ivona.ua Open in urlscan Pro
65.9.63.37  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://ivona.ua/ HTTP 301
   https://ivona.ua/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

• https://gaua.hit.gemius.pl/_1653365935717/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=FuNq8EmneOIBksFHakCmYdz.M0bvV3ycB.BcCaSbbvD.47_LaXdsfcpW04S_NSvvDpb5HtDOBy9chbINU4Gi1ChL29BK/RwTkzUvwges23/&ltime=263&fpdata=sCMa.zxd272b4sZcXpYiLLaD_a1IN7CjrVYPtfCMC2H.E7&fpcap= HTTP 301
• https://gaua.hit.gemius.pl/__/_1653365935717/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=FuNq8EmneOIBksFHakCmYdz.M0bvV3ycB.BcCaSbbvD.47_LaXdsfcpW04S_NSvvDpb5HtDOBy9chbINU4Gi1ChL29BK/RwTkzUvwges23/&ltime=263&fpdata=sCMa.zxd272b4sZcXpYiLLaD_a1IN7CjrVYPtfCMC2H.E7&fpcap=

Request Chain 108

• https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=1e651872-68a2-412f-a39c-ee5ceedb3d87&gdpr=0&gdpr_consent= HTTP 302
• https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=1e651872-68a2-412f-a39c-ee5ceedb3d87&gdpr=0&gdpr_consent= HTTP 302
• https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=08cc04c6-b326-4d0b-b812-f7e69d90eec5&ssp=prodoohmox&gdpr=0&gdpr_consent=

Request Chain 199

• https://d.adtriba.com/collect?atb_ptid=70ea7f65&atb_dpuid=Google&atb_dcaid=Display-_-Google-_-G_FTI_DE_GDN_Travel-Tuesday_Gutschein-_-ZG_Similar-Audiences-_-traveltuesday&utm_source=Google&utm_medium=Display&utm_content=G_FTI_DE_GDN_Travel-Tuesday_Gutschein&utm_term=ZG_Similar-Audiences&utm_campaign=traveltuesday HTTP 302
• https://d.adtriba.com/px.gif

Request Chain 210

• https://d.adtriba.com/collect?atb_ptid=70ea7f65&atb_dpuid=Google&atb_dcaid=Display-_-Google-_-G_FTI_DE_GDN_Travel-Tuesday_Gutschein-_-ZG_Similar-Audiences-_-traveltuesday&utm_source=Google&utm_medium=Display&utm_content=G_FTI_DE_GDN_Travel-Tuesday_Gutschein&utm_term=ZG_Similar-Audiences&utm_campaign=traveltuesday HTTP 302
• https://d.adtriba.com/px.gif

Request Chain 223

• https://d.adtriba.com/collect?atb_ptid=70ea7f65&atb_dpuid=Google&atb_dcaid=Display-_-Google-_-G_FTI_DE_GDN_Travel-Tuesday_Gutschein-_-ZG_Similar-Audiences-_-traveltuesday&utm_source=Google&utm_medium=Display&utm_content=G_FTI_DE_GDN_Travel-Tuesday_Gutschein&utm_term=ZG_Similar-Audiences&utm_campaign=traveltuesday HTTP 302
• https://d.adtriba.com/px.gif

Request Chain 235

• https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_s_alw-on HTTP 302
• https://d.adtriba.com/px.gif

Request Chain 241

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 244

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP4ggvgiKJuXSIFYYIawlLE&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP4ggvgiKJuXSIFYYIawlLE&google_cver=1&C=1

Request Chain 245

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoxcsfAvQSwxh7nhsX57swAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP4ggvgiKJuXSIFYYIawlLE&google_cver=1

Request Chain 246

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEDlmxWKDRfffkxXZ048Hdc0&google_cver=1

Request Chain 247

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxODc5ODg4Njc4MjY2NzI1OQ%3D%3D

Request Chain 248

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 249

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 253

• https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEEV7ySi-MNMnMV4RtxB4TLk&google_cver=1&google_push=AYg5qPL0NDtVa8Ck0dd5AwnvGOoAbFBfw2v5KbWI-otZX01QbtGPJ_r3SInyyF6bL6NiQQt-TBC4UbXkVuPZfrcv5nNzEnLfFMc HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPL0NDtVa8Ck0dd5AwnvGOoAbFBfw2v5KbWI-otZX01QbtGPJ_r3SInyyF6bL6NiQQt-TBC4UbXkVuPZfrcv5nNzEnLfFMc&google_hm=NTkwNDg2Nzc1MTExOTM1ODEw HTTP 302
• https://a.rfihub.com/cm?pub=445&google_error=5

Request Chain 254

• https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA0-3SJ607XKfleud2LqL48&google_cver=1&google_push=AYg5qPKaX08AIGQ-YrXGyFnESOBdAhx9QPRKAwIFoufkUB9v3iefGM6I4FkvUokifkO79gNyavOmULhNmjj2VDu-ObPzx4lx6Kk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMTE1MjYyNzc1MDUzMzI2OA%3D%3D&google_push=AYg5qPKaX08AIGQ-YrXGyFnESOBdAhx9QPRKAwIFoufkUB9v3iefGM6I4FkvUokifkO79gNyavOmULhNmjj2VDu-ObPzx4lx6Kk

Request Chain 256

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOeg9FsMLZ0kShgfrv-x4Z4&google_cver=1&google_push=AYg5qPJsBwZVFnAv_MqC2hrgYOeRmVg47kCUH4wEfAw14TU2WEHgaqbhalgNKo1j-Cq6X-qi0jLbCcojczYUmItXO7I2FXtnUvw HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOeg9FsMLZ0kShgfrv-x4Z4&google_cver=1&google_push=AYg5qPJsBwZVFnAv_MqC2hrgYOeRmVg47kCUH4wEfAw14TU2WEHgaqbhalgNKo1j-Cq6X-qi0jLbCcojczYUmItXO7I2FXtnUvw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDgwMDk3OTQwMDU4MjI2Mzc4Mw&google_push=AYg5qPJsBwZVFnAv_MqC2hrgYOeRmVg47kCUH4wEfAw14TU2WEHgaqbhalgNKo1j-Cq6X-qi0jLbCcojczYUmItXO7I2FXtnUvw

Request Chain 257

• https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOeg9FsMLZ0kShgfrv-x4Z4&google_cver=1&google_push=AYg5qPL_YNQphIQfnkHkZuWMBEo-mD3gAHMpanXEmw2UUzVEb4PpYRSu9QxDvB54g59Rm7G7dYcaOoxwMctl259gHyHG8OLaKsM HTTP 302
• https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOeg9FsMLZ0kShgfrv-x4Z4&google_cver=1&google_push=AYg5qPL_YNQphIQfnkHkZuWMBEo-mD3gAHMpanXEmw2UUzVEb4PpYRSu9QxDvB54g59Rm7G7dYcaOoxwMctl259gHyHG8OLaKsM HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ2NDI1MTg1NzM2MzgwNjMxNw&google_push=AYg5qPL_YNQphIQfnkHkZuWMBEo-mD3gAHMpanXEmw2UUzVEb4PpYRSu9QxDvB54g59Rm7G7dYcaOoxwMctl259gHyHG8OLaKsM

Request Chain 258

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECnCqC8B6amXzNePS9nK99Y&google_cver=1&google_push=AYg5qPLUA0ewf5WvETdn--AYrelvRnxT_OudZF7yiGg4EdixtI2FYoCPzQVhtrktdkTO_ouBWoca0OqhByBjfuuV-kk7VKYYqKY HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNKTkUyRlMtMVgtN0owMQ==&google_push=AYg5qPLUA0ewf5WvETdn--AYrelvRnxT_OudZF7yiGg4EdixtI2FYoCPzQVhtrktdkTO_ouBWoca0OqhByBjfuuV-kk7VKYYqKY

Request Chain 259

• https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDAiFBfQTQ0OAAvfGzVOX3Y&google_cver=1&google_push=AYg5qPJ4retooljmd5rgv7gDhv-34zkEuxMyVr24ooXpbJTFACQdBiJstyXHGMx1_-DZVGgnExEX84Ad9TK6x3RWZpu2_boa50ez HTTP 302
• https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDAiFBfQTQ0OAAvfGzVOX3Y&google_cver=1&google_push=AYg5qPJ4retooljmd5rgv7gDhv-34zkEuxMyVr24ooXpbJTFACQdBiJstyXHGMx1_-DZVGgnExEX84Ad9TK6x3RWZpu2_boa50ez&verify=true HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Mc2kuZzN4RTJ1R1Z4SkYudEpjamMwN2dWTG84amNFWn5B&google_push=AYg5qPJ4retooljmd5rgv7gDhv-34zkEuxMyVr24ooXpbJTFACQdBiJstyXHGMx1_-DZVGgnExEX84Ad9TK6x3RWZpu2_boa50ez

Request Chain 289

• https://www.facebook.com/v3.1/plugins/page.php?adapt_container_width=true&app_id=1797034293858937&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2abe947b7d5634%26domain%3Divona.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fivona.ua%252Ff21c951d1405d2%26relation%3Dparent.parent&container_width=320&height=600&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FIvona.bigmir.net%2F&locale=uk_UA&sdk=joey&show_facepile=true&small_header=true&tabs=timeline HTTP 302
• https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2abe947b7d5634%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff21c951d1405d2%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline

