0&schain=1.0%2C1!optad360.com%2C4214681%2C1%2C%2C%2C&aus=336x280%2C360x300%2C300x250&divids=oa-360-1656416457938_y1mfije4i-0&aucs=&auid=543540636
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
068dec34b7f52222f8a46042f6e5fec85f1bb994ea911119a918f6ae7fde70d5

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:40:58 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://report.if.ua
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ssp.wp.pl/bidder/ 		0
56 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/?cs=true&bdver=5.0&pbver=5.14.0&inver=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
server
nginx
vary
Origin
accept-ch-lifetime
604800
access-control-allow-origin
https://report.if.ua
access-control-allow-credentials
true
uber-trace-id
0000000000000000eec8aa5f268c05ca:814bab6e0eb36710:0:0
accept-ch
device-memory, dpr, width, viewport-width, rtt, downlink, ect
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://report.if.ua
date
Tue, 28 Jun 2022 11:40:58 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
93dd2d7f68186aff042ef6ec5e3df1649c9d87d03eadc297627ca374357d3648
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 28 Jun 2022 11:40:58 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
f1094bff-a500-49d9-86c1-2b7e3dd79d44
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://report.if.ua
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://report.if.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://report.if.ua
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Tue, 28 Jun 2022 11:40:58 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
v2
i.connectad.io/api/ 		0
37 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.connectad.io/api/v2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
7226269058c201f4-ZRH
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
openrtb
adx.adform.net/adx/ 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.239 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://report.if.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:40:58 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1903988097&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Promo%20banners&ea=Top%20right%20banner%20view&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=2043204372.1656416458&tid=UA-7446216-8&_gid=1295598230.1656416458&gtm=2wg6m0W8FPFJ7&z=866927836
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jun 2022 14:31:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
76169
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1903988097&t=event&ni=0&_s=1&dl=https%3A%2F%2Freport.if.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A0%D0%B5%D0%BF%D0%BE%D1%80%D1%82%D0%B5%D1%80%20-%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%86%D0%B2%D0%B0%D0%BD%D0%BE-%D0%A4%D1%80%D0%B0%D0%BD%D0%BA%D1%96%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D1%82%D0%B0%20%D0%9F%D1%80%D0%B8%D0%BA%D0%B0%D1%80%D0%BF%D0%B0%D1%82%D1%82%D1%8F&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Promo%20banners&ea=Top%20left%20banner%20view&_u=aAjAAEABAAAAAC~&jid=&gjid=&cid=2043204372.1656416458&tid=UA-7446216-8&_gid=1295598230.1656416458&gtm=2wg6m0W8FPFJ7&z=660024262
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Jun 2022 14:31:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
76169
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
avtoservis-4-554x466.jpg
report.if.ua/wp-content/uploads/2022/06/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/avtoservis-4-554x466.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
5a6598d59a7cfbd2402f1a9d23fce875f21966f6c8a38ff1a6d5be3b82d2b2e8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
last-modified
Mon, 27 Jun 2022 14:08:33 GMT
server
nginx
accept-ranges
bytes
etag
"62b9b9e1-159f8"
content-length
88568
content-type
image/jpeg
banderivskyj-batonchyk-2-306x466.jpg
report.if.ua/wp-content/uploads/2022/06/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/banderivskyj-batonchyk-2-306x466.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
43e518c89b586ab2e55a2cf85d25228a40c58be953b5716136660a32a9fcf19a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
last-modified
Fri, 24 Jun 2022 13:21:01 GMT
server
nginx
accept-ranges
bytes
etag
"62b5ba3d-102dd"
content-length
66269
content-type
image/jpeg
speka-1-306x320.jpg
report.if.ua/wp-content/uploads/2021/07/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2021/07/speka-1-306x320.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
a2b3021075817f0b03b8cf125bc75831eae29c6e121f0c2153a395a3386b823b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
last-modified
Sun, 25 Jul 2021 06:30:51 GMT
server
nginx
accept-ranges
bytes
etag
"60fd051b-853a"
content-length
34106
content-type
image/jpeg
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1808914
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx89dc0f462f0a4473be739-00629f4c0d
x-amz-id-2
tx89dc0f462f0a4473be739-00629f4c0d
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTCBw2QxWSW79uMi6eN%2BM4XsYjwgkW1aChC5F%2F9JN2eTQ8GXAAy4cvEh%2FKOqDx7cEfWOOXLt2vdgcG%2Bynq%2F7tJXod%2BnUODzwo%2FqiCvT93d%2Fetiv0%2BZijC5dQ19K5vxi77tCnIBq1Qn7zMQyZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
722626920b943744-MXP
access-control-allow-headers
Authorization
dim-pryhystok-370x247.jpg
report.if.ua/wp-content/uploads/2022/06/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/dim-pryhystok-370x247.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
1431822786c62e30e156f7db4cd30f2f74cdd43ea5c532ec55763626d74e198d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
last-modified
Tue, 28 Jun 2022 08:18:18 GMT
server
nginx
accept-ranges
bytes
etag
"62bab94a-4b9b"
content-length
19355
content-type
image/jpeg
60003335_842416096110354_211597374928191488_n.jpg
report.if.ua/wp-content/uploads/2019/05/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2019/05/60003335_842416096110354_211597374928191488_n.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
d0f7a26d388b4186c9b4f3b328cad51913a59278a64ba3f6bcf4f049bebd5893