296 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
8 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ivona.ua/ Redirect Chain http://ivona.ua/ https://ivona.ua/	102 KB 24 KB	176ms 61ms	Document text/html	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash 535fd473600fcf97b454b33e71950525c6f35cf56ca0c514ffedbcc4de0290b7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers age 140 cache-control public, max-age=300 content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 24 May 2022 04:19:21 GMT server nginx via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) x-amz-cf-id Aonmm9oqmBgoymbEOv-M3Ts9621diCXzbRYXlyTJ1eTUOxdI62gxsA== x-amz-cf-pop FRA56-C1 x-cache Hit from cloudfront Redirect headers Connection keep-alive Content-Length 183 Content-Type text/html Date Tue, 24 May 2022 04:18:54 GMT Location https://ivona.ua/ Server CloudFront Via 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront) X-Amz-Cf-Id 6NaCIQUQXITCObWyflFjKpvlmkYbpTFzzfJZSXZXpNwhfWrsaBaogw== X-Amz-Cf-Pop FRA56-C1 X-Cache Redirect from cloudfront
GET H/1.1	200 OK	holder.js Show response i.holder.com.ua/t/	9 KB 4 KB	247ms 79ms	Script application/x-javascript	91.198.36.26 DIGITAL-VENTURES
General Check archive.org Show headers Download Go to Full URL https://i.holder.com.ua/t/holder.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA), Reverse DNS i1.i.ua Software nginx / Resource Hash 8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 24 May 2022 04:18:55 GMT Content-Encoding gzip Last-Modified Tue, 25 Jul 2017 14:14:15 GMT Server nginx Vary Accept-Encoding Content-Type application/x-javascript Cache-Control max-age=31536000 Transfer-Encoding chunked Connection keep-alive Keep-Alive timeout=5 Expires Wed, 24 May 2023 04:18:55 GMT
GET H2	200	loader2.js Show response cdn.admixer.net/scripts3/	176 KB 55 KB	445ms 151ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://cdn.admixer.net/scripts3/loader2.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-id fr5-up-gc37 date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip last-modified Mon, 16 May 2022 12:23:59 GMT server nginx etag W/"6282425f-2c101" x-cached-since 2022-05-24T04:10:51+00:00 content-type application/javascript cache-control max-age=600 cache HIT expires Mon, 16 May 2022 12:35:25 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	100 KB 39 KB	182ms 66ms	Script application/javascript	2a00:1450:4001:808::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-206274582-1 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 08b01fff46f7f2bce4ebb320988ad10ab58e6856f69b3ccb861c5451705d6124 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 39548 x-xss-protection 0 last-modified Tue, 24 May 2022 03:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Tue, 24 May 2022 04:18:55 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	141 KB 50 KB	203ms 74ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 40a560401602a6143812e3299ef75964cdb33db34a71e3a96ba39ea19e623bad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ivona.ua/ Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 51006 x-xss-protection 0 server cafe etag 14743911014005941571 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Tue, 24 May 2022 04:18:55 GMT
GET H2	200	css fonts.googleapis.com/	5 KB 1 KB	181ms 65ms	Stylesheet text/css	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 015e4b567c96c225b5aa2fdb9990d4464bd60bf5611c41897e59ac1237b17b7e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 24 May 2022 04:18:55 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 24 May 2022 04:18:55 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 24 May 2022 04:18:55 GMT
GET H2	200	all.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/	56 KB 11 KB	143ms 50ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1669889 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 10022 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e60-de0a" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHQlMOFU7ROKzYqDxzncQCxXC%2B5i6Fy1lnfue2UDHumsmD815yp9qpory6BHezFEw0cJ5NnWvW2pHebS6IXgVnZPPqj7%2BW%2BcXgoGLfXBTmBnXRnvCPplDWRF%2FG9yQKa2myPJrKhzXf8b5iqtBvNwqXP7"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 71033ae61c5975d8-LHR expires Sun, 14 May 2023 04:18:55 GMT
GET H2	200	bootstrap.min.css stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/	152 KB 25 KB	150ms 58ms	Stylesheet text/css	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ivona.ua/ Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 756 age 18128477 cdn-cachedat 08/11/2021 05:41:31 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.0 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:08 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 27a190e191c0dca7409baea7457d9021 cf-ray 71033ae61db971f3-LHR cdn-requestcountrycode FR cdn-status 200 cdn-requestpullsuccess True
GET H2	200	v10 ivona.ua/css/style.css/	77 KB 15 KB	55ms 54ms	Stylesheet text/css	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ivona.ua/css/style.css/v10 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash 2c87d3e2f818ba84a6d76a422499b997d743c05d936adfd84539290a8f0fec42 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 09 Feb 2022 11:22:24 GMT content-encoding gzip age 8960081 x-cache Hit from cloudfront last-modified Wed, 09 Feb 2022 11:22:20 GMT server nginx etag W/"6203a3ec-13503" access-control-allow-methods GET, POST, OPTIONS content-type text/css via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) cache-control max-age=315360000 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 access-control-allow-headers * x-amz-cf-id jHUnNARGXL612i9RTj4PAvHK9icCySFG8kdr75rD1jMTzOvv9GOKgQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	v10 ivona.ua/a-custom/custom.css/	970 B 830 B	56ms 55ms	Stylesheet text/css	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ivona.ua/a-custom/custom.css/v10 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash 8c49566661e25a56098710ae7c23c306a8cd94bf3ac3614686aa7f9a3afb1c32 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 09 Feb 2022 11:22:24 GMT content-encoding gzip age 8960082 x-cache Hit from cloudfront last-modified Mon, 11 Oct 2021 09:24:29 GMT server nginx etag W/"616402cd-3ca" access-control-allow-methods GET, POST, OPTIONS content-type text/css via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) cache-control max-age=315360000 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 access-control-allow-headers * x-amz-cf-id TUvKJLgJUNOm2jHFNPYSsluu3wkLkG_i0okBKCf8P5YiYIV2l_-iNQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/	95 KB 30 KB	143ms 51ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2134724 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 30360 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-17b8b" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8TqcT2gTbZ37F%2BhtFrEOPijuzPQwh1yaIvH4VN52wMrpl9aFA3hFZGW7j405bJG0sapREPxLluNq%2BkoVrpQ9lzC6Sa8wsE5rhTRByxeud9GAZHMH1bWEVlGax5%2FhiFhlzgXa2NmesomvRSgMPla6ebN"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 71033ae61c5b75d8-LHR expires Sun, 14 May 2023 04:18:55 GMT
GET H2	200	630x283.png ivona.ua/img/	130 B 585 B	57ms 56ms	Image image/png	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ivona.ua/img/630x283.png Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash 7b4b07d23354c543dc43e161b5abe841f026ebaf1d53ac0cce0e3884b970f871 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 22 Feb 2022 20:57:57 GMT via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) age 7802474 x-cache Hit from cloudfront content-length 130 last-modified Sat, 24 Jul 2021 16:19:44 GMT server nginx etag "60fc3da0-82" access-control-allow-methods GET, POST, OPTIONS content-type image/png cache-control max-age=315360000 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 accept-ranges bytes access-control-allow-headers * x-amz-cf-id eG3xPbV8BWkO_cGbGdZAqbu30-0hZcpBLaN-5oaVRpC9f9-fVd-BvA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	4x3.png ivona.ua/img/	96 B 544 B	56ms 55ms	Image image/png	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ivona.ua/img/4x3.png Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash a10e7064bf6a788c67304be2dacba454fca986a3bac0d0de71c79fb6a54bd1bc Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 20 Mar 2022 22:23:13 GMT via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) age 5550973 x-cache Hit from cloudfront content-length 96 last-modified Sat, 24 Jul 2021 16:19:44 GMT server nginx etag "60fc3da0-60" access-control-allow-methods GET, POST, OPTIONS content-type image/png cache-control max-age=315360000 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 accept-ranges bytes access-control-allow-headers * x-amz-cf-id dQgZDpzS5wnAFZ41PL0ve7SdY967bj0wS1NJaXvaEIPwdyEsJvW-vg== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/	21 KB 7 KB	97ms 49ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://ivona.ua/ Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 988759 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6646 timing-allow-origin * last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-520c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=inGuMlr88QlA15N2mU4QJVAUyZCCBjsRpC5OS37fkbsoKmSZ%2B%2FY1riryHswawZzMU4BC30xJYqD2eMmXYP7jwWLMf9NAAi3K7rEWjaCf1MxdhWWlTShAk9PkjQbz4I2C4M%2Fa7s33S0XB0ExOZKUbIy54"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 71033ae76beb75ad-LHR expires Sun, 14 May 2023 04:18:55 GMT
GET H2	200	bootstrap.min.js Show response stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/	57 KB 16 KB	54ms 52ms	Script application/javascript	2606:4700::6812:bcf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ivona.ua/ Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT cdn-edgestorageid 601, 617, 617 age 6728656 cdn-cachedat 2021-08-02 21:50:12 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 timing-allow-origin * access-control-allow-origin * last-modified Mon, 25 Jan 2021 22:04:08 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 58a78e2fccd09fba8240049355e5ebfe cf-ray 71033ae73ef771f3-LHR cdn-requestcountrycode FR cdn-status 200 cdn-requestpullsuccess True
GET H2	200	jquery.fancybox.min.js Show response cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/	67 KB 20 KB	53ms 50ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1655088 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 19249 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:00 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e58-10a9d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BlqTHuu%2FgBgAaaRKayiXFq1IreETPeS2G3mYYBBX1tsIqgHSK%2FaQMkn5ofZ236Y5XT1fTV0TDzljMnKYIE%2FcI9jqYQsxiQ07w1MqY4UrQM58IKatk58dR%2F5XkgdxGPceYN%2FaAD7PsyD9W6vk4xC79Q4"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 71033ae73d8175d8-LHR expires Sun, 14 May 2023 04:18:55 GMT
GET H2	200	lazyload.js Show response cdn.jsdelivr.net/npm/lazyload/	6 KB 2 KB	152ms 50ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/lazyload/lazyload.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 4214 x-jsd-version 2.0.0-rc.2 x-cache HIT, MISS cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19150-FRA, cache-itm18843-ITM timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8bKx3%2BUznbhk6h62n2mOt%2BoRzpwC13kU%2FLqvwHmQT4BtgfDdFoPL0DvQJUEl0XODleReE2nVENqzQaMvrt%2B0Zh4RqxhaBvDlLVf5BSILA9X3B6FyuyGElOVrX8CqEIqn%2Fvom8FDMz8ob8Lbcprw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 71033ae7dbe57723-LHR
GET H2	200	v10 Show response ivona.ua/js/theme-script.min.js/	2 KB 1 KB	57ms 54ms	Script application/javascript	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ivona.ua/js/theme-script.min.js/v10 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash 6056ffc424715134bc8cb5583ce0af5e2bb6c2eb772550a0519e1afd163eb4d6 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 09 Feb 2022 11:22:25 GMT content-encoding gzip age 8960082 x-cache Hit from cloudfront last-modified Wed, 09 Feb 2022 11:22:20 GMT server nginx etag W/"6203a3ec-693" access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=UTF-8 via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) cache-control max-age=315360000 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 access-control-allow-headers * x-amz-cf-id pMsjgvIF82lMVrnP4P_1RQvSM3dCGsaHLDywQYntkAzmHaKD3003Iw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	v10 Show response ivona.ua/js/banner-index.js/	2 KB 807 B	56ms 54ms	Script application/javascript	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ivona.ua/js/banner-index.js/v10 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash 24b8dee038e42eb0a35f5f2250385a6e7821a0410a4c55f4afaab79dad56b470 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 25 Mar 2022 01:23:48 GMT content-encoding gzip age 5194546 x-cache Hit from cloudfront last-modified Sat, 21 Aug 2021 13:24:17 GMT server nginx etag W/"6120fe81-725" access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=UTF-8 via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) cache-control max-age=315360000 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 access-control-allow-headers * x-amz-cf-id cu5CnDfQWRBysovI0A34DJgxyD_4T8OoaGRa1IC9KO2oOGuXOgKjjw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	article-stat-v2.js Show response ivona.ua/click/js/	976 B 1 KB	159ms 157ms	Script application/javascript	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ivona.ua/click/js/article-stat-v2.js?8 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash 8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:21:42 GMT via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) last-modified Mon, 29 Apr 2019 05:26:10 GMT server nginx x-amz-cf-pop FRA56-C1 etag "5cc68af2-3d0" access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=UTF-8 access-control-allow-credentials true x-cache Miss from cloudfront accept-ranges bytes access-control-allow-headers * content-length 976 x-amz-cf-id 7gqrL7rXG5UQEJuZU-zNk5HuoKpkHf-xoYNhQdq_5T12ahobJvbaVQ==
GET H2	200	jquery.cookie.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/	1 KB 934 B	50ms 48ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3457111 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 591 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:45 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec1-514" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPuLYleOb%2Fv3dnqZtNnQa7swfVZ5wtua2LgcLWJ%2FT84Xvzi7XxnSmoASVXT9gUi%2FiZN9NeWFjYHgos4sXQvHhSV9VwWbCFiE8if39yMO%2BEg9Z6e07z667F1%2FBklGhuZDn4RFq5mbefpwetycZSISi%2Bzz"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 71033ae73d8375d8-LHR expires Sun, 14 May 2023 04:18:55 GMT
GET H2	200	md5.min.js Show response cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/	4 KB 2 KB	50ms 49ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 5820795 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1339 timing-allow-origin * last-modified Mon, 04 May 2020 16:06:35 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03d8b-eb6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZT3R8vsRvIXEd4O4aPTvY0BbqtlNLlLIuE13yGBAMmp8ZP9kssuYCv%2FrHpY%2BZ7vkRVipsiNBoypdhNymMN8C%2F1DZG0SKTnkl5FN1BEuloeawecaK5C4kOdc4rCB6Ii2bR6X%2FwGQdU963Z6xH84ze8Pcq"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 71033ae73d8575d8-LHR expires Sun, 14 May 2023 04:18:55 GMT
GET H2	200	toastr.min.js Show response cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/	5 KB 2 KB	51ms 49ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 2654083 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1763 timing-allow-origin * last-modified Mon, 04 May 2020 16:17:02 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ffe-1483" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BpP2cgudEJdR31bIHp94imsdjwJ4PX8hECnn7vAXsVGYDvX8FkBb9mRHWhJeO1oxdfRrm%2B48LasFJfp6hkZW5sPuLVY7ddltPaeCYu1kyv190uvn%2BSXSLC9bHi9fgSVMb8hrpzkN6JWdYweTTvhwB3QJ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 71033ae73d8675d8-LHR expires Sun, 14 May 2023 04:18:55 GMT
GET H2	200	common.js Show response ivona.ua/click/js/	3 KB 3 KB	158ms 157ms	Script application/javascript	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ivona.ua/click/js/common.js?1 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:21:42 GMT via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) last-modified Mon, 06 Jan 2020 10:11:50 GMT server nginx x-amz-cf-pop FRA56-C1 etag "5e1307e6-a00" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/javascript; charset=UTF-8 access-control-allow-credentials true x-cache Miss from cloudfront accept-ranges bytes access-control-allow-headers * content-length 2560 x-amz-cf-id fPO85dBRc1d_JTNhu_g8SLWldo19g0joSVlkE2-kbvEcyrOKju1-OA==
GET H2	200	xgemius.js Show response gaua.hit.gemius.pl/	52 KB 14 KB	236ms 77ms	Script application/x-javascript	54.37.238.28 OVH
General Check archive.org Show headers Download Go to Full URL https://gaua.hit.gemius.pl/xgemius.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.37.238.28 , France, ASN16276 (OVH, FR), Reverse DNS ip28.ip-54-37-238.eu Software GHC / Resource Hash 229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip last-modified Mon, 23 May 2022 06:21:53 GMT server GHC vary Accept-Encoding,Origin p3p CP="NOI DSP COR NID PSAo OUR IND" cache-control max-age=43200 cross-origin-resource-policy cross-origin accept-ranges none content-type application/x-javascript content-length 14031 expires Tue, 24 May 2022 16:18:55 GMT
GET H2	200	e.js Show response cdn.umh.ua/libs/	6 KB 3 KB	173ms 54ms	Script application/javascript	78.159.118.240 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://cdn.umh.ua/libs/e.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash 4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block; Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip x-content-type-options nosniff vary Accept-Encoding x-xss-protection 1; mode=block; last-modified Tue, 01 Mar 2022 15:54:34 GMT server nginx etag W/"621e41ba-16f4" access-control-max-age 1728000 access-control-allow-methods GET, OPTIONS content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=86400 access-control-allow-credentials true access-control-allow-headers X-PINGOTHER expires Wed, 25 May 2022 04:18:55 GMT
GET H2	200	sdk.js Show response connect.facebook.net/uk_UA/	3 KB 2 KB	173ms 54ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/uk_UA/sdk.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 46663e338a0324ffa390c8d7b5f16c2d9cdb434cd521d7fee964e37161cecda0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 HEQZND6RlRs615GKNP6utw== document-policy force-load-at-top cross-origin-resource-policy cross-origin expires Tue, 24 May 2022 04:38:10 GMT alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 1686 x-fb-rlafr 0 x-fb-debug PHe3hxEUmvV2ASsXD7UAc7L6AgpXIIjNOqq21ZDAmFeU7tQFarZRNJnM9EM7idQBT+rl4yWJDjuNuOjqB5Orgw== x-fb-trip-id 2050670934 x-fb-content-md5 5df1ee62dfc475055406f619649e5450 cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" date Tue, 24 May 2022 04:18:55 GMT x-frame-options DENY report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public,max-age=1200,stale-while-revalidate=3600 etag "53f1be29b76c0ab7f4cae400080225bf" timing-allow-origin * access-control-expose-headers X-FB-Content-MD5
GET H2	200	logo.png ivona.ua/img/	1 KB 2 KB	53ms 53ms	Image image/png	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ivona.ua/img/logo.png Requested by Host: ivona.ua URL: https://ivona.ua/css/style.css/v10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash 2a5ffc4b5364d3c9b497b0358cec59b47658cdbb7455e840977d80dffcc4c37b Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/css/style.css/v10 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 27 Aug 2021 11:26:19 GMT via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) age 23302136 x-cache Hit from cloudfront content-length 1326 last-modified Sat, 24 Jul 2021 16:19:44 GMT server nginx etag "60fc3da0-52e" access-control-allow-methods GET, POST, OPTIONS content-type image/png cache-control max-age=315360000 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 accept-ranges bytes access-control-allow-headers * x-amz-cf-id H103rjS8-_XSHvVh4MxIUjiGQwUoyHU20-3vPDOO0IDNcU3VCPcPBw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	sitename.png ivona.ua/img/	1 KB 1 KB	54ms 54ms	Image image/png	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ivona.ua/img/sitename.png Requested by Host: ivona.ua URL: https://ivona.ua/css/style.css/v10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash ca18a695aa649c8be202136c7e83fe201f90b7c3391d45fbe971689d9bb3ebcd Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/css/style.css/v10 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 20 Dec 2021 00:23:06 GMT via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) age 13406008 x-cache Hit from cloudfront content-length 1058 last-modified Sat, 24 Jul 2021 16:19:44 GMT server nginx etag "60fc3da0-422" access-control-allow-methods GET, POST, OPTIONS content-type image/png cache-control max-age=315360000 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 accept-ranges bytes access-control-allow-headers * x-amz-cf-id 5LAPvNPjNau1Z2eRBqvKK1QA0nVLkmaVZfUrhlRUCeIxroMjT1WaWQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jizaRExUiTo99u79D0KExQ.woff2 fonts.gstatic.com/s/ptsans/v17/	44 KB 45 KB	170ms 55ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 18 May 2022 19:26:32 GMT x-content-type-options nosniff age 463943 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 45300 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:11:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 May 2023 19:26:32 GMT
GET H2	200	search_icon.png ivona.ua/img/	253 B 699 B	53ms 53ms	Image image/png	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ivona.ua/img/search_icon.png Requested by Host: ivona.ua URL: https://ivona.ua/css/style.css/v10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash 7a3e2211e9bf114d049bb17ffdab66a889f20a55770d462a3136b573e23c439c Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/css/style.css/v10 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 05 Mar 2022 01:51:50 GMT via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) age 6920824 x-cache Hit from cloudfront content-length 253 last-modified Sat, 24 Jul 2021 16:19:44 GMT server nginx etag "60fc3da0-fd" access-control-allow-methods GET, POST, OPTIONS content-type image/png cache-control max-age=315360000 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 accept-ranges bytes access-control-allow-headers * x-amz-cf-id eWPim6_Qf69GCVetbHPrmOhp5bWzpkDFLk9tm0SaEdKg4YCbbTVi2g== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	arrows.png ivona.ua/img/	562 B 1019 B	54ms 53ms	Image image/png	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ivona.ua/img/arrows.png Requested by Host: ivona.ua URL: https://ivona.ua/css/style.css/v10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash e0aa33565d329e1218a6d190b0aa8c20e73d637429df09713949330e4632d7cd Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/css/style.css/v10 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 27 Aug 2021 11:26:19 GMT via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) age 23302136 x-cache Hit from cloudfront content-length 562 last-modified Sat, 24 Jul 2021 16:19:44 GMT server nginx etag "60fc3da0-232" access-control-allow-methods GET, POST, OPTIONS content-type image/png cache-control max-age=315360000 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 accept-ranges bytes access-control-allow-headers * x-amz-cf-id v9shoV92AzrJgGxqGNNhHMJN7SradGhCX8Cs9lmwslLOcu24uQTgVA== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2 fonts.gstatic.com/s/ptsans/v17/	29 KB 29 KB	271ms 161ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 18 May 2022 19:27:09 GMT x-content-type-options nosniff age 463906 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 29928 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:55:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 May 2023 19:27:09 GMT
GET H3	200	fa-solid-900.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/	74 KB 75 KB	64ms 50ms	Font application/octet-stream	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 3453409 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 75728 timing-allow-origin * last-modified Mon, 04 May 2020 16:10:08 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e60-127d0" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfYLefvse6DlCR6ZazjiJV6UaOjnXGpnkuBDZFse1aJTVQ62xe051ewCqSc9ZKDk6R4tkUsRfH23K%2B4%2FZMZAX9O83lHMhETQS9Fma8F07TuJPkWSe0GqVRVaHy9zK0n9zbhs%2BmyzjYJTcpn9Tk8IZ8s3"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 71033ae76bec75ad-LHR expires Sun, 14 May 2023 04:18:55 GMT
GET H2	200	jizaRExUiTo99u79D0aExdGM.woff2 fonts.gstatic.com/s/ptsans/v17/	28 KB 28 KB	224ms 117ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0aExdGM.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 18 May 2022 19:26:33 GMT x-content-type-options nosniff age 463942 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28444 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:45:23 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 May 2023 19:26:33 GMT
GET H2	200	bigmir_logo.svg ivona.ua/img/	3 KB 2 KB	62ms 62ms	Image image/svg+xml	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ivona.ua/img/bigmir_logo.svg Requested by Host: ivona.ua URL: https://ivona.ua/css/style.css/v10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash 33ba16e1b1d8a7bd9b5fd855dbe3db459460d39b818944c98fa56efc03d04070 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/css/style.css/v10 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 16 Oct 2021 15:48:31 GMT content-encoding gzip age 18966469 x-cache Hit from cloudfront last-modified Sat, 24 Jul 2021 16:19:44 GMT server nginx etag W/"60fc3da0-d2d" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type image/svg+xml via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) cache-control max-age=315360000 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 access-control-allow-headers * x-amz-cf-id qn081PQC9J2xdGHRINkfwdqeeWCYavvpv9iTQH80kyPKZbiB4ZOn6A== expires Thu, 31 Dec 2037 23:55:55 GMT
POST H2	200	add-view Show response ivona.ua/click/articles/stat/	39 B 408 B	199ms 198ms	XHR application/json	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ivona.ua/click/articles/stat/add-view?cid=6&site=ivona&aid=5255288&0.5285004035572607 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash 0ef469692abec60d2a111275b3c4edead952d7b7a2c23595fefd9a430e1362f8 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://ivona.ua/ X-Requested-With XMLHttpRequest accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Tue, 24 May 2022 04:21:42 GMT via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) server nginx x-amz-cf-pop FRA56-C1 access-control-allow-methods GET, POST, OPTIONS content-type application/json; charset=UTF-8 access-control-allow-origin https://ivona.ua access-control-allow-credentials true x-cache Miss from cloudfront access-control-allow-headers * x-amz-cf-id xrnSIDr8qxNJh0rHtvc-n6RnjimsThDbARniTaS7DfiUe88pFoETiA==
POST H2	200	z Show response s.zmctrack.net/ Frame 30DE	50 KB 23 KB	352ms 170ms	XHR text/javascript	185.187.81.40 IDSTRATEGY-AS
General Check archive.org Show headers Download Go to Full URL https://s.zmctrack.net/z Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA), Reverse DNS Software openresty / Resource Hash a75b80dab37404108bc56673fb3f656b55b12c6c7dc3c319df33971bf7b1ac82 Request headers Referer accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip server openresty access-control-allow-methods POST, GET, OPTIONS content-type text/javascript access-control-allow-origin * access-control-expose-headers X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check cache-control no-cache, no-store access-control-allow-headers X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent content-length 23351 expires Thu, 01 Jan 1970 00:00:01 GMT
GET H2	200	load Show response z.cdn.umh.ua/	920 B 969 B	64ms 54ms	Script application/javascript	78.159.118.240 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://z.cdn.umh.ua/load?z=1817662902&div=zone_1817662902&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Requested by Host: cdn.umh.ua URL: https://cdn.umh.ua/libs/e.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash 04303eaf975867859a38f17a5f192bcc57ebeae470505b449c56112041ee7103 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip server nginx p3p policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate content-type application/javascript; charset=utf-8 content-length 618 expires -1
GET H2	200	load Show response z.cdn.umh.ua/	814 B 922 B	65ms 55ms	Script application/javascript	78.159.118.240 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://z.cdn.umh.ua/load?z=2096059570&div=zone_2096059570&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Requested by Host: cdn.umh.ua URL: https://cdn.umh.ua/libs/e.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash 3463dedb8cd901c6005cd44ef2b859e661d74e06f820c33be3a906a76a592062 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip server nginx p3p policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate content-type application/javascript; charset=utf-8 content-length 571 expires -1
GET H2	200	load Show response z.cdn.umh.ua/	919 B 969 B	65ms 56ms	Script application/javascript	78.159.118.240 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://z.cdn.umh.ua/load?z=1604070069&div=zone_1604070069&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Requested by Host: cdn.umh.ua URL: https://cdn.umh.ua/libs/e.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash 24c22d810e7a5b2d0c4e55aee1817fba5fe642d823eb3ee0622fcd03c48c68b7 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip server nginx p3p policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate content-type application/javascript; charset=utf-8 content-length 618 expires -1
GET H2	200	load Show response z.cdn.umh.ua/	57 B 382 B	64ms 55ms	Script text/plain	78.159.118.240 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://z.cdn.umh.ua/load?z=2068016217&div=zone_2068016217&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Requested by Host: cdn.umh.ua URL: https://cdn.umh.ua/libs/e.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash b6ce302111de6cc0467e584ea54cd79e186e2c2d2872c1809ff7548ed750ce96 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:55 GMT server nginx p3p policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate content-type text/plain; charset=utf-8 content-length 57 expires -1
GET H2	200	load Show response z.cdn.umh.ua/	1 KB 1 KB	63ms 55ms	Script application/javascript	78.159.118.240 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://z.cdn.umh.ua/load?z=1451965891&div=zone_1451965891&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Requested by Host: cdn.umh.ua URL: https://cdn.umh.ua/libs/e.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash 74a2cbb65c01380b24a69d7d038a52362a71f883b94507e9f8b722beb8dc5a32 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip server nginx p3p policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate content-type application/javascript; charset=utf-8 content-length 742 expires -1
GET H2	200	load Show response z.cdn.umh.ua/	57 B 382 B	62ms 53ms	Script text/plain	78.159.118.240 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://z.cdn.umh.ua/load?z=1217097366&div=zone_1217097366&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Requested by Host: cdn.umh.ua URL: https://cdn.umh.ua/libs/e.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash c30b014e3192d3d0d52b07e96b08e53ae72996798717bd8a46eeecfb353e7f16 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:55 GMT server nginx p3p policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate content-type text/plain; charset=utf-8 content-length 57 expires -1
GET H2	200	load Show response z.cdn.umh.ua/	42 B 169 B	55ms 54ms	Script text/plain	78.159.118.240 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://z.cdn.umh.ua/load?z=1320962835&div=zone_1320962835&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Requested by Host: cdn.umh.ua URL: https://cdn.umh.ua/libs/e.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash 813e00e93ee3876232674bfb1e27eebbeebc4a9494fbe02aff87c00aa6834ee9 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:55 GMT cache-control no-cache, must-revalidate server nginx content-type text/plain; charset=utf-8 content-length 42 expires -1
GET H2	200	load Show response z.cdn.umh.ua/	2 KB 1 KB	56ms 55ms	Script application/javascript	78.159.118.240 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://z.cdn.umh.ua/load?z=1579786519&div=zone_1579786519&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Requested by Host: cdn.umh.ua URL: https://cdn.umh.ua/libs/e.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash d71ef06fac902fdded5b90de68383c17601def5f2a2eb9ad8556ed1476f32e68 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip server nginx content-type application/javascript; charset=utf-8 cache-control no-cache, must-revalidate content-length 944 expires -1
GET H2	200	load Show response z.cdn.umh.ua/	75 B 202 B	55ms 54ms	Script text/plain	78.159.118.240 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://z.cdn.umh.ua/load?z=1966145486&div=zone_1966145486&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Requested by Host: cdn.umh.ua URL: https://cdn.umh.ua/libs/e.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash 0c816db78c9677581e1a5944e4822496ff397e2fdba0df34a2f809b49562f3cf Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:55 GMT cache-control no-cache, must-revalidate server nginx content-type text/plain; charset=utf-8 content-length 75 expires -1
GET H2	200	load Show response z.cdn.umh.ua/	1 KB 946 B	56ms 54ms	Script application/javascript	78.159.118.240 LEASEWEB-DE-FRA-10
General Check archive.org Show headers Download Go to Full URL https://z.cdn.umh.ua/load?z=1424319715&div=zone_1424319715&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Requested by Host: cdn.umh.ua URL: https://cdn.umh.ua/libs/e.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305 Server 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE), Reverse DNS hosted-by.leaseweb.com Software nginx / Resource Hash 0d77a0a96779b78097600296114a634606395ecd3f9be86ad5bb93343c9f4325 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip server nginx content-type application/javascript; charset=utf-8 cache-control no-cache, must-revalidate content-length 793 expires -1
GET H3	200	sdk.js Show response connect.facebook.net/uk_UA/	293 KB 84 KB	111ms 54ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/uk_UA/sdk.js?hash=bc83bb62781b1c4c9a4e0dde91bb2b78 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/uk_UA/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 46d07b744283c529c41926ab96751fd8932e100c180318d45e1cefb6ed039b59 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://ivona.ua/ Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff content-md5 zIQTFij2F5E4Gu98NyaioQ== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 85475 x-fb-rlafr 0 x-fb-debug F+/5MDDdiTbL/7ojjal407Wppg7mNWEa68Bso31Xu11LLuZwLhmm3Qa19hbWUyRJu/JOYwUaAOmI89VOkZmJhA== x-fb-content-md5 e7baa5d93892de05c616664d7de601f1 x-frame-options DENY date Tue, 24 May 2022 04:18:55 GMT vary Accept-Encoding content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable etag "b1a47403eccabd19642a18d59035ea5c" timing-allow-origin * priority u=3,i expires Wed, 24 May 2023 00:50:46 GMT
GET H2	200	a26d6477648917fe45addf0231f966c1-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg i.ivona.ua/i/63/07/74/1/6307741/image_main/	81 KB 81 KB	192ms 59ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/63/07/74/1/6307741/image_main/a26d6477648917fe45addf0231f966c1-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash adbcd9e524ee0d4480e7375cf543c2c4418a5f702a20c99f3261905be87969e6 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 18:29:12 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Mon, 23 May 2022 18:26:18 GMT server AmazonS3 age 35384 etag "04b8ea36c0d1c409e7f6c9cb30425956" x-cache Hit from cloudfront x-amz-version-id dWhPYCScBAVwluX7Xk9BoTrLXHgFIgLW cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 82825 x-amz-cf-id q6KQkeaIguC5dH3EhsbKyhcNxB7UgP2fP6y3t20We2aIy8MV-IaGvw==
GET H2	200	a26d6477648917fe45addf0231f966c1-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg i.ivona.ua/i/63/07/74/1/6307741/image_main/	4 KB 4 KB	182ms 60ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/63/07/74/1/6307741/image_main/a26d6477648917fe45addf0231f966c1-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 1484768275122f1cefdd90faceffd774946b05b0bb9a062b32fe1e9c5b3a2b19 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 18:48:47 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Mon, 23 May 2022 18:28:25 GMT server AmazonS3 age 34209 etag "3028f73ee87e2273eb3dcec865a932c7" x-cache Hit from cloudfront x-amz-version-id aZ1A9lACbEyPoa.ijUUWIgjiHV00rER_ cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 4098 x-amz-cf-id vTWNB3iJzLSpdVO7dR4n9_n62O1MFb6cRcPvBlCqZr39OX4C-TeE5Q==
GET H2	200	1227eb683f421e385122c0b22657ada3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg i.ivona.ua/i/63/07/59/5/6307595/image_main/	7 KB 8 KB	177ms 70ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/63/07/59/5/6307595/image_main/1227eb683f421e385122c0b22657ada3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 481bd4092a0fff130afb7400268d904184487a730f56d831ecb8e88d5437c95b Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 18:25:31 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Mon, 23 May 2022 18:08:31 GMT server AmazonS3 age 35605 etag "e4e503d37311e233cef32580d54f54ca" x-cache Hit from cloudfront x-amz-version-id TCt6dYALsAPREm_vR2GroPhe2OjbDwjV cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 7367 x-amz-cf-id WOwanQsxHyVr3xNQ-4f3w2OeDs2x5_0Mk-lCy5nTFonAqANVoxCLug==
GET H2	200	0f10fb2206b41ec618b959205db2bd48-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg i.ivona.ua/i/63/07/66/4/6307664/image_main/	7 KB 8 KB	166ms 59ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/63/07/66/4/6307664/image_main/0f10fb2206b41ec618b959205db2bd48-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 34edd7a51192bf0baa4cf0ef04b846107adaa8bfcd825d5dae5014ca281685eb Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 17:04:30 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Mon, 23 May 2022 16:55:18 GMT server AmazonS3 age 40466 etag "16eb83c6697aa0ea4efbdbf968f4283b" x-cache Hit from cloudfront x-amz-version-id knrDEcosJklRhulqII_nwJSeJdKwKHS. cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 7647 x-amz-cf-id 53WU0Blnuzeyng3q8u519XG9jUPBejhfqe7eg92O0rZzQfB-dKtbyg==
GET H2	200	b8e2cc76631fef957a953378f3d1d55e-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg i.ivona.ua/i/54/36/13/9/5436139/image_main/	11 KB 12 KB	264ms 176ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/54/36/13/9/5436139/image_main/b8e2cc76631fef957a953378f3d1d55e-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash bd94800a1f24602a47a2b38e91e66f3a884256bbcaac98bc45553f3c0b694ef8 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 15:21:35 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Mon, 23 May 2022 15:19:34 GMT server AmazonS3 age 46641 etag "01c2d70eb916334dbeae52595e33ddcb" x-cache Hit from cloudfront x-amz-version-id dsv4kZQcsKN3e907CsUQpnGTCOiKlt1j cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 11738 x-amz-cf-id t148ZIvQdOpBR8o3VQvmdAqsf5R_Ieo0aloDD0vZctddCXpbkh83vQ==
GET H2	200	1227eb683f421e385122c0b22657ada3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg i.ivona.ua/i/63/07/59/5/6307595/image_main/	15 KB 15 KB	134ms 71ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/63/07/59/5/6307595/image_main/1227eb683f421e385122c0b22657ada3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash abfbef1808e063f9ad6ce59bb79e6753b905d862be107ff2a451644a0d47e4bc Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 18:06:39 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Mon, 23 May 2022 18:02:56 GMT server AmazonS3 age 36737 etag "c863faccf6e2e9c8036758a8aa404b5f" x-cache Hit from cloudfront x-amz-version-id 0qPGnUikRMqzJ8PIecAP5k8b92Ycgulo cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 15257 x-amz-cf-id oQm76jTjcp1NwC7ziEe7nd8toSTMEGjlyjXuigxZx1wJrJoA3qNr7w==
GET H2	200	36e79417d65969ee03035f4af611e73a-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg i.ivona.ua/i/63/07/57/4/6307574/image_main/	20 KB 20 KB	165ms 164ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/63/07/57/4/6307574/image_main/36e79417d65969ee03035f4af611e73a-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash ea1aca9d34bc112ee9ebc70e92f714cb2603ff0dc99301d5c0e04c065d42f2f3 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 14:46:26 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Mon, 23 May 2022 14:39:22 GMT server AmazonS3 age 48750 etag "c1b9c3e3536fcde4eb36dc35450726c7" x-cache Hit from cloudfront x-amz-version-id aE_MbHMKUM53tL_ud8xf0qE3RmMT8Q78 cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 20513 x-amz-cf-id V3hS8KbI1L1ekMWEpz6B3RFpXjnn057XC6j5_Khyc3aiwdoWYjXDug==
GET H2	200	223602c4a0ae2b347fb8824da6b215c7-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg i.ivona.ua/i/63/07/22/3/6307223/image_main/	19 KB 19 KB	172ms 171ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/63/07/22/3/6307223/image_main/223602c4a0ae2b347fb8824da6b215c7-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 3209bdc1371e6aeff7d0cadb76487fb7688c8059b865ddd436e36c0fa6d8def1 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 11:41:08 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Mon, 23 May 2022 11:40:10 GMT server AmazonS3 age 59868 etag "fa66fc3baff3178e9285329cf1c2ee51" x-cache Hit from cloudfront x-amz-version-id ELfsBWpSzkVCE91IImBDwmY1FSg78wcP cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 19319 x-amz-cf-id _g0EuDV5GSbhHwdUCsYV-CFijpIWQH9mydNX58yeHjzyzZdfu1Izyw==
GET H2	200	c3c1abcd715e7ed8b0b3538d827a05b0-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg i.ivona.ua/i/63/07/15/8/6307158/image_main/	20 KB 21 KB	198ms 197ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/63/07/15/8/6307158/image_main/c3c1abcd715e7ed8b0b3538d827a05b0-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 8802112ed8bfe8a20abfbfd6a25f8cf2fdae05ca411a4053817a3d0a9e8a29ca Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 08:40:22 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Mon, 23 May 2022 08:38:53 GMT server AmazonS3 age 70714 etag "818c088ce4114a905970539225faae16" x-cache Hit from cloudfront x-amz-version-id klYMmkomU9TH4uombQjzxi0lXgrDPPqW cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 20807 x-amz-cf-id mGvbso7_kjjFqqfCZzEaXdBpUYDUQ41Xn4fDJ2gEmcllKlStHZTRUA==
GET H2	200	62cc2f956d4d0200dec8c54ed340ae46-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg i.ivona.ua/i/63/07/38/9/6307389/image_main/	10 KB 10 KB	183ms 182ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/63/07/38/9/6307389/image_main/62cc2f956d4d0200dec8c54ed340ae46-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash b60960f52d0f389e8c1a7160bc000d84c1d8b08f3f65e0811c73720de0da696f Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 13:41:49 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Mon, 23 May 2022 13:38:26 GMT server AmazonS3 age 52627 etag "74fe88164b8c893f66d7c79dedf681b4" x-cache Hit from cloudfront x-amz-version-id P4tqrZxhSOFVHsTr3zaVuuxHdW.PdZp3 cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 9998 x-amz-cf-id qLjCK1Wk7IerHeBXdDhRVixZXXsDwdNcc1GLd8djeGL_qw5gxodS7Q==
GET H2	200	e03e1ec8b1ab5b39999c2bd53122ef76-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg i.ivona.ua/i/63/06/83/3/6306833/image_main/	10 KB 10 KB	179ms 178ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/63/06/83/3/6306833/image_main/e03e1ec8b1ab5b39999c2bd53122ef76-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 67795bcbbe66d6def8c34d909918da3850808cb572a1e11273c356856ed69a53 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 10:43:10 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Mon, 23 May 2022 10:39:59 GMT server AmazonS3 age 63346 etag "b8e3617b36085481d1f639e87a06cd92" x-cache Hit from cloudfront x-amz-version-id VXgpEAG7Uai8.MV65Y0WBy.ZEnOB1Q0c cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 9811 x-amz-cf-id n5RCSC1vpeInumPoqucpOWaSRnIMroDis1ZJ1T3A6CWC9fP8t0x7IQ==