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
last-modified
Mon, 13 May 2019 13:15:53 GMT
server
nginx
accept-ranges
bytes
etag
"5cd96e09-b5bf"
content-length
46527
content-type
image/jpeg
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220623&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
08310a38e1d835581344c32142e99894872ffa876fd5c75cf7c1eb85853e45f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 28 Jun 2022 11:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10679
x-xss-protection
0
289829802_1812618762415738_5789777416869096751_n-370x247.jpg
report.if.ua/wp-content/uploads/2022/06/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/289829802_1812618762415738_5789777416869096751_n-370x247.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
b4ec4d433126f022c6bf0b4d757d082d63dcb69813774b3e96490212439d4e82

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
last-modified
Tue, 28 Jun 2022 06:00:22 GMT
server
nginx
accept-ranges
bytes
etag
"62ba98f6-a991"
content-length
43409
content-type
image/jpeg
vyrok-sud.jpg
report.if.ua/wp-content/uploads/2020/01/ 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2020/01/vyrok-sud.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
8c9eea35b6fa0550562b7d76ab81b19549759f4ce4374e541d187b8697293e23

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
last-modified
Sat, 11 Jan 2020 07:57:07 GMT
server
nginx
accept-ranges
bytes
etag
"5e197fd3-a44f"
content-length
42063
content-type
image/jpeg
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4857462492105343&plah=report.if.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Jun 2022 11:40:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6D1A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
5201
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 10:14:17 GMT
expires
Wed, 28 Jun 2023 10:14:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 83B4 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
61487d75812bc5166abd7b733ea9d8f6bdbd0767b270c65eb3ea1700568e4adc
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZZZn9HU_FJRiuIWWCUZPwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-ZZZn9HU_FJRiuIWWCUZPwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 11:40:58 GMT
expires
Tue, 28 Jun 2022 11:40:58 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
knGWWo7aSa0uHovcfrgOqEbwt81bmGsp9O44qLiKOUk.js
pagead2.googlesyndication.com/bg/ Frame 6D1A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/knGWWo7aSa0uHovcfrgOqEbwt81bmGsp9O44qLiKOUk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9271965a8eda49ad2e1e8bdc7eb80ea846f0b7cd5b986b29f4ee38a8b88a3949
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:20:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
1257
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13854
x-xss-protection
0
last-modified
Tue, 21 Jun 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 28 Jun 2023 11:20:01 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 83B4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220623&jk=200302209512332&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 6D1A 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?Qjt0-A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
publishertag.prebid.113.js
static.criteo.net/js/ld/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:59 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Jun 2022 11:40:59 GMT
syncframe
gum.criteo.com/ Frame 491D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=report.if.ua
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Jun 2022 11:40:58 GMT
server-processing-duration-in-ticks
2225
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:59 GMT
content-encoding
gzip
last-modified
Tue, 03 May 2022 11:21:00 GMT
server
nginx
etag
W/"6271101c-15b58"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 29 Jun 2022 11:40:59 GMT
dim-pryhystok-370x247.jpg
report.if.ua/wp-content/uploads/2022/06/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/dim-pryhystok-370x247.jpg
Requested by
Host: report.if.ua
URL: https://report.if.ua/wp-content/cache/autoptimize/js/autoptimize_6def8e87be108548b5cfee70eeed7f4a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
1431822786c62e30e156f7db4cd30f2f74cdd43ea5c532ec55763626d74e198d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:59 GMT
last-modified
Tue, 28 Jun 2022 08:18:18 GMT
server
nginx
accept-ranges
bytes
etag
"62bab94a-4b9b"
content-length
19355
content-type
image/jpeg
ronaldo-1-110x73.jpeg
report.if.ua/wp-content/uploads/2022/06/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/ronaldo-1-110x73.jpeg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
dfe0c44bc5ff1b544cb4804ccac0b66e9bb96897d5787c0dcdaed11a9bdb19e5