GET H2	200	106272c0bad567c3afc9d11cff746985-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg i.ivona.ua/i/54/66/14/3/5466143/image_main/	7 KB 7 KB	186ms 185ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/54/66/14/3/5466143/image_main/106272c0bad567c3afc9d11cff746985-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 0cd66fba1283aa6ca6676af6b9456feb786ec81d9ddb9f3fae9e6991846d625a Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 22 May 2022 12:49:25 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Sun, 22 May 2022 12:49:25 GMT server AmazonS3 age 142171 etag "a6a4d593b95d3c009234a26270f3f155" x-cache Hit from cloudfront x-amz-version-id 77EaBvCjMcZ2H9TBR_BLTIKi2bRd0g7L cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 7096 x-amz-cf-id ZRNZmhIgTBH-8AaCc1iKBdW3Rup3zWIqKtl55DR16O3w5Ojt7M21tg==
GET H2	200	e49945d4eed46f9507684715601bcdeb-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg i.ivona.ua/i/54/78/50/0/5478500/image_main/	15 KB 15 KB	202ms 201ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/54/78/50/0/5478500/image_main/e49945d4eed46f9507684715601bcdeb-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 69961e30e638ce40ac4b0ee438dd1e0f3f35a22147ea1f5ce05f099dbdab4a30 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Fri, 20 May 2022 13:39:57 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Fri, 20 May 2022 13:33:14 GMT server AmazonS3 age 311939 etag "bc73594b3c70bb2ab4c5ab3807e40252" x-cache Hit from cloudfront x-amz-version-id uDQ5B.L853K7OgQLlsOYjuBf50kQvv4N cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 15121 x-amz-cf-id IecSsU9vEkPRcUnmuAK7MY23NGmYa3VZPBpVeMqco_if3P4VklaDrQ==
GET H2	200	342a1ad0705b8c8720fb8ed73df88486-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg i.ivona.ua/i/54/35/92/6/5435926/image_main/	14 KB 14 KB	191ms 191ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/54/35/92/6/5435926/image_main/342a1ad0705b8c8720fb8ed73df88486-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash ccca1f4a684b17a6e36eebda35736d8a3678400f2311ba0c461ebdfa2cffd317 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 16 May 2022 16:06:38 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Mon, 16 May 2022 15:59:55 GMT server AmazonS3 age 648738 etag "b7c98d41e1dc6014d919ec87fe054cfd" x-cache Hit from cloudfront x-amz-version-id aWDQsBzsst0LoST_m36oUAbm2hrxKUYA cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 14431 x-amz-cf-id -6ulOzf_4WkrgiYWPeBSYEoF1o6fWKqLwDXQn3wSdYBr-17ALgVIUQ==
GET H2	200	90578b3817f83949b67d38784e189d7d-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg i.ivona.ua/i/54/46/97/0/5446970/image_main/	7 KB 8 KB	194ms 194ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/54/46/97/0/5446970/image_main/90578b3817f83949b67d38784e189d7d-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 1fc058f2c09370551f07b497aeb9a7e5c2ce9ec05e80e24fc4c9e1e7d1c319c9 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sat, 21 May 2022 15:29:28 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Sat, 21 May 2022 15:20:50 GMT server AmazonS3 age 218968 etag "d01ebd5406f6622e753d2bba159387da" x-cache Hit from cloudfront x-amz-version-id HHq6WkWe1AyXPZetJbtFhuxfVKJa86DJ cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 7502 x-amz-cf-id UP1bkEKxBKioeojvZ0zG9UflYmRWVRw1Cn75Tcp41_th8Yu4qGvNNA==
GET H2	200	fpdata.js Show response gaua.hit.gemius.pl/	277 B 391 B	74ms 74ms	Script application/x-javascript	54.37.238.28 OVH
General Check archive.org Show headers Download Go to Full URL https://gaua.hit.gemius.pl/fpdata.js?href=ivona.ua Requested by Host: gaua.hit.gemius.pl URL: https://gaua.hit.gemius.pl/xgemius.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.37.238.28 , France, ASN16276 (OVH, FR), Reverse DNS ip28.ip-54-37-238.eu Software GHC / Resource Hash c7e1765d22123fca386affa6d6425259e0e671eb0a1bed504b145a56a2140737 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT last-modified Mon, 16 Jul 2012 10:03:40 GMT server GHC etag PRIVATE7520710249 p3p CP="NOI DSP COR NID PSAo OUR IND" cache-control private, max-age=2592000 cross-origin-resource-policy cross-origin accept-ranges none content-type application/x-javascript content-length 277 expires Thu, 23 Jun 2022 04:18:55 GMT
GET H2	200	lsget.html Show response ls.hit.gemius.pl/ Frame E8B1	5 KB 3 KB	242ms 78ms	Document text/html	146.59.30.100 OVH
General Check archive.org Show headers Download Go to Full URL https://ls.hit.gemius.pl/lsget.html Requested by Host: gaua.hit.gemius.pl URL: https://gaua.hit.gemius.pl/xgemius.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 146.59.30.100 , France, ASN16276 (OVH, FR), Reverse DNS ip100.ip-146-59-30.eu Software GHC / Resource Hash 7de2bafa69deef05defb4a8d9cc7c3c4be8122f2a8cc24e46f4846257c41b9d0 Request headers Referer https://ivona.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ranges none cache-control private, max-age=2592000 content-encoding gzip content-length 2717 content-type text/html;charset=utf-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 04:18:55 GMT etag PRIVATE7520710249 expires Thu, 23 Jun 2022 04:18:55 GMT last-modified Mon, 16 Jul 2012 10:03:40 GMT p3p CP="NOI DSP COR NID PSAo OUR IND" server GHC vary Accept-Encoding,Origin,User-Agent
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	170ms 53ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-206274582-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 2649 date Tue, 24 May 2022 03:34:46 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 24 May 2022 05:34:46 GMT
GET H2	200	ivona.bigmir.net.1211636.js Show response jsc.idealmedia.io/i/v/	2 KB 1 KB	154ms 53ms	Script text/javascript	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js Requested by Host: z.cdn.umh.ua URL: https://z.cdn.umh.ua/load?z=1817662902&div=zone_1817662902&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be705c134d98e7a215275e82ed9d928f4361b65143517f9809ae1c9e113eeb42 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip cf-cache-status HIT age 1017 cf-ray 71033ae9df4075cf-LHR content-length 746 x-amz-id-2 ZUwX2TmtRLCxaffgH1nkLdky1N6V6uzDKr9qeVQ0a8pDgCzwq/trZ+FxCj/TS9Woh4MIKOe9ui0= last-modified Thu, 19 May 2022 10:17:01 GMT server cloudflare etag "d245c3976e8b37aa0431b5a7963b9259" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 9A5AGH89NGCCAYPX cache-control public, max-age=10800 x-amz-version-id aReMvDLJPEDwpUbKMTrGJ190Yj4xYHBH accept-ranges bytes content-type text/javascript expires Tue, 24 May 2022 07:18:55 GMT
GET H2	200	/ Show response exchange.informer.ua/informer/stat/ Frame 30AF	5 KB 2 KB	290ms 105ms	Document text/html	193.29.200.142 UMHAS
General Check archive.org Show headers Download Go to Full URL https://exchange.informer.ua/informer/stat/?s=kolobok Requested by Host: z.cdn.umh.ua URL: https://z.cdn.umh.ua/load?z=2096059570&div=zone_2096059570&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA), Reverse DNS Software nginx/1.12.2 / PHP/7.1.17 Resource Hash 64e80615a548c07b32663c4d9082ff097804abfeb7e13266bab6079ceae93e30 Request headers Referer https://ivona.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Tue, 24 May 2022 04:21:56 GMT server nginx/1.12.2 vary Accept-Encoding x-powered-by PHP/7.1.17
GET H2	200	ivona.bigmir.net.1296107.js Show response jsc.idealmedia.io/i/v/	2 KB 972 B	155ms 55ms	Script text/javascript	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.js Requested by Host: z.cdn.umh.ua URL: https://z.cdn.umh.ua/load?z=1604070069&div=zone_1604070069&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2ba54c2c0ee422e605c0a01ab06fd224af56017507c345ee988b2d66658ba69d Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip cf-cache-status HIT age 1017 cf-ray 71033ae9df4175cf-LHR content-length 747 x-amz-id-2 ZL63CPr9lfrra/Ti9LQiA++jHkI3mQP57M8GhUSbyK8snb7rcDSpwWWLVCR2FUxbudHlINdJvS0= last-modified Thu, 19 May 2022 10:42:43 GMT server cloudflare etag "d55ff0e2835c6fab6cb303c8faa6e5d2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 9A583P53FBJ9EPRZ cache-control public, max-age=10800 x-amz-version-id 4IbdH1IbvzWV_xhL1AQ2067gYkN_zepk accept-ranges bytes content-type text/javascript expires Tue, 24 May 2022 07:18:55 GMT
GET H/1.1	400 Bad Request	s h.holder.com.ua/	0 0	276ms 79ms	Script text/plain	91.198.36.35 DIGITAL-VENTURES
General Check archive.org Show headers Download Go to Full URL https://h.holder.com.ua/s?ta&bholder_320x100_4084&c1&r88989382&dholder1217097366&hhttps%3A//ivona.ua/ Requested by Host: i.holder.com.ua URL: https://i.holder.com.ua/t/holder.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 24 May 2022 04:18:55 GMT Server nginx Connection keep-alive Keep-Alive timeout=5 Content-Length 0
GET H/1.1	400 Bad Request	s h.holder.com.ua/	0 0	239ms 79ms	Script text/plain	91.198.36.35 DIGITAL-VENTURES
General Check archive.org Show headers Download Go to Full URL https://h.holder.com.ua/s?ta&bholder_320x100_5759&c1&r88989382&dholder2068016217&hhttps%3A//ivona.ua/ Requested by Host: i.holder.com.ua URL: https://i.holder.com.ua/t/holder.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 24 May 2022 04:18:55 GMT Server nginx Connection keep-alive Keep-Alive timeout=5 Content-Length 0
GET H3	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205230101/	314 KB 112 KB	187ms 79ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067738 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1e0e635bc4b34df794e1bade86ae7e64714f3e4eca1ff0ecd322f8d30db81297 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 114392 x-xss-protection 0 server cafe etag 7274750239238855184 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 24 May 2022 04:18:55 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/ Frame 18EE	10 KB 5 KB	170ms 54ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220518/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ivona.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers age 30031 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding gzip content-length 4421 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 23 May 2022 19:58:24 GMT etag 1428802124239944296 expires Mon, 06 Jun 2022 19:58:24 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	c.html Show response cdn.admixer.net/scripts3/46506/ Frame 4611	738 B 510 B	140ms 139ms	Document text/html	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://cdn.admixer.net/scripts3/46506/c.html?b=46506 Requested by Host: cdn.admixer.net URL: https://cdn.admixer.net/scripts3/loader2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99 Request headers Referer https://ivona.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers cache HIT cache-control max-age=31622400 content-encoding gzip content-type text/html date Tue, 24 May 2022 04:18:55 GMT etag W/"62824272-2e2" expires Wed, 17 May 2023 12:25:26 GMT last-modified Mon, 16 May 2022 12:24:18 GMT server nginx vary Accept-Encoding x-cached-since 2022-05-16T12:25:26+00:00 x-id fr5-up-gc37
GET H2	200	a21031c0f6a0994b3314.b.js Show response cdn.admixer.net/scripts3/46506/	23 KB 8 KB	146ms 145ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js Requested by Host: cdn.admixer.net URL: https://cdn.admixer.net/scripts3/loader2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-id fr5-up-gc37 date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip last-modified Mon, 16 May 2022 12:24:15 GMT server nginx etag W/"6282426f-5d41" vary Accept-Encoding x-cached-since 2022-05-16T12:25:26+00:00 content-type application/javascript cache-control max-age=31622400 cache HIT expires Wed, 17 May 2023 12:25:26 GMT
GET H2	200	0a75d04ce9f53a1a35b6.b.js Show response cdn.admixer.net/scripts3/46506/	75 KB 20 KB	158ms 158ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js Requested by Host: cdn.admixer.net URL: https://cdn.admixer.net/scripts3/loader2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-id fr5-up-gc37 date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip last-modified Mon, 16 May 2022 12:24:04 GMT server nginx etag W/"62824264-12c39" vary Accept-Encoding x-cached-since 2022-05-16T12:25:26+00:00 content-type application/javascript cache-control max-age=31622400 cache HIT expires Wed, 17 May 2023 12:25:26 GMT
GET H2	200	mwayss_invocation.min.js Show response ad.mox.tv/mox/	29 KB 10 KB	210ms 98ms	Script application/javascript	185.132.133.134 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div Requested by Host: z.cdn.umh.ua URL: https://z.cdn.umh.ua/load?z=1424319715&div=zone_1424319715&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=769&pl=3&mi=4&me=8&hc=4&n=1653365935408&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2633639724 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS 185-132-133-134.hosted-by-worldstream.net Software nginx/1.14.0 (Ubuntu) / Resource Hash 314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip last-modified Tue, 07 Dec 2021 16:48:38 GMT server nginx/1.14.0 (Ubuntu) etag W/"61af9066-72a8" vary Accept-Encoding content-type application/javascript cache-control max-age=3600, public, max-age=3600 expires Tue, 24 May 2022 05:18:55 GMT
GET H/1.1	204 No Content	s Show response h.holder.com.ua/	0 126 B	234ms 79ms	Script text/plain	91.198.36.35 DIGITAL-VENTURES
General Check archive.org Show headers Download Go to Full URL https://h.holder.com.ua/s?ta&b2718&c1&r88989382&dholder1320962835&hhttps%3A//ivona.ua/ Requested by Host: i.holder.com.ua URL: https://i.holder.com.ua/t/holder.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 24 May 2022 04:18:55 GMT Server nginx Connection keep-alive Keep-Alive timeout=5
GET H2	200	c.html Show response cdn.admixer.net/scripts3/46506/ Frame 22FF	738 B 396 B	142ms 142ms	Document text/html	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://cdn.admixer.net/scripts3/46506/c.html?b=46506 Requested by Host: cdn.admixer.net URL: https://cdn.admixer.net/scripts3/loader2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99 Request headers Referer https://ivona.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers cache HIT cache-control max-age=31622400 content-encoding gzip content-type text/html date Tue, 24 May 2022 04:18:55 GMT etag W/"62824272-2e2" expires Wed, 17 May 2023 12:25:26 GMT last-modified Mon, 16 May 2022 12:24:18 GMT server nginx vary Accept-Encoding x-cached-since 2022-05-16T12:25:26+00:00 x-id fr5-up-gc37
GET H2	200	/ www.facebook.com/tr/	44 B 297 B	164ms 54ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1797034293858937&ev=fb_page_view&dl=https%3A%2F%2Fivona.ua%2F&rl=&if=false&ts=1653365935658&sw=1600&sh=1200&at= Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Tue, 24 May 2022 04:18:55 GMT
GET H2	200	ivona.bigmir.net.1211636.es6.js Show response jsc.idealmedia.io/i/v/	239 KB 72 KB	50ms 50ms	Script text/javascript	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js Requested by Host: jsc.idealmedia.io URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 60897c3c45fe0d9ce022b1ddb80a87ad33880d73c0778691d53fce1d5a1f94b6 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip cf-cache-status HIT age 1016 cf-ray 71033aea3f8c75cf-LHR content-length 73466 x-amz-id-2 k6OvjuYYfIlj7iGHMUmSrZl0bg5BtpmhLlWgWGtnlVWvpzge4gJ1sy+/CZdo3/kFmznZpPjGFB8= last-modified Thu, 19 May 2022 10:17:01 GMT server cloudflare etag "0e52c00a0fd8a0343d85684967c254ae" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id C0DMG8FVQ335BVEN cache-control public, max-age=10800 x-amz-version-id COd.9.8jumNfJ6_Z3r5kNWKM9dpxdMg6 accept-ranges bytes content-type text/javascript expires Tue, 24 May 2022 07:18:55 GMT
GET H2	200	ivona.bigmir.net.1296107.es6.js Show response jsc.idealmedia.io/i/v/	231 KB 70 KB	93ms 93ms	Script text/javascript	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js Requested by Host: jsc.idealmedia.io URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5907e70cc9b35bbb0d318835140fc6f703fe548791556bf5851335e7785866bb Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip cf-cache-status HIT age 1016 cf-ray 71033aea3f8d75cf-LHR content-length 71554 x-amz-id-2 7wCUN1gSCl9UFreS+WbEnj0wmww8wNU/xI9SvpeyTEiTIqDInapG72IjK2hBsULAAjxxPn3tn3E= last-modified Thu, 19 May 2022 10:42:43 GMT server cloudflare etag "d47d542936a60d034d727ddd07104ba3" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding x-amz-request-id 9A5D15D8NAGQVD8Y cache-control public, max-age=10800 x-amz-version-id 6w7V3efWSnglisjqZsyJZ.nd82X_D5X3 accept-ranges bytes content-type text/javascript expires Tue, 24 May 2022 07:18:55 GMT
GET H2	200	rexdot.js Show response gaua.hit.gemius.pl/__/_1653365935717/ Redirect Chain https://gaua.hit.gemius.pl/_1653365935717/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F... https://gaua.hit.gemius.pl/__/_1653365935717/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua...	169 B 422 B	133ms 133ms	Script application/x-javascript	54.37.238.28 OVH
General Check archive.org Show headers Download Go to Full URL https://gaua.hit.gemius.pl/__/_1653365935717/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=FuNq8EmneOIBksFHakCmYdz.M0bvV3ycB.BcCaSbbvD.47_LaXdsfcpW04S_NSvvDpb5HtDOBy9chbINU4Gi1ChL29BK/RwTkzUvwges23/&ltime=263&fpdata=sCMa.zxd272b4sZcXpYiLLaD_a1IN7CjrVYPtfCMC2H.E7&fpcap= Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Server 54.37.238.28 , France, ASN16276 (OVH, FR), Reverse DNS ip28.ip-54-37-238.eu Software GHC / Resource Hash 0068d9b096071cefc615d430a32c4d57ea9ab5dbac3d78fb5886c38fdf4c9249 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:55 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-type application/x-javascript content-length 169 expires Mon, 23 May 2022 04:18:55 GMT Redirect headers pragma no-cache date Tue, 24 May 2022 04:18:55 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" location /__/_1653365935717/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=FuNq8EmneOIBksFHakCmYdz.M0bvV3ycB.BcCaSbbvD.47_LaXdsfcpW04S_NSvvDpb5HtDOBy9chbINU4Gi1ChL29BK/RwTkzUvwges23/&ltime=263&fpdata=sCMa.zxd272b4sZcXpYiLLaD_a1IN7CjrVYPtfCMC2H.E7&fpcap= cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-length 0 expires Mon, 23 May 2022 04:18:55 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	169ms 60ms	XHR text/plain	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=262104129&t=pageview&_s=1&dl=https%3A%2F%2Fivona.ua%2F&ul=en-us&de=UTF-8&dt=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=373691177&gjid=1464103069&cid=642929116.1653365936&tid=UA-206274582-1&_gid=156246336.1653365936&_r=1&gtm=2ou5n0&z=1074450565 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ivona.ua/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Tue, 24 May 2022 04:18:55 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ivona.ua cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	/ loadercdn.net/	0 170 B	275ms 89ms	Image text/plain	185.187.81.40 IDSTRATEGY-AS
General Check archive.org Show headers Download Go to Show image Full URL https://loadercdn.net/?r=1&u=c955a706ab370b56&d=ivona.ua Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA), Reverse DNS Software openresty / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-origin * date Tue, 24 May 2022 04:18:56 GMT server openresty
GET H2	200	logo_top.png kolobok.ua/images/ Frame 30AF	8 KB 8 KB	264ms 84ms	Image image/png	193.29.200.162 UMHAS
General Check archive.org Show headers Download Go to Show image Full URL https://kolobok.ua/images/logo_top.png Requested by Host: exchange.informer.ua URL: https://exchange.informer.ua/informer/stat/?s=kolobok Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA), Reverse DNS Software nginx / Resource Hash 970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac Request headers accept-language en-GB,en;q=0.9 Referer https://exchange.informer.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:21:43 GMT last-modified Thu, 04 Feb 2021 12:11:24 GMT server nginx etag "601be46c-208f" access-control-allow-methods GET, POST, OPTIONS content-type image/png cache-control max-age=315360000 access-control-allow-credentials true accept-ranges bytes access-control-allow-headers * content-length 8335 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	814f8a693b53fcb33333d765fbf66700.jpg exchange.informer.ua/assets/thumbnails/81/ Frame 30AF	8 KB 8 KB	85ms 84ms	Image image/jpeg	193.29.200.142 UMHAS
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.informer.ua/assets/thumbnails/81/814f8a693b53fcb33333d765fbf66700.jpg Requested by Host: exchange.informer.ua URL: https://exchange.informer.ua/informer/stat/?s=kolobok Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA), Reverse DNS Software nginx/1.12.2 / Resource Hash a5ac72d24c1bb953822c096f91c33ab3f929bac240ef0884f5a236620769054d Request headers accept-language en-GB,en;q=0.9 Referer https://exchange.informer.ua/informer/stat/?s=kolobok User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:21:56 GMT last-modified Thu, 19 May 2022 20:20:06 GMT server nginx/1.12.2 accept-ranges bytes etag "6286a676-1fbe" content-length 8126 content-type image/jpeg
GET H2	200	47e5a9d69399edba346de7ae1a57fc2d.jpg exchange.informer.ua/assets/thumbnails/47/ Frame 30AF	8 KB 8 KB	156ms 155ms	Image image/jpeg	193.29.200.142 UMHAS
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.informer.ua/assets/thumbnails/47/47e5a9d69399edba346de7ae1a57fc2d.jpg Requested by Host: exchange.informer.ua URL: https://exchange.informer.ua/informer/stat/?s=kolobok Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA), Reverse DNS Software nginx/1.12.2 / Resource Hash 3b29dcdba264c8a784ce5489ed5b9ae3288f22e71bc33e7ca0ec07a8518b9c3e Request headers accept-language en-GB,en;q=0.9 Referer https://exchange.informer.ua/informer/stat/?s=kolobok User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:21:56 GMT last-modified Tue, 17 May 2022 11:21:05 GMT server nginx/1.12.2 accept-ranges bytes etag "62838521-2035" content-length 8245 content-type image/jpeg
GET H2	200	7edf46a7fd7dca8462e3785069f628a8.jpg exchange.informer.ua/assets/thumbnails/7e/ Frame 30AF	6 KB 6 KB	156ms 156ms	Image image/jpeg	193.29.200.142 UMHAS
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.informer.ua/assets/thumbnails/7e/7edf46a7fd7dca8462e3785069f628a8.jpg Requested by Host: exchange.informer.ua URL: https://exchange.informer.ua/informer/stat/?s=kolobok Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA), Reverse DNS Software nginx/1.12.2 / Resource Hash 0761fb38e2e49b1cccb3af1517a716677ea53ec571b0916fac7b5a13ee25fc4e Request headers accept-language en-GB,en;q=0.9 Referer https://exchange.informer.ua/informer/stat/?s=kolobok User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:21:56 GMT last-modified Sat, 21 May 2022 18:20:05 GMT server nginx/1.12.2 accept-ranges bytes etag "62892d55-1807" content-length 6151 content-type image/jpeg
GET H2	200	589a471852c341967610623b49b0f079.jpg exchange.informer.ua/assets/thumbnails/58/ Frame 30AF	6 KB 6 KB	168ms 168ms	Image image/jpeg	193.29.200.142 UMHAS