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:59 GMT
last-modified
Sun, 26 Jun 2022 14:51:45 GMT
server
nginx
accept-ranges
bytes
etag
"62b87281-1253"
content-length
4691
content-type
image/jpeg
blaho-300h250_.jpg
report.if.ua/wp-content/uploads/2022/06/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://report.if.ua/wp-content/uploads/2022/06/blaho-300h250_.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.24.97.24 , Lithuania, ASN212531 (INTERNETO-VIZIJA, LT),
Reverse DNS
20371.s.serverhost.name
Software
nginx /
Resource Hash
44384efd1786a63b88af1ab8ae01d1e585956a920127678eb07bae8491ca81cf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:40:59 GMT
last-modified
Fri, 03 Jun 2022 11:19:45 GMT
server
nginx
accept-ranges
bytes
etag
"6299ee51-1012f"
content-length
65839
content-type
image/jpeg
sid
mug.criteo.com/ Frame 491D
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=report.if.ua&sn=ChromeSyncframe&so=0&topUrl=report.if.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=dZaj4HxOK3FvT3hwd2E2eUp3ZHVCK2dSNkQ1U1gyUkkraWQ0R2tTdU5ZOFZqU0VoS2pYT1BKS0lnc3hKTzkva2JiL2J4MXp4Yy9lNkNxWFZueFRxUUwzWWplZHFRUWRpb1ZjeS8rMTlsTGtiWkMvbVQxM3FSSWw2VFBIdz...
425 B
627 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=dZaj4HxOK3FvT3hwd2E2eUp3ZHVCK2dSNkQ1U1gyUkkraWQ0R2tTdU5ZOFZqU0VoS2pYT1BKS0lnc3hKTzkva2JiL2J4MXp4Yy9lNkNxWFZueFRxUUwzWWplZHFRUWRpb1ZjeS8rMTlsTGtiWkMvbVQxM3FSSWw2VFBIdzRiaVAzb0Y3T0wxeUhIT2ZoVHIvRFZPODM0ZXZIckdzNUVjdk5Vc0VKUzdRQVNxU3k5Qyt1NWF0eUlLYm1OZEwzcHUyRUhsSkRIbU9vWCsvOWVjcnowSzNsMUZ3a3FsQmFBMDBDK3RiN0VYclNPZDFmTk92QWFVbGZNTFJUMDRGa2c5QjR2TGNuNHRDODlZOTM1VnlWcWo1dTYrZy8xUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
3b0e08a873aa959ef3f05634d4bf7ea305aeed6da277784fbbdc3b00f386e5b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:40:59 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5452
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:40:59 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=dZaj4HxOK3FvT3hwd2E2eUp3ZHVCK2dSNkQ1U1gyUkkraWQ0R2tTdU5ZOFZqU0VoS2pYT1BKS0lnc3hKTzkva2JiL2J4MXp4Yy9lNkNxWFZueFRxUUwzWWplZHFRUWRpb1ZjeS8rMTlsTGtiWkMvbVQxM3FSSWw2VFBIdzRiaVAzb0Y3T0wxeUhIT2ZoVHIvRFZPODM0ZXZIckdzNUVjdk5Vc0VKUzdRQVNxU3k5Qyt1NWF0eUlLYm1OZEwzcHUyRUhsSkRIbU9vWCsvOWVjcnowSzNsMUZ3a3FsQmFBMDBDK3RiN0VYclNPZDFmTk92QWFVbGZNTFJUMDRGa2c5QjR2TGNuNHRDODlZOTM1VnlWcWo1dTYrZy8xUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1383
content-length
541
expires
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220623&jk=200302209512332&bg=!0NOl05fNAAa8IIBmnCA7ACkAdvg8Wh5QKyyPSbkcIxPfD_Sz-FHlL6JU4p4wAqTrkyeWDIseMLK1UQIAAAC_UgAAAANoAQcKAD1Jr-eexskus4f3roGtUwiq2DkS1QS8c0qPHQW8pc1MaOzWdcayycVc8PKAzK2U3-vWY8NOBFXrQEKd533dmQKZ_V_4gzeyQnYgu2pzO-MfbB-VBJfGX0yvIA0tjWZDTzIj41cjFIfF45Y776qpJp9VleDuW7AiDyywXC-poL1wLtPXHYBtHlb5pC1XSzvO2yThNnd0WIkOK6HeEFjhuMv88XWn6XiK8MluNxq7-W_07j9FAQA5Zeae_ehzwbrq-UWer5DcJObMWUSre1Wardhd2FtcR-YThY62Lc1Yrg-HAh1OHND6LjIJLIo9Ra7oX3906-_0eihLId6dTHQ70B9CcICQ4xz0mF6ldjMsOI1dHwxzmMl1pKYqAiLgJkKhtkgtgWBJ09Jn3YYyYNDQK5q_t4NFyZAMnnnhPREdNJz8mzgV-4hIDnLbrmlvgZjl-5eTNQkCvYfJDrfXQq78ka0AFAXIZ2fEDGuAKZlqgf09tpjl7Jyb-7zfba4RYSCXqj3fpDS_wCu7Fht3DCliWWNo1UWZnVeYIlkwXBPgMb_k32QFhuCBGimaPqON0DwwNtExYz1E-u-V4fhdwY39nRsBX-nOOpE-UmcyD61CHnk_Gwr0fGtBs0kPuzEL5wOsYerrXgRdV9PqAzuW-ROJYE4GsBCZQW0Fr-hWVv4Ivk5vuL4yaYaMJ0CAcd32dLQLRMKW62ERfh34K886Gchm2dyvxgvxhrboAiZAVoPZEtQz-D_zGeNA_1inCw2CuqWwJsoq8pI7oFF6sDuB4hLvpHW_zJrPOswxe73p5ynAGsMhUU-bASvsaU9HtZnEJAgFTWh40kW3p9GcdDs7a4tfudx-qUzCqXxPIx8md2iAmRlRLL8t1YoSryUB7EBXIt-7JNkeNSMCAijgLjygeF81bdJBlN-nHlfCRdD7dxChT3ywqBBqls84lksHBVe_QbefF4lFJ13h99ywM14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1
  • https://mug.criteo.com/sid?cpp=IWneMnxpdUFNL2dtaGhKcnB0RnJmTTRScloyVVhzZDVGbWFyRXhOMmhLaitzUHUwQmxrU0NWSmFBb2pRMGF2L1dXU0FFRUhUV2V2Y0pIRElvdFNNTkZJS2xjSmM2aTlQckxjNVdBejl5TWY1Z1k5WUtUNXdLNWpXYnFsRj...
417 B
667 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IWneMnxpdUFNL2dtaGhKcnB0RnJmTTRScloyVVhzZDVGbWFyRXhOMmhLaitzUHUwQmxrU0NWSmFBb2pRMGF2L1dXU0FFRUhUV2V2Y0pIRElvdFNNTkZJS2xjSmM2aTlQckxjNVdBejl5TWY1Z1k5WUtUNXdLNWpXYnFsRjIxUjVKZ0hUaVdZZjZRdDBtMGFkbkdFSkliMWUrOTNxUmFMeVBFSEF1SEZteHV5Qld2dnMrL1p4WENwaUFQU0tkcTNKYTBGdWYvanNOajhZaFpPWEtSOThUSS9DYWpxelo5SWtoT0p3b1QxZmoxTmwxWmp4eUkzWEtIcUlwRjV6RXVuV1RjQlgyaVpqLzlLd0hsWW5nclRIdU9LTjhBUT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
2a1b70585e1323242402e8759c1f98b598f856c27bea7d5a50f777deffd916e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://report.if.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3359
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:00 GMT
location
https://mug.criteo.com/sid?cpp=IWneMnxpdUFNL2dtaGhKcnB0RnJmTTRScloyVVhzZDVGbWFyRXhOMmhLaitzUHUwQmxrU0NWSmFBb2pRMGF2L1dXU0FFRUhUV2V2Y0pIRElvdFNNTkZJS2xjSmM2aTlQckxjNVdBejl5TWY1Z1k5WUtUNXdLNWpXYnFsRjIxUjVKZ0hUaVdZZjZRdDBtMGFkbkdFSkliMWUrOTNxUmFMeVBFSEF1SEZteHV5Qld2dnMrL1p4WENwaUFQU0tkcTNKYTBGdWYvanNOajhZaFpPWEtSOThUSS9DYWpxelo5SWtoT0p3b1QxZmoxTmwxWmp4eUkzWEtIcUlwRjV6RXVuV1RjQlgyaVpqLzlLd0hsWW5nclRIdU9LTjhBUT09fA&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1406
content-length
541
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Freport.if.ua%2F&domain=report.if.ua&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://report.if.ua
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://report.if.ua
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 28 Jun 2022 11:41:01 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1337
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
pd
eu-u.openx.net/w/1.0/ Frame F76F 		668 B
730 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
07630498fb81f053a3040d6553c2aa4590e146278bb5c1ffafd6bddbd725f882

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
417
content-type
text/html
date
Tue, 28 Jun 2022 11:41:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
via
1.1 google
connectmyusers.php
cdn.connectad.io/ Frame 9DA9 		1 KB
701 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
722626a4a96c01f4-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 28 Jun 2022 11:41:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 29 Jun 2022 11:41:01 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame E7D7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
23568
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 28 Jun 2022 11:41:01 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 22 Jun 2022 05:08:01 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
195830, 114247
X-Served-By
cache-lga21982-LGA, cache-lcy19281-LCY
X-Timer
S1656416462.598607,VS0,VE0
usersync
ssp.wp.pl/bidder/ Frame 9BC9 		477 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Tue, 28 Jun 2022 11:41:01 GMT
last-modified
Mon, 27 Jun 2022 10:41:06 GMT
server
nginx
vary
Accept-Encoding
usersync
ssp.wp.pl/bidder/ Frame AFD9 		477 B
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssp.wp.pl/bidder/usersync?tcf=2
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.99.29 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
ssp.wp.pl
Software
nginx /
Resource Hash
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-origin
*
content-encoding
gzip
content-length
281
content-type
text/html; charset=utf-8
date
Tue, 28 Jun 2022 11:41:01 GMT
last-modified
Mon, 27 Jun 2022 10:41:06 GMT
server
nginx
vary
Accept-Encoding
connectmyusers.php
cdn.connectad.io/ Frame 10B1 		1 KB
809 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.connectad.io/connectmyusers.php?
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=86400 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
722626a4a96901f4-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 28 Jun 2022 11:41:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Wed, 29 Jun 2022 11:41:01 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7A57 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
23567
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 28 Jun 2022 11:41:01 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 22 Jun 2022 05:08:01 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
195830, 109788
X-Served-By
cache-lga21982-LGA, cache-lcy19236-LCY
X-Timer
S1656416462.603005,VS0,VE0
pd
eu-u.openx.net/w/1.0/ Frame 804E 		668 B
718 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
07630498fb81f053a3040d6553c2aa4590e146278bb5c1ffafd6bddbd725f882