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.informer.ua/assets/thumbnails/58/589a471852c341967610623b49b0f079.jpg Requested by Host: exchange.informer.ua URL: https://exchange.informer.ua/informer/stat/?s=kolobok Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA), Reverse DNS Software nginx/1.12.2 / Resource Hash f7639effe159035210ffc4d7aeebedcc033b5d7cacb78c0376cd61fe7cd04a4d Request headers accept-language en-GB,en;q=0.9 Referer https://exchange.informer.ua/informer/stat/?s=kolobok User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:21:56 GMT last-modified Fri, 20 May 2022 10:30:19 GMT server nginx/1.12.2 accept-ranges bytes etag "62876dbb-18c8" content-length 6344 content-type image/jpeg
GET H2	200	bac133d87ab4b74e8e595ffbeacbab11.jpg exchange.informer.ua/assets/thumbnails/ba/ Frame 30AF	5 KB 5 KB	169ms 168ms	Image image/jpeg	193.29.200.142 UMHAS
General Check archive.org Show headers Download Go to Show image Full URL https://exchange.informer.ua/assets/thumbnails/ba/bac133d87ab4b74e8e595ffbeacbab11.jpg Requested by Host: exchange.informer.ua URL: https://exchange.informer.ua/informer/stat/?s=kolobok Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA), Reverse DNS Software nginx/1.12.2 / Resource Hash 0b3c436c5e5441c09fb3eb7148c93ee8cdfc922d8d1b42cc0b5b874c4a6866f8 Request headers accept-language en-GB,en;q=0.9 Referer https://exchange.informer.ua/informer/stat/?s=kolobok User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:21:56 GMT last-modified Thu, 19 May 2022 12:31:08 GMT server nginx/1.12.2 accept-ranges bytes etag "6286388c-12fe" content-length 4862 content-type image/jpeg
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	212 B 643 B	217ms 61ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=ivona.ua&callback=_gfp_s_&client=ca-pub-3755662197386269 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067738 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 0fe1fdc9be310c5066e6bab1fcda68bf9add8693d5676149ee2dcb7fe28c5de2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 198 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	184ms 62ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=ivona.ua Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067738 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	195ms 63ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=ivona.ua Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067738 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 2C23	0 19 B	96ms 95ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1653365935&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fivona.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935514&bpp=2&bdt=589&idt=322&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=323954208231&frm=20&pv=2&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=342 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067738 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ivona.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 04:18:55 GMT expires Tue, 24 May 2022 04:18:55 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	dsp.aspx Show response inv-nets.admixer.net/	222 B 675 B	172ms 54ms	Script application/javascript	146.0.227.109 VELIANET-AS velia...
General Check archive.org Show headers Download Go to Full URL https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=4160777466416883&cpv=b4ef1195-2af7-07e9-32a8-0759f47cddd8&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%224e6bb115-8701-3573-a075-1ad2a078910e%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2238e6f271-a397-ea76-6370-b1f014c137a8%22%2C%22tagid%22%3A%22d9675bdf-cf85-4051-92db-9ca047f83379%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1966145486%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true Requested by Host: cdn.admixer.net URL: https://cdn.admixer.net/scripts3/loader2.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE), Reverse DNS Software nginx / Resource Hash ec142116b48ef8b5791747deb323c42edfef5e59f59989956f5ab357f30b5267 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 24 May 2022 04:18:56 GMT Content-Encoding gzip Server nginx P3p CP="NID DSP ALL COR" Access-Control-Allow-Origin * Access-Control-Allow-Credentials true Connection keep-alive Content-Type application/javascript; charset=utf-8 Keep-Alive timeout=25 Content-Length 202 X-Xss-Protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame E7C7	23 KB 10 KB	610ms 610ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=9747571581&adk=749833915&adf=3989175597&pi=t.ma~as.9747571581&w=300&lmt=1653365935&psa=0&format=300x250&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935516&bpp=1&bdt=591&idt=348&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Pcw3fa9qO&p=https%3A//ivona.ua&dtd=356 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067738 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 789d06af4e15765d00ac929493942e2bebe9f6d0df16904e1073693915e65f9c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ivona.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 9783 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 04:18:56 GMT expires Tue, 24 May 2022 04:18:56 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame BBE7	23 KB 10 KB	293ms 293ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1653365935&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935605&bpp=1&bdt=680&idt=290&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lx9zXjgrjz&p=https%3A//ivona.ua&dtd=293 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067738 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b12eae29fd3cb971e62109d7aa7b48438130c7163b85506eacf583dc0f8c732c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ivona.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 9795 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 04:18:56 GMT expires Tue, 24 May 2022 04:18:56 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	impress Show response ad.mox.tv/delivery/	18 KB 10 KB	104ms 104ms	XHR application/json	185.132.133.134 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=ivona.ua&top_url=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&url=https%3A%2F%2Fivona.ua%2F&referrer=&async=1&uid=6539235014 Requested by Host: ad.mox.tv URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS 185-132-133-134.hosted-by-worldstream.net Software nginx/1.14.0 (Ubuntu) / Resource Hash 5edd2c789a6a5c1f6bf195f530dc6eccf3af334ada6a3ed3a139bed85f732ddd Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-origin https://ivona.ua date Tue, 24 May 2022 04:18:55 GMT content-encoding gzip access-control-allow-credentials true server nginx/1.14.0 (Ubuntu) vary Accept-Encoding content-type application/json; charset=utf-8
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 437 B	184ms 61ms	XHR text/plain	2a00:1450:400c:c00::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-206274582-1&cid=642929116.1653365936&jid=373691177&gjid=1464103069&_gid=156246336.1653365936&_u=YEBAAUAAAAAAAC~&z=2128323711 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ivona.ua/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Tue, 24 May 2022 04:18:56 GMT content-type text/plain access-control-allow-origin https://ivona.ua cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	swiper-bundle.min.css unpkg.com/swiper@7.3.0/	15 KB 5 KB	153ms 52ms	Stylesheet text/css	2606:4700::6810:7caf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css Requested by Host: ad.mox.tv URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 16137240 fly-request-id 01FMS6YMNS3M0PK361CWPXFMPT content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 71033aecdb9f75e3-LHR
GET H2	200	achernar.min.js Show response ad.mox.tv/js/achernar/	11 KB 4 KB	50ms 49ms	Script application/javascript	185.132.133.134 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://ad.mox.tv/js/achernar/achernar.min.js Requested by Host: ad.mox.tv URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS 185-132-133-134.hosted-by-worldstream.net Software nginx/1.14.0 (Ubuntu) / Resource Hash fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Mon, 21 Feb 2022 14:47:09 GMT server nginx/1.14.0 (Ubuntu) etag W/"6213a5ed-2b1e" vary Accept-Encoding content-type application/javascript cache-control max-age=3600, public, max-age=3600 expires Tue, 24 May 2022 05:18:56 GMT
GET H2	200	prebid.js Show response ad.mox.tv/js/achernar/	237 KB 71 KB	54ms 53ms	Script application/javascript	185.132.133.134 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://ad.mox.tv/js/achernar/prebid.js Requested by Host: ad.mox.tv URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS 185-132-133-134.hosted-by-worldstream.net Software nginx/1.14.0 (Ubuntu) / Resource Hash 09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Fri, 22 Apr 2022 10:13:13 GMT server nginx/1.14.0 (Ubuntu) etag W/"62627fb9-3b3ea" vary Accept-Encoding content-type application/javascript cache-control max-age=3600, public, max-age=3600 expires Tue, 24 May 2022 05:18:56 GMT
GET H2	200	gpt.js Show response www.googletagservices.com/tag/js/	82 KB 29 KB	182ms 61ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/tag/js/gpt.js Requested by Host: ad.mox.tv URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6856516a4f7742460024b4a2ca4a94688824805364866f52953c6f4a3ca78fae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28696 x-xss-protection 0 server sffe etag "1224 / 482 of 1000 / last-modified: 1653343533" vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 24 May 2022 04:18:56 GMT
GET H2	200	swiper-bundle.min.js Show response unpkg.com/swiper@7.3.0/	132 KB 38 KB	156ms 57ms	Script application/javascript	2606:4700::6810:7caf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js Requested by Host: ad.mox.tv URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT age 16137385 fly-request-id 01FMS6T6DHW02K514WB9G767ZW content-encoding br vary Accept-Encoding last-modified Sat, 26 Oct 1985 08:15:00 GMT server cloudflare etag W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 71033aecdba275e3-LHR
GET H2	200	mwayss_invocation.min.css ad.mox.tv/mox/	3 KB 850 B	142ms 141ms	Stylesheet text/css	185.132.133.134 WORLDSTREAM
General Check archive.org Show headers Download Go to Full URL https://ad.mox.tv/mox/mwayss_invocation.min.css Requested by Host: ad.mox.tv URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS 185-132-133-134.hosted-by-worldstream.net Software nginx/1.14.0 (Ubuntu) / Resource Hash 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Wed, 10 Jun 2020 14:52:51 GMT server nginx/1.14.0 (Ubuntu) etag W/"5ee0f3c3-a0a" vary Accept-Encoding content-type text/css
GET H2	200	p-gsmZhdaUra0N6.gif pixel.quantserve.com/pixel/	35 B 372 B	185ms 58ms	Image image/gif	2620:116:800d:21:ee05:6a01:4b41:8c89 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:56 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H2	200	magic.png bgstats.mox.tv/	0 66 B	178ms 48ms	Image image/png	167.71.9.19 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://bgstats.mox.tv/magic.png Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT server nginx/1.14.0 (Ubuntu) content-length 0 content-type image/png
GET H2	200	sync odr.mookie1.com/t/v2/ Redirect Chain https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=1e651872-68a2-412f-a39c-ee5ceedb3d87&gdpr=0&gdpr_consent= https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=1e651872-68a2-412f-a39c-ee5ceedb3d87&gdpr=0&gdpr_consent= https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=08cc04c6-b326-4d0b-b812-f7e69d90eec5&ssp=prodoohmox&gdpr=0&gdpr_consent=	43 B 356 B	185ms 62ms	Image image/gif	34.98.67.61 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=08cc04c6-b326-4d0b-b812-f7e69d90eec5&ssp=prodoohmox&gdpr=0&gdpr_consent= Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Server 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 61.67.98.34.bc.googleusercontent.com Software Apache / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:56 GMT via 1.1 google server Apache p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" cache-control no-cache, no-store, must-revalidate content-type image/gif;charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT Redirect headers Location //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=08cc04c6-b326-4d0b-b812-f7e69d90eec5&ssp=prodoohmox&gdpr=0&gdpr_consent= Date Tue, 24 May 2022 04:18:56 GMT Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0
GET H2	200	e1eee23f36481a69453f.b.js Show response cdn.admixer.net/scripts3/46506/	28 KB 11 KB	147ms 147ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://cdn.admixer.net/scripts3/46506/e1eee23f36481a69453f.b.js Requested by Host: cdn.admixer.net URL: https://cdn.admixer.net/scripts3/loader2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-id fr5-up-gc37 date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Mon, 16 May 2022 12:24:20 GMT server nginx etag W/"62824274-702f" vary Accept-Encoding x-cached-since 2022-05-16T12:25:29+00:00 content-type application/javascript cache-control max-age=31622400 cache HIT expires Wed, 17 May 2023 12:25:29 GMT
GET H2	200	fdabe098f34289659a17.b.js Show response cdn.admixer.net/scripts3/46506/	42 KB 18 KB	168ms 168ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://cdn.admixer.net/scripts3/46506/fdabe098f34289659a17.b.js Requested by Host: cdn.admixer.net URL: https://cdn.admixer.net/scripts3/loader2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-id fr5-up-gc37 date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Mon, 16 May 2022 12:24:21 GMT server nginx etag W/"62824275-a793" vary Accept-Encoding x-cached-since 2022-05-16T12:25:29+00:00 content-type application/javascript cache-control max-age=31622400 cache HIT expires Wed, 17 May 2023 12:25:29 GMT
GET H2	200	84011c43c3075e543c6d.b.js Show response cdn.admixer.net/scripts3/46506/	13 KB 5 KB	151ms 150ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://cdn.admixer.net/scripts3/46506/84011c43c3075e543c6d.b.js Requested by Host: cdn.admixer.net URL: https://cdn.admixer.net/scripts3/loader2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-id fr5-up-gc37 date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Mon, 16 May 2022 12:24:13 GMT server nginx etag W/"6282426d-326c" vary Accept-Encoding x-cached-since 2022-05-16T12:25:29+00:00 content-type application/javascript cache-control max-age=31622400 cache HIT expires Wed, 17 May 2023 12:25:29 GMT
GET H2	200	7103cce7fa6705169441.b.js Show response cdn.admixer.net/scripts3/46506/	11 KB 4 KB	155ms 154ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://cdn.admixer.net/scripts3/46506/7103cce7fa6705169441.b.js Requested by Host: cdn.admixer.net URL: https://cdn.admixer.net/scripts3/loader2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-id fr5-up-gc37 date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Mon, 16 May 2022 12:24:12 GMT server nginx etag W/"6282426c-2a79" vary Accept-Encoding x-cached-since 2022-05-16T12:25:29+00:00 content-type application/javascript cache-control max-age=31622400 cache HIT expires Wed, 17 May 2023 12:25:29 GMT
GET H2	200	5927ef40e4a80e0040be.b.js Show response cdn.admixer.net/scripts3/46506/	215 KB 74 KB	182ms 182ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://cdn.admixer.net/scripts3/46506/5927ef40e4a80e0040be.b.js Requested by Host: cdn.admixer.net URL: https://cdn.admixer.net/scripts3/loader2.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers x-id fr5-up-gc37 date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Mon, 16 May 2022 12:24:11 GMT server nginx etag W/"6282426b-35ac7" vary Accept-Encoding x-cached-since 2022-05-16T12:25:29+00:00 content-type application/javascript cache-control max-age=31622400 cache HIT expires Wed, 17 May 2023 12:25:29 GMT
POST H2	200	z Show response s.zmctrack.net/ Frame B00A	102 B 446 B	106ms 106ms	XHR text/plain	185.187.81.40 IDSTRATEGY-AS
General Check archive.org Show headers Download Go to Full URL https://s.zmctrack.net/z Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA), Reverse DNS Software openresty / Resource Hash 8494c7ea6f4442ce934e994c742c303c7c009286fdfd7560f4494cacbfcd0775 Request headers Referer accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-language eyJ4LXBvc3QiOiIxIn0= Content-Type application/x-www-form-urlencoded Response headers date Tue, 24 May 2022 04:18:56 GMT server openresty access-control-allow-methods POST, GET, OPTIONS content-type text/plain; charset=utf-8 access-control-allow-origin https://ivona.ua access-control-expose-headers X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie access-control-allow-headers X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent content-length 102
GET H2	200	ga-audiences www.google.com/ads/	42 B 501 B	181ms 64ms	Image image/gif	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-206274582-1&cid=642929116.1653365936&jid=373691177&_u=YEBAAUAAAAAAAC~&z=222622794 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ga-audiences www.google.de/ads/	42 B 501 B	179ms 63ms	Image image/gif	2a00:1450:4001:810::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-206274582-1&cid=642929116.1653365936&jid=373691177&_u=YEBAAUAAAAAAAC~&z=222622794 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:56 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	upwards.png ivona.ua/img/	2 KB 2 KB	54ms 53ms	Image image/png	65.9.63.37 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ivona.ua/img/upwards.png Requested by Host: ivona.ua URL: https://ivona.ua/css/style.css/v10 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.63.37 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-65-9-63-37.fra56.r.cloudfront.net Software nginx / Resource Hash c228cfe6b3ebb46f183eda1d08be68dfc80fd7680ce97ec6daef9b3d81f52b44 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/css/style.css/v10 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 20 Oct 2021 13:35:31 GMT via 1.1 72e8bbddfffeeec486003f867d631024.cloudfront.net (CloudFront) age 18628830 x-cache Hit from cloudfront content-length 1602 last-modified Sat, 24 Jul 2021 16:19:44 GMT server nginx etag "60fc3da0-642" access-control-allow-methods GET, POST, OPTIONS content-type image/png cache-control max-age=315360000 access-control-allow-credentials true x-amz-cf-pop FRA56-C1 accept-ranges bytes access-control-allow-headers * x-amz-cf-id njeO37jxaaPy7Gwjyg038sO_3lDVN3KAoL2RCi7aCEES7ZE8F7WahQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame BBE7	3 KB 1 KB	191ms 60ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1653365935&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935605&bpp=1&bdt=680&idt=290&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lx9zXjgrjz&p=https%3A//ivona.ua&dtd=293 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:11:30 GMT content-encoding gzip x-content-type-options nosniff age 446 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Jun 2022 04:11:30 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame BBE7	17 KB 8 KB	184ms 53ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1653365935&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935605&bpp=1&bdt=680&idt=290&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lx9zXjgrjz&p=https%3A//ivona.ua&dtd=293 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:16:38 GMT content-encoding gzip x-content-type-options nosniff age 138 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7211 x-xss-protection 0 server cafe etag 2988716039725867132 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Jun 2022 04:16:38 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame BBE7	136 KB 42 KB	177ms 67ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1653365935&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935605&bpp=1&bdt=680&idt=290&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lx9zXjgrjz&p=https%3A//ivona.ua&dtd=293 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42522 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1653305577626270" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 24 May 2022 04:18:56 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame BBE7	0 0	93ms 93ms	Fetch text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CjT7Br1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBK0BT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13j2uJD6WRo5MWFUlMY_ihdF2Z6nRahpbfNn1T4j0oTDhXJyrWM222ABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM3NTU2NjIxOTczODYyNjkYAA&sigh=6WkDbPBw_9o&uach_m=[UACH]&cid=CAQSGwCNIrLMmwXml1chudVsQJf1zhgM0JiCKfK4ZBgB Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1653365935&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935605&bpp=1&bdt=680&idt=290&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lx9zXjgrjz&p=https%3A//ivona.ua&dtd=293 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1653365935&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935605&bpp=1&bdt=680&idt=290&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lx9zXjgrjz&p=https%3A//ivona.ua&dtd=293 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Tue, 24 May 2022 04:18:56 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Tue, 24 May 2022 04:18:56 GMT
GET H2	200	notify rtb.fr.eu.criteo.com/google/auction/ Frame BBE7	0 0	192ms 63ms	Fetch	2a02:2638::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5KhEd6BMNgFWp2DYgICAAAAQfb5GFhaCAsVN_qvRNdkNhCvXIxi-w5RwsgzwbYiakIAEgAA&wp=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1653365935&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935605&bpp=1&bdt=680&idt=290&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lx9zXjgrjz&p=https%3A//ivona.ua&dtd=293 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT server Kestrel server-processing-duration-in-ticks 159220 content-length 0 strict-transport-security max-age=31536000; preload;
GET H2	200	afr.php Show response ads.eu.criteo.com/delivery/r/ Frame 7432	198 KB 56 KB	319ms 194ms	Document text/html	2a02:2638:1::4 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=1474189199&adf=543844251&pi=t.ma~as.1162504554&w=728&lmt=1653365935&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935605&bpp=1&bdt=680&idt=290&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lx9zXjgrjz&p=https%3A//ivona.ua&dtd=293 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 608b745688fc45f7851a59d8d75769f2a972047e818738767d4078e1f5c01c46 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Tue, 24 May 2022 04:18:55 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=AtrTMUj3fnc0FoRqUJr_TPsndQjnpYQm4IDFoVYMUKasVUvn6TMNqp17vL7-FUXjabOLFdA75uGPnfR1EcR9yXis1ZEw6OfYTi8dPHzqWCRLPPaVPhs6iDZ6lYR3sUufTCmCDK2Dy4Tfpl95HdGSPtx3LQYFEEIkDHIxq2ZL9XnfHYBnVpnnWOVTukxBdcmjOXYrzWX8jGh_GFNhdIRjOU90c__iAvNYCoq5I-yM-B1aF68SMuiXBIEJtacq_4LfxAXObA"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 133588545 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	pubads_impl_2022051901.js Show response securepubads.g.doubleclick.net/gpt/	367 KB 125 KB	170ms 53ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software sffe / Resource Hash b2b1dec112659f4ebebe1b62a838d3fb57a67fb0d31baa1371c3fe5420643120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 22:15:48 GMT content-encoding gzip x-content-type-options nosniff age 21788 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 127573 x-xss-protection 0 last-modified Thu, 19 May 2022 08:36:34 GMT server sffe vary Accept-Encoding report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} content-type text/javascript cache-control public, immutable, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" expires Tue, 23 May 2023 22:15:48 GMT
GET H2	200	ppub_config Show response securepubads.g.doubleclick.net/pagead/	160 B 742 B	178ms 62ms	XHR application/json	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ivona.ua Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 36e8435564fbeaa59d7c1b052cc8297092a2fce7471d86976777f7027daef8a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 106 x-xss-protection 0 expires Tue, 24 May 2022 04:18:56 GMT
GET H2	200	/ Show response c.idealmedia.io/pv/	0 66 B	69ms 59ms	Script text/plain	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.idealmedia.io/pv/?pv=5&cbuster=1653365936290209616587&uniqId=00e48&lct=1652918400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=628c5cb0-14db3&pageView=1&pvid=180f44a10a3913240fd&site=466737&implVersion=11&dpr=1 Requested by Host: jsc.idealmedia.io URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 71033aee0afe75cf-LHR content-length 0 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
GET H2	200	im_logo_mini_43x20.svg cdn.idealmedia.io/images/	1 KB 912 B	64ms 54ms	Image image/svg+xml	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.idealmedia.io/images/im_logo_mini_43x20.svg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip cf-cache-status HIT age 5284 x-amz-request-id H95AGEJZP07YHGXH x-amz-id-2 69Wj+QeZLzi0sADAhkLr9P83sNaeZTlIKYpKFMQwBSXIFaOIJs2+iwr+BtGdmS8EM3lu+sh1FBI= last-modified Mon, 04 May 2020 12:16:51 GMT server cloudflare etag W/"ff394e3a03921d25c2f03e03046bf506" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/svg+xml cache-control public, max-age=14400 x-amz-version-id null cf-ray 71033aee2b3a75cf-LHR expires Tue, 24 May 2022 08:18:56 GMT
GET H3	200	jizfRExUiTo99u79B_mh0O6tLQ.woff2 fonts.gstatic.com/s/ptsans/v17/	46 KB 46 KB	164ms 55ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 18 May 2022 19:26:54 GMT x-content-type-options nosniff age 463922 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 47048 x-xss-protection 0 last-modified Wed, 27 Apr 2022 16:55:54 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 18 May 2023 19:26:54 GMT
GET H2	200	1 Show response servicer.idealmedia.io/1211636/	3 KB 2 KB	77ms 68ms	Script application/x-javascript	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.idealmedia.io/1211636/1?pv=5&cbuster=165336593637287401392&uniqId=00e48&lct=1652918400&niet=4g&nisd=false&jsv=es6&w=300&h=202&wrongImageSize=1&cols=1&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=628c5cb0-14db3&pageView=1&pvid=180f44a10a3913240fd&implVersion=11&dpr=1 Requested by Host: jsc.idealmedia.io URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7af75bc4c21449adb6430ebe1908c22f9c61d97fb8f0e2cad059b0deb1868dd5 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cf-ray 71033aee8ba675cf-LHR
GET H2	200	1 Show response servicer.idealmedia.io/1296107/	1 KB 940 B	87ms 80ms	Script application/x-javascript	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://servicer.idealmedia.io/1296107/1?w=300&h=100&cols=1&pv=5&cbuster=1653365936373402682386&uniqId=07dde&childs=1296181&lct=1652918400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=628c5cb0-14db3&pageView=0&pvid=180f44a10a3913240fd&implVersion=11&dpr=1 Requested by Host: jsc.idealmedia.io URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f14e198c93e8eee580f4fff95c917619a8d5ecdd2e9e9d01b311f82b422e1e93 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip cf-cache-status DYNAMIC server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/x-javascript; charset=utf-8 cf-ray 71033aee8ba475cf-LHR
GET DATA	200 OK	truncated / Frame BBE7	218 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6a48cbb98dec2aae369be0a03a56fab01de9383e8f5ea5e302dbad1d914ddb34 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvNjk4MDg4L2U5OTYyNWEwNmI0ZTllYWRiZTUxYTZhNTcwMDUzNjFiLmpwZWc.webp s-img.idealmedia.io/n/10110108/492x328/0x0x663x442/	14 KB 14 KB	154ms 52ms	Image image/webp	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.idealmedia.io/n/10110108/492x328/0x0x663x442/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvNjk4MDg4L2U5OTYyNWEwNmI0ZTllYWRiZTUxYTZhNTcwMDUzNjFiLmpwZWc.webp?v=1653365936-Pr5Ewtb9cL0gQV_DFYyzcfreBvzR3b4LDizZZYZnWoU Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7277e0819867ab78768caeab35632fa47f46a724b560556eb0b15e062fa3799b Request headers Referer https://ivona.ua/ Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT cf-cache-status HIT last-modified Tue, 10 May 2022 21:20:45 GMT x-mg-request-uuid 2e133383-e8b1-48b9-95a9-4df14c9258ee age 63708 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes cf-ray 71033aefcec106e9-LHR content-length 13994 server cloudflare expires Tue, 24 May 2022 10:37:08 GMT
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNDI1OTc3LzRjODk4ZTI4OTk4NTQ0NTc4ZWE5ZTBlMDg3MmQ4OGM5LnBuZw.webp s-img.idealmedia.io/n/10055452/492x328/62x0x673x448/	7 KB 7 KB	154ms 53ms	Image image/webp	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.idealmedia.io/n/10055452/492x328/62x0x673x448/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNDI1OTc3LzRjODk4ZTI4OTk4NTQ0NTc4ZWE5ZTBlMDg3MmQ4OGM5LnBuZw.webp?v=1653365936-6e2yCNeUZdkC_KVq1JtE0GVd73jeC8n2wx2iA0bqBqo Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a57a75047723c81b2b6edf992cdec50618d8548907169fc1fe01c3089a8a89f Request headers Referer https://ivona.ua/ Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT cf-cache-status HIT last-modified Sun, 06 Mar 2022 10:30:47 GMT x-mg-request-uuid 1c890c6c-c22f-4ea6-bd3f-fb92b9f2b8fd age 32581 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes cf-ray 71033aefcec206e9-LHR content-length 7456 server cloudflare expires Tue, 24 May 2022 19:15:55 GMT
GET H2	200	aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvNDI3MDI0Lzc1Yjc0MDQ1NjFkZGM3ZWEyZGVmMzRkODYxYzQwZmFhLmpwZWc.webp s-img.idealmedia.io/n/10102446/492x328/0x0x728x485/	7 KB 7 KB	156ms 55ms	Image image/webp	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.idealmedia.io/n/10102446/492x328/0x0x728x485/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDUvNDI3MDI0Lzc1Yjc0MDQ1NjFkZGM3ZWEyZGVmMzRkODYxYzQwZmFhLmpwZWc.webp?v=1653365936-Lgv0M2k9s4IIXt06nlTr8dJQ8fIhl4W4gyTuLds9UZs Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9feb3abe1f01f4c4a1f73a188fdf26d224efad2d7f6f5d2503e33bfcab72c814 Request headers Referer https://ivona.ua/ Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT cf-cache-status HIT last-modified Sun, 01 May 2022 12:50:44 GMT x-mg-request-uuid 4d81d7f3-bae2-4db1-9eb5-c222a4ae8e07 age 28405 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes cf-ray 71033aefcec406e9-LHR content-length 7062 server cloudflare expires Tue, 24 May 2022 20:25:31 GMT
GET H2	200	aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA0LzM1NDcwNi81MjU4O... s-img.idealmedia.io/g/12626299/492x328/-/	23 KB 23 KB	224ms 124ms	Image image/webp	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://s-img.idealmedia.io/g/12626299/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA0LzM1NDcwNi81MjU4OTlhYWQ0YzE4MjI3NWRlMzYxYWM4MDhjNmY0ZS5qcGVn.webp?v=1653365936-L36BYFid_cEP2o-uht8LmpbmBJixVuTlAfHGCEtX_xk Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ca4ae53efd9bb4f4be01f1f23f3c411d5e6f14397378196f17869226a181df73 Request headers Referer https://ivona.ua/ Origin https://ivona.ua accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT cf-cache-status MISS last-modified Fri, 13 May 2022 06:50:58 GMT x-mg-request-uuid 3f234452-e103-4d64-becd-191a8b4c11bb expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=86400 accept-ranges bytes cf-ray 71033aefcec506e9-LHR content-length 23484 server cloudflare expires Wed, 25 May 2022 04:18:56 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame E7C7	3 KB 1 KB	172ms 60ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=9747571581&adk=749833915&adf=3989175597&pi=t.ma~as.9747571581&w=300&lmt=1653365935&psa=0&format=300x250&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935516&bpp=1&bdt=591&idt=348&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Pcw3fa9qO&p=https%3A//ivona.ua&dtd=356 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:16:47 GMT content-encoding gzip x-content-type-options nosniff age 129 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Jun 2022 04:16:47 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame E7C7	136 KB 42 KB	69ms 69ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=9747571581&adk=749833915&adf=3989175597&pi=t.ma~as.9747571581&w=300&lmt=1653365935&psa=0&format=300x250&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935516&bpp=1&bdt=591&idt=348&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Pcw3fa9qO&p=https%3A//ivona.ua&dtd=356 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42522 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1653305577626270" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 24 May 2022 04:18:56 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame E7C7	17 KB 7 KB	164ms 53ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=9747571581&adk=749833915&adf=3989175597&pi=t.ma~as.9747571581&w=300&lmt=1653365935&psa=0&format=300x250&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935516&bpp=1&bdt=591&idt=348&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Pcw3fa9qO&p=https%3A//ivona.ua&dtd=356 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:16:38 GMT content-encoding gzip x-content-type-options nosniff age 138 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7211 x-xss-protection 0 server cafe etag 2988716039725867132 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Jun 2022 04:16:38 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame E7C7	0 0	95ms 95ms	Fetch text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CAfyUr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBK8BT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte2kUXZiXS3NdMwC_HgAdzZNY_LD2R22ePx4FAuA0gsi8ZiZwWjHJoAGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzc1NTY2MjE5NzM4NjI2ORgA&sigh=OT27zzDGEf8&uach_m=[UACH]&cid=CAQSGwCNIrLMVHC1zvIofheE5pUZUOY6cWwtYncTQhgB Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=9747571581&adk=749833915&adf=3989175597&pi=t.ma~as.9747571581&w=300&lmt=1653365935&psa=0&format=300x250&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935516&bpp=1&bdt=591&idt=348&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Pcw3fa9qO&p=https%3A//ivona.ua&dtd=356 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=9747571581&adk=749833915&adf=3989175597&pi=t.ma~as.9747571581&w=300&lmt=1653365935&psa=0&format=300x250&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935516&bpp=1&bdt=591&idt=348&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Pcw3fa9qO&p=https%3A//ivona.ua&dtd=356 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Tue, 24 May 2022 04:18:56 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	200	notify rtb.fr.eu.criteo.com/google/auction/ Frame E7C7	0 0	63ms 63ms	Fetch	2a02:2638::2 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=k5KhEd2BMKwC-gGdg2ICAgAAAL_4_-7cQQOJFTf6r0TXZDYQr1yMYuWj9xb0zb84AYZxABIAAA&wp=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=9747571581&adk=749833915&adf=3989175597&pi=t.ma~as.9747571581&w=300&lmt=1653365935&psa=0&format=300x250&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935516&bpp=1&bdt=591&idt=348&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Pcw3fa9qO&p=https%3A//ivona.ua&dtd=356 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT server Kestrel server-processing-duration-in-ticks 278635 content-length 0 strict-transport-security max-age=31536000; preload;
GET H2	200	afr.php Show response ads.eu.criteo.com/delivery/r/ Frame 8745	186 KB 54 KB	156ms 156ms	Document text/html	2a02:2638:1::4 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=9747571581&adk=749833915&adf=3989175597&pi=t.ma~as.9747571581&w=300&lmt=1653365935&psa=0&format=300x250&url=https%3A%2F%2Fivona.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653365935516&bpp=1&bdt=591&idt=348&shv=r20220518&mjsv=m202205230101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=323954208231&frm=20&pv=1&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=980&ady=718&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531557%2C21066429%2C31065545%2C31067738%2C31062931&oid=2&pvsid=493688156032542&pem=712&tmod=904002087&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=3Pcw3fa9qO&p=https%3A//ivona.ua&dtd=356 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4353a482f0783fb31d6019ea855129c1ccd11081496edbe819dc4f2ee674c2f2 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers access-control-allow-credentials true access-control-allow-headers Origin, X-Requested-With, Content-Type, Accept access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin * access-control-max-age 1000 cache-control private, max-age=0, no-cache content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin date Tue, 24 May 2022 04:18:56 GMT expires Mon, 26 Jul 1997 05:00:00 GMT link <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin p3p CP='CUR ADM OUR NOR STA NID' pragma no-cache report-to {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=qkoxTEj3fnc0FoRqrns47O4u9fu0VS4q_Ne1Vi3Trmwhz2yJkzXOxYtxUYlJewHP8EwxMjqpJBAbIiqdfCB1ZjQv0d18NjuOzAikQFwY9H8pIJETD1bTLAtn7ofHp64Oo5Rt18OIVzzVYcv5r17PPtrQO95wM28VAABqW06Dp_zIlqcLg64aix_46kCe4Axz6YO8yrX5S6CqXPkVlchFK6Gfot9DP7jN9u22fiVK_WKMxw17s_ABtaCeB3AZKQogXQ-92Q"}], "max_age": 86400} server Kestrel server-processing-duration-in-ticks 85544582 strict-transport-security max-age=31536000; preload; vary Accept-Encoding
GET H2	200	i.js Show response cm.idealmedia.io/	0 133 B	84ms 75ms	Script application/javascript	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.idealmedia.io/i.js?&cbuster=1653365936520984842640 Requested by Host: jsc.idealmedia.io URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:56 GMT cf-cache-status MISS last-modified Tue, 24 May 2022 04:18:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 accept-ranges bytes cf-ray 71033aef7c9475cf-LHR content-length 0
GET H2	200	i-noref.js Show response cm.idealmedia.io/ Frame B7A5	0 40 B	70ms 70ms	Script application/javascript	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cm.idealmedia.io/i-noref.js?cbuster=1653365936536473793361 Requested by Host: jsc.idealmedia.io URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1296107.es6.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:56 GMT cf-cache-status MISS last-modified Tue, 24 May 2022 04:18:56 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type application/javascript cache-control no-store, no-cache, must-revalidate, max-age=0 accept-ranges bytes cf-ray 71033aef7c9c75cf-LHR content-length 0
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame 7432	2 KB 1 KB	172ms 56ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 19 May 2023 04:18:56 GMT
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame 7432	2 KB 1 KB	173ms 57ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-759" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 19 May 2023 04:18:56 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame 7432	308 B 636 B	171ms 56ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Fri, 19 May 2023 04:18:56 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame 7432	293 B 621 B	172ms 57ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Fri, 19 May 2023 04:18:56 GMT
GET H2	200	lg.php cat.nl.eu.criteo.com/delivery/ Frame 7432	43 B 348 B	173ms 56ms	Image image/gif	178.250.2.148 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=tBSCKI_rtiubYI7en2lwz2QLUcjncffL4SwGkxvxskDQ9avuX7fjEywPoeLQjiw2H-IVsExjRWNZSazZD8pwMtP22QNTYHng99z4gFoeu4Tbx0Eodol06jlxnlWxXlIpjV1PNk5uIvfXkEg8nO5sEJa1vGG68bKWklcME2ByW46w9-3yWt4aYdMyilmhvvy_Uqe3mRkbI8Pyc3gMiLBHFPfAaeHEHQAxC096QWzHXPBLonUYaPYPqcqdnM6VoK0JXfidiGPFNbRM5cq7Sd4PpZ22WwYxpQ3Ab7iVknGPDqoEF4UPBs17kXamEONITBiLWeFD5AYlCR73rEbY9umlpvylp5fyMctKwfSD2oDf5zhQUBWWy_Bz1Zr5K5BlRi6wWXgFiyJ9uAzAWVdbjvhbzrKCZd75qyujLuz5eUtQ00Nv5jAy_JRboFtOUYKYj8_GH8HYOA Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:56 GMT server Kestrel strict-transport-security max-age=31536000; preload; p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 1886147 content-type image/gif expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	counter.php autocounter.idealmedia.io/autocreative/	0 50 B	171ms 162ms	Image image/gif	104.16.221.74 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://autocounter.idealmedia.io/autocreative/counter.php?id=466737&pid=49813&referer=&cxurl=https://ivona.ua/&undefinedh2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&cbuster=1653365936582243231384 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT cf-cache-status DYNAMIC server cloudflare cf-ray 71033aefdcf875cf-LHR expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" content-type image/gif
GET DATA	200 OK	truncated /	211 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/svg+xml
POST H/1.1	200 OK	prebid.1.2.aspx Show response inv-nets.admixer.net/	42 B 498 B	57ms 56ms	XHR text/javascript	146.0.227.109 VELIANET-AS velia...
General Check archive.org Show headers Download Go to Full URL https://inv-nets.admixer.net/prebid.1.2.aspx Requested by Host: ad.mox.tv URL: https://ad.mox.tv/js/achernar/prebid.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE), Reverse DNS Software nginx / Resource Hash c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://ivona.ua/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain Response headers Date Tue, 24 May 2022 04:18:56 GMT Server nginx P3p CP="NID DSP ALL COR" Access-Control-Allow-Origin https://ivona.ua Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/javascript; charset=utf-8 Keep-Alive timeout=25 Content-Length 42 X-Xss-Protection 0
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	173ms 64ms	Script application/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=ivona.ua Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	171ms 62ms	Script application/javascript	2a00:1450:4001:830::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=ivona.ua Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	41 KB 10 KB	543ms 435ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=493688156032542&correlator=4130858883328366&eid=31060437%2C31062931&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_ivona.ua_S_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=1598591618&sfv=1-0-38&ecs=20220524&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3D8db827af67a0afc4-22b1c48b9bcd0067%3AT%3D1653365936%3ART%3D1653365936%3AS%3DALNI_MZVpnLXaS5NbKhg6TBqNbBzVukrxg&abxe=1&dt=1653365936640&lmt=1653365936&dlt=1653365934925&idt=1666&biw=1600&bih=1200&adxs=1050&adys=1208&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=true&btvi=1&topics=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 78f1f06310e14e8f6467c5b7d61aba1b258d1d5b8f0cbf6e45538795a713f82c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:57 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10504 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ivona.ua access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	88 KB 36 KB	512ms 404ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=493688156032542&correlator=4130858883328366&eid=31060437%2C31062931&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_ivona.ua_S_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=1022445916&sfv=1-0-38&ecs=20220524&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D8db827af67a0afc4-22b1c48b9bcd0067%3AT%3D1653365936%3ART%3D1653365936%3AS%3DALNI_MZVpnLXaS5NbKhg6TBqNbBzVukrxg&abxe=1&dt=1653365936647&lmt=1653365936&dlt=1653365934925&idt=1666&biw=1600&bih=1200&adxs=2250&adys=1208&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=true&btvi=2&topics=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 472836d94e417761e35df0d5b48b188cd67822a17bd6d3258cd6bf8078e24d94 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:57 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37191 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ivona.ua cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	41 KB 10 KB	481ms 373ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=493688156032542&correlator=4130858883328366&eid=31060437%2C31062931&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.ua_S_ww_%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=6&adks=4219025643&sfv=1-0-38&ecs=20220524&fsapi=false&sc=1&cookie=ID%3D8db827af67a0afc4-22b1c48b9bcd0067%3AT%3D1653365936%3ART%3D1653365936%3AS%3DALNI_MZVpnLXaS5NbKhg6TBqNbBzVukrxg&abxe=1&dt=1653365936649&lmt=1653365936&dlt=1653365934925&idt=1666&biw=1600&bih=1200&adxs=3450&adys=1208&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=true&btvi=3&topics=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 9a27e4e0df8508d05c036fcab2b119f2730f30cae46b319c4fecdadd3712b168 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:57 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10488 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ivona.ua access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	41 KB 10 KB	475ms 367ms	XHR text/plain	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=493688156032542&correlator=4130858883328366&eid=31060437%2C31062931&output=ldjh&gdfp_req=1&vrg=2022051901&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Civona.bigmir.net_S_WW_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=7&adks=445168658&sfv=1-0-38&ecs=20220524&fsapi=false&sc=1&cookie=ID%3D8db827af67a0afc4-22b1c48b9bcd0067%3AT%3D1653365936%3ART%3D1653365936%3AS%3DALNI_MZVpnLXaS5NbKhg6TBqNbBzVukrxg&abxe=1&dt=1653365936651&lmt=1653365936&dlt=1653365934925&idt=1666&biw=1600&bih=1200&adxs=4650&adys=1208&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=642929116.1653365936&ga_sid=1653365936&ga_hid=262104129&ga_fc=true&btvi=4&topics=1 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash be953f3ba6e1f4a093a9dfe925796494c6d585a57d7426682d16f4714ac951ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:57 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10505 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://ivona.ua access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F90D	6 KB 4 KB	198ms 62ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ivona.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 24 May 2022 04:18:56 GMT expires Wed, 24 May 2023 04:18:56 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame 7432	12 KB 6 KB	88ms 88ms	Script text/javascript	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 19 May 2023 04:18:56 GMT