Request headers

Referer
https://report.if.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
417
content-type
text/html
date
Tue, 28 Jun 2022 11:41:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
via
1.1 google
sd
eu-u.openx.net/w/1.0/ Frame F76F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=53dc62ba-e8cd-4b00-ae88-db32433c792c
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=53dc62ba-e8cd-4b00-ae88-db32433c792c
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 28 Jun 2022 11:41:01 GMT
Server
MT3 4475 c1dc35a master zrh-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=53dc62ba-e8cd-4b00-ae88-db32433c792c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Jun 2022 11:41:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F76F
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=F-5og0TkaYYMvWvQFOwngBDtONIMuDjVEbqjgyuA
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=F-5og0TkaYYMvWvQFOwngBDtONIMuDjVEbqjgyuA
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=F-5og0TkaYYMvWvQFOwngBDtONIMuDjVEbqjgyuA
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame F76F
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3540432295684120013
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3540432295684120013
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3540432295684120013
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame F76F 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=5a2cd6ed-66fb-3dd5-7241-5c7519ef55b3&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame F76F 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzY0MzA1MjctYWY4Yy02MzcxLTY3YTEtMDZjY2QzMGQ5YmQz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame F76F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOOx9cvvMji9hAgwUXFPVCA&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOOx9cvvMji9hAgwUXFPVCA&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOOx9cvvMji9hAgwUXFPVCA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 804E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=725d62ba-e8cd-4700-b4fe-ae9173a167d7
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=725d62ba-e8cd-4700-b4fe-ae9173a167d7
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 28 Jun 2022 11:41:01 GMT
Server
MT3 4475 c1dc35a master zrh-pixel-x10 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=725d62ba-e8cd-4700-b4fe-ae9173a167d7
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 28 Jun 2022 11:41:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 804E
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=RuH8IRXr_SRdsv9zROOzd0Pmp3ddsawmFLDe11Cz
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=RuH8IRXr_SRdsv9zROOzd0Pmp3ddsawmFLDe11Cz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=RuH8IRXr_SRdsv9zROOzd0Pmp3ddsawmFLDe11Cz
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 804E
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4357260699991836299
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4357260699991836299
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=4357260699991836299
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 804E 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=5a2cd6ed-66fb-3dd5-7241-5c7519ef55b3&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 804E 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NzY0MzA1MjctYWY4Yy02MzcxLTY3YTEtMDZjY2QzMGQ5YmQz
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 804E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIUf_Ql8c-AglGr0WklkSFM&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIUf_Ql8c-AglGr0WklkSFM&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=6910164f-8257-4e43-b5b0-3cdbc1192776&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Jun 2022 11:41:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIUf_Ql8c-AglGr0WklkSFM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame 9BC9 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
a95ee40714455cbf09583b91749c105d0ff6a24c7106cd3edfb0269096d09f12

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:41:01 GMT
content-encoding
br
last-modified
Tue, 28 Jun 2022 10:09:42 GMT
server
nginx
etag
W/"af5c70627a587e9e61a6585aa896e65d"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
wpjslib-sync.js
std.wpcdn.pl/wpjslib6/ Frame AFD9 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://std.wpcdn.pl/wpjslib6/wpjslib-sync.js
Requested by
Host: ssp.wp.pl
URL: https://ssp.wp.pl/bidder/usersync?tcf=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
212.77.98.32 , Poland, ASN12827 (WIRTUALNAPOLSKA GDANSK, Poland, PL),
Reverse DNS
wifi32.ras.wp.pl
Software
nginx /
Resource Hash
a95ee40714455cbf09583b91749c105d0ff6a24c7106cd3edfb0269096d09f12

Request headers

Referer
https://ssp.wp.pl/
Origin
https://ssp.wp.pl
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 28 Jun 2022 11:41:01 GMT
content-encoding
br
last-modified
Tue, 28 Jun 2022 10:09:42 GMT
server
nginx
etag
W/"af5c70627a587e9e61a6585aa896e65d"
access-control-max-age
300
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, stale-while-revalidate=86400
x-rgw-object-type
Normal
timing-allow-origin
*
access-control-allow-headers
*
async_usersync
ib.adnxs.com/ Frame E7D7 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 11:41:01 GMT
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
4d371ad7-9877-42cd-a45b-068a0ce18caf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7A57 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 11:41:01 GMT
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
dfc7cf21-c75d-49ca-addb-999af099e0e7
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
1
sync-eu.connectad.io/syncer/ Frame DAB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-eu.connectad.io/syncer/1
Requested by
Host: cdn.connectad.io
URL: https://cdn.connectad.io/connectmyusers.php?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://cdn.connectad.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
722626a5aaf701f4-ZRH
date
Tue, 28 Jun 2022 11:41:01 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
via
1.1 google
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=IWneMnxpdUFNL2dtaGhKcnB0RnJmTTRScloyVVhzZDVGbWFyRXhOMmhLaitzUHUwQmxrU0NWSmFBb2pRMGF2L1dXU0FFRUhUV2V2Y0pIRElvdFNNTkZJS2xjSmM2aTlQckxjNVdBejl5TWY1Z1k5WUtUNXdLNWpXYnFsRjIxUjVKZ0hUaVdZZjZRdDBtMGFkbkdFSkliMWUrOTNxUmFMeVBFSEF1SEZteHV5Qld2dnMrL1p4WENwaUFQU0tkcTNKYTBGdWYvanNOajhZaFpPWEtSOThUSS9DYWpxelo5SWtoT0p3b1QxZmoxTmwxWmp4eUkzWEtIcUlwRjV6RXVuV1RjQlgyaVpqLzlLd0hsWW5nclRIdU9LTjhBUT09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 28 Jun 2022 11:41:01 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1037
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame E7D7 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 11:41:02 GMT
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
12dbb292-4250-4c5b-83f2-0edb8d1c8a68
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7A57 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Jun 2022 11:41:02 GMT
X-Proxy-Origin
217.138.196.100; 217.138.196.100; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2a8671f7-335e-4285-a33a-a170d7a90044
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| SS_DATA object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter string| google_user_agent_client_hint undefined| $ function| jQuery object| dataLayer function| google_spfd number| google_unique_id object| google_sv_map function| BM_Draw number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r function| setCookie function| getCookie function| createGeoRestrictionCookie object| google_tag_manager string| GoogleAnalyticsObject function| ga function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime object| BM_STAT boolean| __isGoogleAllowed object| pbjs325474 object| Bunyad object| gaplugins object| gaData object| Bunyad_Theme object| Bunyad_Pagination function| objectFitImages function| vc_js function| getSizeName function| loadScript function| vc_ttaActivation function| vc_accordionActivate function| initVideoBackgrounds function| vc_initVideoBackgrounds function| insertYoutubeVideoAsBackground function| vcResizeVideoBackground function| vcExtractYoutubeId function| vc_googleMapsPointer string| screen_size function| jarallax object| lazySizes object| wp function| vc_plugin_flexslider function| vc_googleplus function| vc_pinterest function| vc_progress_bar function| vc_waypoints function| vc_toggleBehaviour function| vc_tabsBehaviour function| vc_accordionBehaviour function| vc_teaserGrid function| vc_carouselBehaviour function| vc_slidersBehaviour function| vc_prettyPhoto function| vc_google_fonts boolean| vcParallaxSkroll function| vc_rowBehaviour function| vc_gridBehaviour function| getColumnsCount function| wpb_prepare_tab_content function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| Criteo object| googletag object| sas object| apntag object| _ADAGIO object| GoogleGcLKhOms object| criteo_pubtag object| criteo_pubtag_prebid_113 object| Criteo_prebid_113 object| google_image_requests