GET H2	200	privacy_small.svg static.criteo.net/flash/icon/ Frame 8745	2 KB 1 KB	79ms 79ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy_small.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Tue, 11 Feb 2020 14:30:28 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42ba84-6aa" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 19 May 2023 04:18:56 GMT
GET H2	200	adchoices_en.svg static.criteo.net/flash/icon/ Frame 8745	2 KB 1 KB	79ms 79ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/adchoices_en.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Tue, 11 Feb 2020 14:27:58 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e42b9ee-759" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 19 May 2023 04:18:56 GMT
GET H2	200	close_button.svg static.criteo.net/flash/icon/ Frame 8745	308 B 636 B	62ms 61ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/close_button.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Fri, 14 Feb 2020 13:51:32 GMT server nginx cross-origin-embedder-policy require-corp etag "5e46a5e4-134" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 308 expires Fri, 19 May 2023 04:18:56 GMT
GET H2	200	back_button2.svg static.criteo.net/flash/icon/ Frame 8745	293 B 621 B	57ms 57ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/back_button2.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Thu, 28 Apr 2022 09:09:48 GMT server nginx cross-origin-embedder-policy require-corp etag "626a59dc-125" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 293 expires Fri, 19 May 2023 04:18:56 GMT
GET H2	200	lg.php cat.nl.eu.criteo.com/delivery/ Frame 8745	43 B 347 B	58ms 57ms	Image image/gif	178.250.2.148 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=YJKLaTd8qjFBcqXRMFk0tM2EtsYu6bqts1V9E3S74aCPndxSnY7_EmYiRXq2jB9fvJzTG4WAEMeqm-sqn-7AB_jFv7BzT_7O0h5cr6u2cxj62-_ht3ZdqeEOTN9IVt6yHZYGvV-sJZbk7FOx201Gk7cajN6A_lj_KOBbOe4pzR9TyCTnZlMHYSpiFHOkBa3pffMGvv-BdWjS1lP_G1Mn3j6HOdEXDSNWSm2Z5pRdGfbLPl_xogNpDCfUSvTBpvlDEJDKE3O864Zd58KgLJwNCgWxlbDcLArnMeOgUAyrpPkX_NmFgUw9h6y5rEzhgYsDifbpIpSh2-8JswpGLCpFUx3mZJW2DCitERbyOxyr1vKFnlNIkGPOAt6IkIY-JAPX11T3wRwZTpDZEimdB-EKqA7hCpOJhGPrNeFTvUHmzfJknI5M7dhYL6Am8qrcRWZO-j-hjnaUx3XVOuo8ISFXkBW7H_k Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Kestrel / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:56 GMT server Kestrel strict-transport-security max-age=31536000; preload; p3p CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA" cache-control no-cache cross-origin-resource-policy cross-origin server-processing-duration-in-ticks 3339236 content-type image/gif expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 7432	6 KB 6 KB	180ms 56ms	Image image/png	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?h=176&m=0&partner=10309&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F10309%2F200716%2F7918c12269204a8c8375e62384537eb5_191211_flaconi_logo_iconic_element_black.png&v=3&w=256&s=KkPYl9EzriqKTVUBvy5t80zB Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash f169d116b41284e9fdf28e6a6dfd49b07db60d4ae2355e22fbd0bd762d089bc6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/png cache-control public, max-age=28423678 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 5899 expires Tue, 18 Apr 2023 03:46:55 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 7432	5 KB 5 KB	242ms 119ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fi%2Fn%2Finstytutumn-c-erum-anti-wrinkle-brightening-gesichtsserum-30-ml-7640162870252.jpg&v=3&w=800&s=d1CYGWW5f5TdW7mC_y0yqDtk&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash b3cd65a4f945b5d8b2766b947eda115924f0577b5eb2fdd84b18d0f13b7c3486 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=57382 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 5200 expires Tue, 24 May 2022 20:15:19 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 7432	4 KB 4 KB	232ms 109ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fj%2Fi%2Fjimmy-choo-i-want-choo-eau-de-parfum-40-ml-3386460119276.jpg&v=3&w=800&s=XQsHht2v2ub10n8ngW--JjQd&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash 16a5af095e69c63af64b4ce32f96297455c8af7d490aca3c65e428bf8a2e81cb Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=60869 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 4316 expires Tue, 24 May 2022 21:13:26 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 7432	4 KB 4 KB	234ms 112ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fd%2Fi%2Fdiesel-only-the-brave-duschgel-150-ml-3605521416094.jpg&v=3&w=800&s=_AUo7zsj8fkElqKHCBzw_ePd&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash 452a5437d8fc69f89f573d67742ac606d4cf7b7255454fc27107c866c8ad23ad Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=52405 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 4102 expires Tue, 24 May 2022 18:52:22 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 7432	2 KB 2 KB	250ms 128ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fd%2F-%2Fd-alba-peptide-no-sebum-balancing-toner-gesichtswasser-150-ml-8809563060276.jpg&v=3&w=800&s=7CBcDBuX4Wk3pFLPW_GNTMa2&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash c694ba10121712073323280402bf6c5b37e6cbfd590558f1f8989fac56a24cb5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=46122 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 1934 expires Tue, 24 May 2022 17:07:39 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 7432	3 KB 4 KB	237ms 115ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fd%2Fi%2Fdiesel-only-the-brave-deospray-150ml.jpg&v=3&w=800&s=uoHLdCXXOvNoawDvtrnqkfyA&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash 81d07c5f81f341619ce9bdb2d2df0e1f39ec9aa035660f1ff8fb02dc45eb67ea Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=30578 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 3414 expires Tue, 24 May 2022 12:48:35 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 7432	2 KB 3 KB	184ms 184ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Ft%2Fa%2Ftaft-hitzeschutz-bis-zu-230-grad-hitzeschutzspray-250-ml-4015100437973.jpg&v=3&w=800&s=_uGhorXB9Wp95106scdJtMM7&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash 56cf770f31c5405480c79c0aa5fe6eed327eee6fa3a5dea793aa6130a12d4d10 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=28166 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 2446 expires Tue, 24 May 2022 12:08:23 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 7432	54 KB 54 KB	185ms 184ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=10309&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F10309%2F201126%2F809ee6eb57df4e9c9705111ad7fa7d86_img_horizontal_1.jpg&v=3&w=1200&s=Syq3pg-0qmo7oq6anRlIJI3T Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash c0b26fee0bf4c8a306205ad90be4548cb4732823c4582a8bd8c5ae36930711d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=28727554 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 55084 expires Fri, 21 Apr 2023 16:11:31 GMT
POST H2	200	all csm.eu.criteo.net/ Frame 7432	0 128 B	184ms 56ms	Ping text/plain	178.250.2.150 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=AtrTMUj3fnc0FoRqUJr_TPsndQjnpYQm4IDFoVYMUKasVUvn6TMNqp17vL7-FUXjabOLFdA75uGPnfR1EcR9yXis1ZEw6OfYTi8dPHzqWCRLPPaVPhs6iDZ6lYR3sUufTCmCDK2Dy4Tfpl95HdGSPtx3LQYFEEIkDHIxq2ZL9XnfHYBnVpnnWOVTukxBdcmjOXYrzWX8jGh_GFNhdIRjOU90c__iAvNYCoq5I-yM-B1aF68SMuiXBIEJtacq_4LfxAXObA&sds=2&rev=81571&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Tue, 24 May 2022 04:18:55 GMT cross-origin-resource-policy cross-origin server Finatra content-length 0 strict-transport-security max-age=31536000; preload;
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame 7432	2 KB 1 KB	58ms 56ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 19 May 2023 04:18:56 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame 7432	2 KB 1 KB	62ms 61ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 19 May 2023 04:18:56 GMT
GET DATA	200 OK	truncated / Frame E7C7	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a733c59b352ee4d011b38a13bd8d3466cb6bc67f9f589a47e2a6969cb8905937 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET H2	200	animejs.js Show response static.criteo.net/animejs/ Frame 8745	12 KB 6 KB	73ms 73ms	Script text/javascript	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://static.criteo.net/animejs/animejs.js Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Tue, 26 Mar 2019 17:44:11 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5c9a64eb-3181" strict-transport-security max-age=31536000; preload; content-type text/javascript access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 19 May 2023 04:18:56 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 8745	6 KB 7 KB	193ms 127ms	Image image/png	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?h=76&m=0&partner=10309&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F10309%2F200716%2F7918c12269204a8c8375e62384537eb5_191211_flaconi_logo_iconic_element_black.png&v=3&w=596&s=7xRmwOUqlI15LwR35mZT-Fdo Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash 7d43733904113faf80c237b6e17589cbfcc5960b60522029f446a922ab11d9d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/png cache-control public, max-age=28423678 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 6646 expires Tue, 18 Apr 2023 03:46:55 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 8745	99 KB 99 KB	234ms 169ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=10309&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F10309%2F201126%2F30385b9072c04f64888734fc9c0c4163_img_square_1.jpg&v=3&w=1200&s=kYinzN3dklO9wWhYiZJag-4D Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash 3a9dc32ecaed3ae2eb4f8d2d0b8743f13d8a9e237c2486ad56f5fbef0653ec8c Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=28544157 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 101534 expires Wed, 19 Apr 2023 13:14:54 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 8745	5 KB 5 KB	122ms 57ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fi%2Fn%2Finstytutumn-c-erum-anti-wrinkle-brightening-gesichtsserum-30-ml-7640162870252.jpg&v=3&w=400&s=zhTgv-pMvjDM_3LLVx1oEFrv&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash b3cd65a4f945b5d8b2766b947eda115924f0577b5eb2fdd84b18d0f13b7c3486 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:55 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=57382 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 5200 expires Tue, 24 May 2022 20:15:19 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 8745	3 KB 4 KB	176ms 111ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fb%2Fo%2Fbottega-veneta-pour-homme-eau-de-toilette-50-ml-3607346504437.jpg&v=3&w=400&s=7eJeFLa4dSG_XcGu746p16Pn&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash 6dc68443bc0d9559631e877381a057ac69c37620eb63daf9350f599449226f3f Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=29858 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 3484 expires Tue, 24 May 2022 12:36:35 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 8745	4 KB 4 KB	230ms 165ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fb%2Fa%2Fbabyliss-super-pro-2300-haartrockner-1-stk-3030050154856.jpg&v=3&w=400&s=wz4edwd-LNbSPWz_BABvjRcT&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash c094a01578df30c8414836992608765ccdd0b811bf76ca9d9bdf041f1eb55f13 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=84976 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 4214 expires Wed, 25 May 2022 03:55:13 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 8745	3 KB 3 KB	229ms 164ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fs%2Fh%2Fshu-uemura-ashita-supreme-haarserum-90-ml-3474637058647.jpg&v=3&w=400&s=uDUqfF7g_yctkEWXdVoGFN-u&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash 6074ac9368939328bad9b73997b423a3566480d8d784e5b7fda3d38702b5806e Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=54700 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 2628 expires Tue, 24 May 2022 19:30:37 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 8745	2 KB 2 KB	223ms 223ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fd%2F-%2Fd-alba-peptide-no-sebum-balancing-toner-gesichtswasser-150-ml-8809563060276.jpg&v=3&w=400&s=yJcwZrs_EfVdY7-mK3swXHdJ&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash c694ba10121712073323280402bf6c5b37e6cbfd590558f1f8989fac56a24cb5 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=46122 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 1934 expires Tue, 24 May 2022 17:07:39 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 8745	4 KB 4 KB	222ms 222ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fh%2Fa%2Fhair-rituel-by-sisley-creme-demelante-restructurante-conditioner-200-ml-3473311692405.jpg&v=3&w=400&s=fzPy8fY5mcRCqUrykQLK4qMH&b=400 Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash f65750a9e66a7b5c586b003c0d04119fb418124755ea85b5c58d8765232143d6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=30349 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 3994 expires Tue, 24 May 2022 12:44:46 GMT
POST H2	200	all csm.eu.criteo.net/ Frame 8745	0 127 B	126ms 57ms	Ping text/plain	178.250.2.150 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=qkoxTEj3fnc0FoRqrns47O4u9fu0VS4q_Ne1Vi3Trmwhz2yJkzXOxYtxUYlJewHP8EwxMjqpJBAbIiqdfCB1ZjQv0d18NjuOzAikQFwY9H8pIJETD1bTLAtn7ofHp64Oo5Rt18OIVzzVYcv5r17PPtrQO95wM28VAABqW06Dp_zIlqcLg64aix_46kCe4Axz6YO8yrX5S6CqXPkVlchFK6Gfot9DP7jN9u22fiVK_WKMxw17s_ABtaCeB3AZKQogXQ-92Q&sds=2&rev=81571&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Tue, 24 May 2022 04:18:56 GMT cross-origin-resource-policy cross-origin server Finatra content-length 0 strict-transport-security max-age=31536000; preload;
GET H2	200	criteo_logo_2021.svg static.criteo.net/flash/icon/ Frame 8745	2 KB 1 KB	58ms 57ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/criteo_logo_2021.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Thu, 27 May 2021 13:21:59 GMT server nginx cross-origin-embedder-policy require-corp etag W/"60af9cf7-891" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 19 May 2023 04:18:56 GMT
GET H2	200	privacy.svg static.criteo.net/flash/icon/ Frame 8745	2 KB 1 KB	59ms 58ms	Image image/svg+xml	2a02:2638::3 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://static.criteo.net/flash/icon/privacy.svg Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software nginx / Resource Hash 095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:56 GMT content-encoding gzip last-modified Wed, 19 Feb 2020 10:57:21 GMT server nginx cross-origin-embedder-policy require-corp etag W/"5e4d1491-646" strict-transport-security max-age=31536000; preload; content-type image/svg+xml access-control-allow-origin * cache-control max-age=31104000, public cross-origin-resource-policy cross-origin timing-allow-origin * expires Fri, 19 May 2023 04:18:56 GMT
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012205161914000/ Frame 301F	220 KB 61 KB	188ms 54ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 757319a250590e2bd0a13b21c1541d2de6628e4f27fc53dbc09810a20eece701 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 40171 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61456 x-xss-protection 0 server sffe date Mon, 23 May 2022 17:09:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "42b814baf88beb20" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 23 May 2023 17:09:26 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012205161914000/v0/ Frame 301F	14 KB 5 KB	354ms 221ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb79fb74d6258322e62522032aa870d6b08193d00356365ada57b7ec120c831f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 1008 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5191 x-xss-protection 0 server sffe date Tue, 24 May 2022 04:02:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "d3630c4be819f8fb" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 24 May 2023 04:02:09 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012205161914000/v0/ Frame 301F	94 KB 28 KB	355ms 222ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba4104ca707204425da942d41ded59339a7925fa7986876ae2b2fde22a3ef7a2 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 7489 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28900 x-xss-protection 0 server sffe date Tue, 24 May 2022 02:14:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "ccce7ec6c76e0017" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 24 May 2023 02:14:08 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012205161914000/v0/ Frame 301F	5 KB 2 KB	365ms 232ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3427cca8a2e3789c0a04279acc2720b7f93b87932a915c850fe41a09924f0a8c Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 40171 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1905 x-xss-protection 0 server sffe date Mon, 23 May 2022 17:09:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "862cd07357fd06d9" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 23 May 2023 17:09:26 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012205161914000/v0/ Frame 301F	40 KB 13 KB	366ms 233ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1632299889539ec3c89ff14ed39f3a8ad49ab6b13eedf7bb78e0bd70b95d79a9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 1010 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12945 x-xss-protection 0 server sffe date Tue, 24 May 2022 04:02:07 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "2cd215bb1afb4615" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 24 May 2023 04:02:07 GMT
GET DATA	200 OK	truncated / Frame 301F	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a31ca6057577ce3b138ea38607b49852c6e46ba0076c2732dae70c80feab0939 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET H3	200	3129481431426828961 tpc.googlesyndication.com/simgad/ Frame 301F	64 KB 64 KB	55ms 54ms	Image image/gif	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3129481431426828961 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b24cb21be3d8067f9782d7bc1d5d21f0e487da2bddb750c1bf84ef6b263e529 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 22:00:01 GMT x-content-type-options nosniff age 22736 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 65928 x-xss-protection 0 last-modified Mon, 16 May 2022 14:14:47 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 23 May 2023 22:00:01 GMT
GET H3	200	ru.png tpc.googlesyndication.com/pagead/images/abg/ Frame 301F	3 KB 3 KB	78ms 77ms	Image image/png	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/ru.png Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 18:06:10 GMT x-content-type-options nosniff server cafe age 36767 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 6726277462267614359 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3041 x-xss-protection 0 expires Tue, 24 May 2022 18:06:10 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 301F	344 B 368 B	82ms 80ms	Image image/png	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 16:59:05 GMT x-content-type-options nosniff server cafe age 40792 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 6766994032117382215 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Tue, 24 May 2022 16:59:05 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame 301F	0 0	174ms 63ms	Image text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGDF4M43bYnYH-ZTy0boXwVRIlboYBe_qF63hWhdTyEXWHx25cTpOx7ZbngkKpOnUk0BzoqN565Qv-9yhED9RvZ3hmaw Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H/1.1	200 OK	px.gif d.adtriba.com/ Frame 301F Redirect Chain https://d.adtriba.com/collect?atb_ptid=70ea7f65&atb_dpuid=Google&atb_dcaid=Display-_-Google-_-G_FTI_DE_GDN_Travel-Tuesday_Gutschein-_-ZG_Similar-Audiences-_-traveltuesday&utm_source=Google&utm_medi... https://d.adtriba.com/px.gif	42 B 227 B	58ms 57ms	Image image/gif	3.66.117.233 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adtriba.com/px.gif Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol HTTP/1.1 Server 3.66.117.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-66-117-233.eu-central-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 24 May 2022 04:18:57 GMT Cache-Control public, max-age=86400 Server nginx/1.16.1 Connection keep-alive Content-Length 42 Content-Type image/gif Redirect headers Date Tue, 24 May 2022 04:18:57 GMT Last-Modified Tue, 24 May 2022 04:18:57 GMT Server nginx/1.16.1 P3P CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info." Location /px.gif Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 01:00:00 GMT
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 301F	0 0	96ms 95ms	Image text/html	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=Cr9eVsFyMYqjEMtHh3gOq5oeAC8TgiJ1q3OW5sPQPrpavlasJEAEgm9yJImCVAqAB0LrBiwPIAQOpAv7SqCll7LE-4AIAqAMByAMIqgTkAU_QR9pnMSgbAafadzK8p8RK0jsBBLTYSeEFNLRYkdIeYwHsB_AWhz0XUge467qit0feJMyv3-ttSzVfPituziZh0H5RLysCk0hK5j6I5Bcezs2DEcnnIpf0FPFpqvu8XqAbDcPdWXSJEtWz7h52Co-WGJ8EbNt1ufmKd_LJryTUa39x5aD0ySjV0Gu32na9yCOHamllvYhREDrMp7eOazz-GstnQFBwsjUKhTrbS5wiNI-4XHZKb7Yvve-QcTqN2Fvzjs811rFVAFfuwQiubL7ZJPjgBqprJ7O8uf2TMU7dcHkh3sAE2bX56t4D4AQBkgUECAQYAZIFBAgFGASgBgOAB6CG_HmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD_kgfSCAkIgOGAEBABGB2ACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItODI0MTA0OTQ5NzYwODk5Nxjz8RY&sigh=AnSSWitjR5k&uach_m=[UACH] Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	200	tracking ad.mox.tv/delivery/	51 B 51 B	56ms 56ms	Image text/html	185.132.133.134 WORLDSTREAM