23 Cookies

Domain/Path Name / Value
report.if.ua/ Name: b
Value: b
report.if.ua/ Name: __oagr
Value: true
.report.if.ua/ Name: __gads
Value: ID=6b66721878c85f88-221d2094becd0025:T=1656416457:RT=1656416457:S=ALNI_MZ1iKPlcykvU-sEvDpHjzNR12VppA
.report.if.ua/ Name: _ga
Value: GA1.3.2043204372.1656416458
.report.if.ua/ Name: _gid
Value: GA1.3.1295598230.1656416458
.report.if.ua/ Name: _gat_UA-7446216-8
Value: 1
.report.if.ua/ Name: _gat
Value: 1
report.if.ua/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.prebid.a-mo.net/ Name: __amc
Value: 1_1656416458_1656416458
.openx.net/ Name: i
Value: 8980e9b4-cf7c-0222-2897-949d7dc8664e|1656416458
.adnxs.com/ Name: icu
Value: ChgIqupbEAoYASABKAEwytHrlQY4AUABSAEQytHrlQYYAA..
.adnxs.com/ Name: uuid2
Value: 2484737580078724395
.criteo.com/ Name: uid
Value: 8d648e67-7cd7-402d-8b1f-080282b3cf74
.report.if.ua/ Name: cto_bundle
Value: ro2Qe19xVDc5ekRmRUtrUyUyRnlZVlZyQ1p2ZjZtNDBjMHdjb0VkcGx3UEJCU1U1WVc2R0xnWTJvV2FvYXQzS2pBckRSaHlBT0pvZXlMS2FMNGRQbCUyRmxrRk9YUmpNSjVybTZxZExCN3RjeWhIOEl6ZmhRMzJFWnpVUVEzajJjUkVWNzNUJTJGU1p6QW1WTDczVkJ6cXI3bk8xRVpvb2clM0QlM0Q
.openx.net/ Name: pd
Value: v2|1656416461|gekin0vNiygu
.quantserve.com/ Name: d
Value: EJIBDAG-JoqsMA
.quantserve.com/ Name: mc
Value: 62bae8cd-aa340-73597-b2fdc
.mathtag.com/ Name: uuid
Value: 53dc62ba-e8cd-4b00-ae88-db32433c792c
.adform.net/ Name: C
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlg8N949m-TMrh4n-jc6i-cClmoPGskyixVV9e_q08ZizDYbRAJ6d9TXlevUBE
.adform.net/ Name: uid
Value: 4357260699991836299
report.if.ua/ Name: cto_bundle
Value: NKEmc19BNnJIaVAxcm5SeEpTTXU2NjFQckduUyUyQlhIMThMdkJyblRyR2d4WjA3JTJCUE5Ob016UnljclVGeU5EZDVrS0J6N1p4ZXV4aURCcmFpRXNSJTJGbWloQmM3Q0pwWHhaZzU0Tk0wd2cyVW9pbDJkaFBJZk50MjZMdmxna2xNWUx4WkRZSmhTTVdiSTNPZmJtVUh0cnNMRUJxbEElM0QlM0Q
report.if.ua/ Name: cto_bidid
Value: ECYHV19tZmJvRnBzbHBSbEslMkZ1VlFOTm1za3lId1h6Z3BXJTJCNyUyRnlsSFBrZkxrQzhLJTJGT0Y5bG1Sc2d4enl6Qld2QldPUFQyOWl6dU5FSUklMkY0aXZSJTJGc3ZSazN0SnVWSWJ6NmI2WVlPc2lrZ2NvNEtKNCUzRA

3 Console Messages

Source Level URL
Text
javascript warning URL: https://report.if.ua/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n339184&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://report.if.ua/
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16834993&s16836604&t0&c1&n339184&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4857462492105343&output=html&adk=1812271804&adf=3025194257&lmt=1656416457&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Freport.if.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1656416457319&bpp=42&bdt=277&idt=325&shv=r20220623&mjsv=m202206230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7023710603112&frm=20&pv=2&ga_vid=2043204372.1656416458&ga_sid=1656416458&ga_hid=1903988097&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31068195%2C42531605&oid=2&pvsid=200302209512332&tmod=1866743392&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=364
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adservice.google.co.uk
adservice.google.com
adx.adform.net
bidder.criteo.com
c.bigmir.net
c1.adform.net
cdn.connectad.io
cdn.jsdelivr.net
cm.g.doubleclick.net
cmp.optad360.io
ep.umobile.pl
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
get.optad360.io
googleads.g.doubleclick.net
gum.criteo.com
i.bigmir.net
i.connectad.io
ib.adnxs.com
match.adsrvr.org
mug.criteo.com
optad360-d.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
prebid-eu.creativecdn.com
prebid.a-mo.net
report.if.ua
script.4dex.io
ssp.wp.pl
static.criteo.net
stats.g.doubleclick.net
std.wpcdn.pl
sync-eu.connectad.io
sync.mathtag.com
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
116.202.115.24
142.250.184.194
142.250.185.226
147.75.85.234
151.101.193.108
178.250.0.157
178.250.2.131
185.184.8.90
185.29.132.245
193.239.68.97
193.239.71.100
212.24.97.24
212.77.98.32
212.77.99.29
2600:9000:206f:5200:6:b871:4f00:93a1
2600:9000:206f:c000:11:a4de:2580:93a1
2606:4700:10::6816:37ce
2606:4700:20::ac43:4bf1
2606:4700::6810:5514
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2008
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:400c:c07::9a
2a00:1450:401b:807::2003
2a02:2638::1c
2a02:2638::3
3.33.220.150
34.98.64.218
35.244.159.8
37.157.2.239
37.157.4.25
37.252.172.45
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
064604e71bffa5ab18548ebb0f31771f4751bad5c46baa9056d4cc0d2e6c552c
068dec34b7f52222f8a46042f6e5fec85f1bb994ea911119a918f6ae7fde70d5
07630498fb81f053a3040d6553c2aa4590e146278bb5c1ffafd6bddbd725f882
08310a38e1d835581344c32142e99894872ffa876fd5c75cf7c1eb85853e45f6
08f0465386d9897c95370a004f5251b304dc4f94a73541cccd1ee87c02de2f60
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1159ba1e605fff6cdf2a2d9b390446ca25df82d99b25cf1c4885ba173991590d
133974970cd7dafaa652f6cff32bc1a0dafd5ccd58e428ff06edd3c74e31833e
1431822786c62e30e156f7db4cd30f2f74cdd43ea5c532ec55763626d74e198d
1db3d8a4e35eb332c679bea44de7ac2e1e27cb5cfb8ffc1909a8cc420f00b5b9
1fc65583a139502d8603398f94b66aa9af126cae8bc6d72346a496bfc0c3efc9
278a038fd510240f76a0b812d57f7cd0ee7ba7ec252ab960cdf1997c02cf0523
27b58cb679ac47e68e39f71af81ab84fbb754aad7e2dc35ce0f7c1a10afda08f
2a1b70585e1323242402e8759c1f98b598f856c27bea7d5a50f777deffd916e3
2e255dae325d9c269befa6b68161a1b40503e48cf3dd3060f18c14f9c6bd9f0e
2e956dc1ba3121986410046936c4c61aa00b47adca90e2c7a12d33e3ac41fe04
30fc397eff83c164fd33a177ddd2d3de2e1814c402b4ec3647f7313685bc64b0
35703cfab4436ea19ad920b66165c2df1f54b9efbb5682ae9b374a2efb5a0575
39515949a009264d8438b4dc1af695b838973afc66408b3b9d0c90c5b68850b6
3b0e08a873aa959ef3f05634d4bf7ea305aeed6da277784fbbdc3b00f386e5b5
3b800f039c220f9ae4506d735f9ff593d6872c7a8ad4050da17dd8f2dcd76b6a
3bb812978314795429571fecdf3e5018323ba7c0723318ffd2b1533ce5535579
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3f62d2f95c3642606f92c38db573546731c3430e4d0fa101c0b2fdfd63695bb5
43e518c89b586ab2e55a2cf85d25228a40c58be953b5716136660a32a9fcf19a
442cced2321c6ef43afadfdfce3ad62e1fc6cfef52a8f831212cf5fb67aa2ce9
44384efd1786a63b88af1ab8ae01d1e585956a920127678eb07bae8491ca81cf
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5986d107045f5a26232acfd742721f7c76e519f4bb3d63f564363b139971c86d
5a6598d59a7cfbd2402f1a9d23fce875f21966f6c8a38ff1a6d5be3b82d2b2e8
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
5f8dab8871a6005ab8d97c0c6b1fa0be2cb359ca3ca7864f92e8e89d78ce6883
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61487d75812bc5166abd7b733ea9d8f6bdbd0767b270c65eb3ea1700568e4adc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
636c486cc865655e882b671daac5c2edad7fa375be58a343d57364e385f6ebf6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7022ca758ad0b7f4bd8269777b4a697ef25e950e23403b0da91a6857dd1484bc
704d1d0fc963c213f27b42d57bb7257c003c8eb372305fbca4e2b436323d4d7e
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
830fc1a1a04c9c07c4a5a574220105ba177da937c895bfab19fbdc47783fea9c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c9eea35b6fa0550562b7d76ab81b19549759f4ce4374e541d187b8697293e23
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9271965a8eda49ad2e1e8bdc7eb80ea846f0b7cd5b986b29f4ee38a8b88a3949
93dd2d7f68186aff042ef6ec5e3df1649c9d87d03eadc297627ca374357d3648
95175e6b60d8c091d4b1360b8d02e51f4046b4ff78fd7127e0a1b4b5976b4cbe
a0018ab327befdb75104b7ff8f033ed3d84eb30934548cd9cb0f3c4822995479
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b3021075817f0b03b8cf125bc75831eae29c6e121f0c2153a395a3386b823b
a455924192c13db118d571bd894b18a4ce83c939708219cef08a7550fcef0d21
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a61ff7be93bae5ee9148e9b9005736c1fab9ed97aca28c7432de49e545644b64
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a95ee40714455cbf09583b91749c105d0ff6a24c7106cd3edfb0269096d09f12
a9ddf516da77057e7d8efbb2320b9ba9390acf206f7806d21ab389c9d23350c8
aaabb5cd0814895afd2c1fba22945ec385581f25c811b4fcb7073b9d3a23064a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4ec4d433126f022c6bf0b4d757d082d63dcb69813774b3e96490212439d4e82
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
c138384c780b3723f40bdf020a828e3b414aaa14d0ab55c00e7f518e838b253f
c38ce2e75f4ed26bbbe1c4f6485a05c0ca4a97aee02ebf4365a446183525e2c7
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c65d44a2e2167527c8dad3b71f6c1821371c564667b68769f73a1dd18c35c63b
cfb8cf793f234253a8404d4b5221cb675709a3c15c8f5ca5416818c18fa17102
d0f7a26d388b4186c9b4f3b328cad51913a59278a64ba3f6bcf4f049bebd5893
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfe0c44bc5ff1b544cb4804ccac0b66e9bb96897d5787c0dcdaed11a9bdb19e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6088f859710b679bdf8f4694d65d66b92be7b6edc2ce21f27f34426b14cf213
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ed36cf1c0dd8a407d9c0f73e23012cb590d59bb774337e8983aad325ef7bc198
fde8505bc5354e71ef5093ba67b6d0957362d3935e7861f86929b7c61f2a29a6