General Check archive.org Show headers Download Go to Show image Full URL https://ad.mox.tv/delivery/tracking?hash=SE1zZ1I5aVNFcFBVdlFqZlJIS1R6Mk5xZG9ZTXE3M1N3S2NlVkpPSnpWTTdVeDBRT21MM1RCSGgwWnh5NkM2bnFreEdid1JqZ2FuU3o2YjJxZ3Jhb0t4N0twQnBqTVh5Smxjc2xqM2dIUXh4TWdySm1TTDJuUXZBNXYyNzh4Tk9wck5NTU9LdXBZNHdRYjl3aEFUZjNhWHlURCttd01FbXBMOU83WnZDemFnZWZJc3hNK0NPREpPYVdqY3pwRDNKS2h0TzNqcnAwWUtmVzdzNmZUWU5MR0ZsNDlRUmtVMXQzTUtmUkRZL1BOQy8yUit3Umx2L0JQbWk4NndCMHNxdkJ0R1ZtbnVaVnhMYnB4TnRMNHpsZ3c9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS 185-132-133-134.hosted-by-worldstream.net Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-origin * date Tue, 24 May 2022 04:18:57 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012205161914000/ Frame 5154	220 KB 60 KB	230ms 114ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 757319a250590e2bd0a13b21c1541d2de6628e4f27fc53dbc09810a20eece701 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 40171 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61456 x-xss-protection 0 server sffe date Mon, 23 May 2022 17:09:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "42b814baf88beb20" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 23 May 2023 17:09:26 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012205161914000/v0/ Frame 5154	14 KB 5 KB	236ms 235ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb79fb74d6258322e62522032aa870d6b08193d00356365ada57b7ec120c831f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 1008 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5191 x-xss-protection 0 server sffe date Tue, 24 May 2022 04:02:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "d3630c4be819f8fb" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 24 May 2023 04:02:09 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012205161914000/v0/ Frame 5154	94 KB 28 KB	237ms 236ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba4104ca707204425da942d41ded59339a7925fa7986876ae2b2fde22a3ef7a2 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 7489 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28900 x-xss-protection 0 server sffe date Tue, 24 May 2022 02:14:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "ccce7ec6c76e0017" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 24 May 2023 02:14:08 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012205161914000/v0/ Frame 5154	5 KB 2 KB	245ms 244ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3427cca8a2e3789c0a04279acc2720b7f93b87932a915c850fe41a09924f0a8c Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 40171 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1905 x-xss-protection 0 server sffe date Mon, 23 May 2022 17:09:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "862cd07357fd06d9" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 23 May 2023 17:09:26 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012205161914000/v0/ Frame 5154	40 KB 13 KB	246ms 245ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1632299889539ec3c89ff14ed39f3a8ad49ab6b13eedf7bb78e0bd70b95d79a9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 1010 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12945 x-xss-protection 0 server sffe date Tue, 24 May 2022 04:02:07 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "2cd215bb1afb4615" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 24 May 2023 04:02:07 GMT
GET H3	200	3129481431426828961 tpc.googlesyndication.com/simgad/ Frame 5154	64 KB 64 KB	67ms 66ms	Image image/gif	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3129481431426828961 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b24cb21be3d8067f9782d7bc1d5d21f0e487da2bddb750c1bf84ef6b263e529 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 22:00:01 GMT x-content-type-options nosniff age 22736 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 65928 x-xss-protection 0 last-modified Mon, 16 May 2022 14:14:47 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 23 May 2023 22:00:01 GMT
GET H3	200	ru.png tpc.googlesyndication.com/pagead/images/abg/ Frame 5154	3 KB 3 KB	89ms 88ms	Image image/png	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/ru.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 18:06:10 GMT x-content-type-options nosniff server cafe age 36767 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 6726277462267614359 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3041 x-xss-protection 0 expires Tue, 24 May 2022 18:06:10 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 5154	344 B 368 B	91ms 91ms	Image image/png	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 16:59:05 GMT x-content-type-options nosniff server cafe age 40792 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 6766994032117382215 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Tue, 24 May 2022 16:59:05 GMT
GET H/1.1	200 OK	px.gif d.adtriba.com/ Frame 5154 Redirect Chain https://d.adtriba.com/collect?atb_ptid=70ea7f65&atb_dpuid=Google&atb_dcaid=Display-_-Google-_-G_FTI_DE_GDN_Travel-Tuesday_Gutschein-_-ZG_Similar-Audiences-_-traveltuesday&utm_source=Google&utm_medi... https://d.adtriba.com/px.gif	42 B 227 B	59ms 59ms	Image image/gif	3.66.117.233 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adtriba.com/px.gif Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol HTTP/1.1 Server 3.66.117.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-66-117-233.eu-central-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 24 May 2022 04:18:57 GMT Cache-Control public, max-age=86400 Server nginx/1.16.1 Connection keep-alive Content-Length 42 Content-Type image/gif Redirect headers Date Tue, 24 May 2022 04:18:57 GMT Last-Modified Tue, 24 May 2022 04:18:57 GMT Server nginx/1.16.1 P3P CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info." Location /px.gif Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 01:00:00 GMT
GET DATA	200 OK	truncated / Frame 5154	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ec3635dcf99d1bdd86dba8f729d8c8314703ef59fe11f5f9c21ae6a6e32842fd Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET H3	204	l www.google.com/ads/measurement/ Frame 5154	0 0	155ms 62ms	Image text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZsc-IXJ3h7vJ_eYQ63FENSRtMKWLSGkJfI4An1l4GCoWHZLjv59SnXGRr2qYmEZvSzrjM_DAa_Y_MMM1gdd_Ap_FIUg Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 5154	0 0	96ms 96ms	Image text/html	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CVcoVsFyMYpPGMpK43wPy-5GYD8TgiJ1q3OW5sPQPrpavlasJEAEgmb2_dmCVAqAB0LrBiwPIAQOpAmiiNtsN5bE-4AIAqAMByAMIqgTkAU_QZ8dBJF6wtp4jrYzV4bA3BWNEu11Xj9g8TwO8W9TQ8rQ86mGKwwQI4QCjdXoQHaQ7TVqFI10yJNg9y6WTOpHT7q7qxPaWkXrTkv217pZQ4VHko9xInPPAtX6wMZGH0HrkAXF30rHVqXe6Cs0CabobrgK5RzKZDchhmA7r_hva60qZbcbvX8pF_ZRTkBTN38FdNlGKVmIVuARB0ktipd_GQEMvGowODcGmrYH6EUO_BBB4qoyRCW3kSkVEQVj-XYNsuOKDtBCyKo3TZ3Y9cW5GMG1wxLtSwqkf0YJEu9FYBqDek8AE2bX56t4D4AQBkgUECAQYAZIFBAgFGASgBgOAB6CG_HmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCDqxDSCAkIgOGAEBABGB2ACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItMzEzMjg5MzcyNTYwMzkzNRjtvnE&sigh=vgqvMk1-I8I&uach_m=[UACH] Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	200	tracking ad.mox.tv/delivery/	51 B 51 B	56ms 55ms	Image text/html	185.132.133.134 WORLDSTREAM
General Check archive.org Show headers Download Go to Show image Full URL https://ad.mox.tv/delivery/tracking?hash=cW5IbG84akVkS3hqR1VjNUJFS0dZZmh2eU1ycEZ2dFV4NVYvSzRaZzVDS0Q1M0txUlNGanBMYnd3VDIvOGpmYW1mV0RJQnVYTkhXa0dSTSt6VGY5bjZ3VG0xa1l3RUx0SHF1K3RNMnByd1g2TzdESGR5bTFYWVUxaUViWVhvR2tqay9JNzVmZzNUeVhqVi9xRTZhQSs4M2hhYkNkZTBHZEcwSVQwUm5SbW5mWmtkNUNCaWNnL2VRRDJhTERLNHk5dFJuQk03R3dqZ3RCY0ZjUmtUb2tPMHBMd25Xb2d6YW9HSTJqa1pRUnZ3cDNtOG5xSWZaU3ZERU9oN3dpazhiNQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS 185-132-133-134.hosted-by-worldstream.net Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-origin * date Tue, 24 May 2022 04:18:57 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) vary Accept-Encoding content-type text/html; charset=UTF-8
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012205161914000/ Frame 3FAB	220 KB 60 KB	215ms 151ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 757319a250590e2bd0a13b21c1541d2de6628e4f27fc53dbc09810a20eece701 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 40171 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 61456 x-xss-protection 0 server sffe date Mon, 23 May 2022 17:09:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "42b814baf88beb20" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 23 May 2023 17:09:26 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012205161914000/v0/ Frame 3FAB	14 KB 5 KB	249ms 248ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb79fb74d6258322e62522032aa870d6b08193d00356365ada57b7ec120c831f Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 1008 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5191 x-xss-protection 0 server sffe date Tue, 24 May 2022 04:02:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "d3630c4be819f8fb" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 24 May 2023 04:02:09 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012205161914000/v0/ Frame 3FAB	94 KB 28 KB	250ms 249ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ba4104ca707204425da942d41ded59339a7925fa7986876ae2b2fde22a3ef7a2 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 7489 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 28900 x-xss-protection 0 server sffe date Tue, 24 May 2022 02:14:08 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "ccce7ec6c76e0017" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 24 May 2023 02:14:08 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012205161914000/v0/ Frame 3FAB	5 KB 2 KB	259ms 258ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3427cca8a2e3789c0a04279acc2720b7f93b87932a915c850fe41a09924f0a8c Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 40171 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1905 x-xss-protection 0 server sffe date Mon, 23 May 2022 17:09:26 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "862cd07357fd06d9" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Tue, 23 May 2023 17:09:26 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012205161914000/v0/ Frame 3FAB	40 KB 13 KB	260ms 259ms	Script text/javascript	2a00:1450:4001:80f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012205161914000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1632299889539ec3c89ff14ed39f3a8ad49ab6b13eedf7bb78e0bd70b95d79a9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff age 1010 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12945 x-xss-protection 0 server sffe date Tue, 24 May 2022 04:02:07 GMT strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000 etag "2cd215bb1afb4615" accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Wed, 24 May 2023 04:02:07 GMT
GET H3	200	3129481431426828961 tpc.googlesyndication.com/simgad/ Frame 3FAB	64 KB 64 KB	75ms 74ms	Image image/gif	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/3129481431426828961 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2b24cb21be3d8067f9782d7bc1d5d21f0e487da2bddb750c1bf84ef6b263e529 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 22:00:01 GMT x-content-type-options nosniff age 22736 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 65928 x-xss-protection 0 last-modified Mon, 16 May 2022 14:14:47 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Tue, 23 May 2023 22:00:01 GMT
GET H3	200	ru.png tpc.googlesyndication.com/pagead/images/abg/ Frame 3FAB	3 KB 3 KB	86ms 86ms	Image image/png	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/ru.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 18:06:10 GMT x-content-type-options nosniff server cafe age 36767 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 6726277462267614359 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 3041 x-xss-protection 0 expires Tue, 24 May 2022 18:06:10 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/abg/ Frame 3FAB	344 B 368 B	89ms 88ms	Image image/png	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/abg/icon.png Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 16:59:05 GMT x-content-type-options nosniff server cafe age 40792 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" etag 6766994032117382215 vary Accept-Encoding content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 344 x-xss-protection 0 expires Tue, 24 May 2022 16:59:05 GMT
GET H/1.1	200 OK	px.gif d.adtriba.com/ Frame 3FAB Redirect Chain https://d.adtriba.com/collect?atb_ptid=70ea7f65&atb_dpuid=Google&atb_dcaid=Display-_-Google-_-G_FTI_DE_GDN_Travel-Tuesday_Gutschein-_-ZG_Similar-Audiences-_-traveltuesday&utm_source=Google&utm_medi... https://d.adtriba.com/px.gif	42 B 227 B	77ms 57ms	Image image/gif	3.66.117.233 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adtriba.com/px.gif Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol HTTP/1.1 Server 3.66.117.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-66-117-233.eu-central-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 24 May 2022 04:18:57 GMT Cache-Control public, max-age=86400 Server nginx/1.16.1 Connection keep-alive Content-Length 42 Content-Type image/gif Redirect headers Date Tue, 24 May 2022 04:18:57 GMT Last-Modified Tue, 24 May 2022 04:18:57 GMT Server nginx/1.16.1 P3P CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info." Location /px.gif Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 01:00:00 GMT
GET DATA	200 OK	truncated / Frame 3FAB	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9a42c22490e1b19c4d9ae8cd3f83fa9983ced333be37c549ddd7b55b34ccb8fc Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET H3	204	l www.google.com/ads/measurement/ Frame 3FAB	0 0	102ms 61ms	Image text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRAiRVsMr5qOGUilwFT2RcAoK9zQpuNdN-7jFJ2MCr3OHUiXcIWZcg8cRDNnlr6IZ3U65yc_ZSi12QtABG5eE1YFi426Q Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 3FAB	0 0	97ms 97ms	Image text/html	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CBNrQsFyMYo6RMoev3wPk9o3QA8TgiJ1q3OW5sPQPrpavlasJEAEg-5_8YmCVAqAB0LrBiwPIAQOpAv7SqCll7LE-4AIAqAMByAMIqgTkAU_Qurj9d_UwxKib2uLn9U19WN6zn-oSQJz44LXnWXtVdqt4WqHlhSrE3t3dP41Yb28Vt0kAwZtyFTzzw-WEuxqsTqxQlaT1uPkX3lH55Jv9S6KVl-jQTAZJL8IevKdOsGSL6q_fy-9qoxIKKz1g8MVmLe3VrG0nu3Z72_8MVvrcjdrr_vTA8RbFlTZGaXgr-W6JpbwrHk1SWshhaSbTzo3UEpSXSQ9-4fPFOIKvtIqGq_zDzwVlxzVvh7LSdFG-z8GJgH43dj3t0z1AUdaKzpGa2WlRNFYGGz2uKY8-tlBJhUYdLMAE2bX56t4D4AQBkgUECAQYAZIFBAgFGASgBgOAB6CG_HmoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD54U7SCAkIgOGAEBABGB2ACgPICwHYEwLQFQGAFwGyFx4KHAgAEhRwdWItMzE5MTI4OTg4MjA0NTE1NRjNnms&sigh=ZjfiLQNAMt4&uach_m=[UACH] Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	200	tracking ad.mox.tv/delivery/	51 B 51 B	58ms 57ms	Image text/html	185.132.133.134 WORLDSTREAM
General Check archive.org Show headers Download Go to Show image Full URL https://ad.mox.tv/delivery/tracking?hash=dWlOWDVLRyszZVB6WGdMNXpCMWtpVVVWdG1HWG40MklDaHlkempxcGRBY1gyZkpiNWdNckhqR0lqRThKMWh1T0RMNnZEWmt0SWhJYlNuMTZXeUpGWkFqUm1nYXhjeHFPRVh1dGowVVBnaXA2Sm9ZZVhsWkcyZTNIelR6VDZUQ05SZU1jQ1NOTlpsUTVyRG90S3VjVDUvei9sbVFKcnVuaWJtS3BobmRXVmljWkNqWmluODFsRXE4RlJGVnBUTllGT3RHdFcxamlDbHUyR01IakZ3WkJVQ09YQnk0WHFsWHU4c3YvcVNNeE9oQVhaQUg2UlZZZnZqRS9iWTZ2REVMNg%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS 185-132-133-134.hosted-by-worldstream.net Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-origin * date Tue, 24 May 2022 04:18:57 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) vary Accept-Encoding content-type text/html; charset=UTF-8
GET H3	200	container.html Show response 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A24B	6 KB 3 KB	164ms 54ms	Document text/html	2a00:1450:4001:811::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022051901.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ivona.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, immutable, max-age=31536000 content-encoding gzip content-length 3108 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Tue, 24 May 2022 04:18:56 GMT expires Wed, 24 May 2023 04:18:56 GMT last-modified Tue, 02 Mar 2021 20:17:03 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	tracking ad.mox.tv/delivery/	51 B 51 B	56ms 55ms	Image text/html	185.132.133.134 WORLDSTREAM
General Check archive.org Show headers Download Go to Show image Full URL https://ad.mox.tv/delivery/tracking?hash=MWsrcUI4Y2tWelFWMnVKTWdVQ2xOa29aN1RGVzVnMG9FWHp4eUR2SlpYSnBScjdGZzBYU0Y1WUVmMVg5d1RGTCtpem9KM0tZR0JGWFdzMlNVdnpMYjd3RUU1MjRJRlpkNnBXbkZmS3V6ckdDdWVVb3lhVGdrbUd4VzE4b29oTWdXdjVoK0ZNNUhEYnQvbWtEYldHQ0tpcWErYXI3a0JGRUtkVElMQUJvMitySGtaMDBtdjYyc1UrdldXanhaKzB4cVBSRkNvcFozc091YUtKV09KSzU0TzVreUhOd2dFWkZxb3ltcmFvVGQxelE1NU1BSzRMVlhhRWEzSFAzeS9xOVllWDF6M0g0MDA1ckVtbmxXQVhtTHc9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 185.132.133.134 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL), Reverse DNS 185-132-133-134.hosted-by-worldstream.net Software nginx/1.14.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers access-control-allow-origin * date Tue, 24 May 2022 04:18:57 GMT content-encoding gzip server nginx/1.14.0 (Ubuntu) vary Accept-Encoding content-type text/html; charset=UTF-8
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 2578	624 B 299 B	66ms 65ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNWHbN8AXuwl9GKd9LLMp7FaN4iz2Mn9mDHYOLaPzGyLJZT3IymWPlYEuSAMiCKPltfPQa-9FMQshqOHC5Yeh6HOzw1a_fygJ32irI-1j6PwGH_Zz63bI34ZA8T3GvfGFRFtIVZADYlWyFPg7ojw99TGCVhPkIcNJ4YCfso-zR3df4fm3Oo Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding gzip content-length 276 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 24 May 2022 04:18:57 GMT expires Tue, 24 May 2022 04:18:57 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame A24B	106 KB 38 KB	184ms 54ms	Script text/javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ Origin https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 13:38:15 GMT content-encoding gzip x-content-type-options nosniff age 52842 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37872 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 24 May 2022 13:38:15 GMT
GET H3	200	omrhp_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/ Frame A24B	6 KB 3 KB	53ms 53ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/elements/html/omrhp_fy2019.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 23:49:22 GMT content-encoding gzip x-content-type-options nosniff age 16175 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2626 x-xss-protection 0 server cafe etag 8548655983161038638 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 06 Jun 2022 23:49:22 GMT
GET H3	200	abg_lite_fy2019.js Show response pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/ Frame A24B	21 KB 8 KB	53ms 53ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20220518/r20110914/abg_lite_fy2019.js Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9fc62d99ca580e914d7af298fd36b6926ba2b1e6c97ab21be0f9022f9c665816 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 02:14:08 GMT content-encoding gzip x-content-type-options nosniff age 7489 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8611 x-xss-protection 0 server cafe etag 11030745046341915621 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Jun 2022 02:14:08 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame A24B	42 B 63 B	86ms 86ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BW8qgcQ31zxDCy6xEXmOlzBZyRUSoYcmszcZnGVdD-pdIUmFVVktNuaXn8nCqnzDz8uP-eDq005EpvLtFcOR9ZVwPogvO82jXEz9RxrtGlGArtn58 Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:57 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	px.gif d.adtriba.com/ Frame A24B Redirect Chain https://d.adtriba.com/collect?atb_ptid=e774d0b4&atb_dpuid=nayoki&atb_dcaid=display-pp_paket_s_alw-on https://d.adtriba.com/px.gif	42 B 227 B	55ms 54ms	Image image/gif	3.66.117.233 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d.adtriba.com/px.gif Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Server 3.66.117.233 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-66-117-233.eu-central-1.compute.amazonaws.com Software nginx/1.16.1 / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Request headers accept-language en-GB,en;q=0.9 Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 24 May 2022 04:18:57 GMT Cache-Control public, max-age=86400 Server nginx/1.16.1 Connection keep-alive Content-Length 42 Content-Type image/gif Redirect headers Date Tue, 24 May 2022 04:18:57 GMT Last-Modified Tue, 24 May 2022 04:18:57 GMT Server nginx/1.16.1 P3P CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info." Location /px.gif Cache-Control no-cache, no-store, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 01:00:00 GMT
GET H3	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame A24B	3 KB 1 KB	55ms 53ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/window_focus_fy2019.js Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:16:47 GMT content-encoding gzip x-content-type-options nosniff age 130 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1359 x-xss-protection 0 server cafe etag 1484984001845508991 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Jun 2022 04:16:47 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame A24B	136 KB 42 KB	68ms 67ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:57 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42522 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1653305577626270" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 24 May 2022 04:18:57 GMT
GET H3	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/ Frame A24B	17 KB 7 KB	55ms 54ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220518/r20110914/client/qs_click_protection_fy2019.js Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1be78b79774b196d2500f7bd3bb3ca7269ec444158f0e545d4d313bcf40e1310 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:16:38 GMT content-encoding gzip x-content-type-options nosniff age 139 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7211 x-xss-protection 0 server cafe etag 2988716039725867132 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 07 Jun 2022 04:16:38 GMT
GET H3	204	l www.google.com/ads/measurement/ Frame A24B	0 0	62ms 61ms	Image text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRC8Xyj8VO1FnrhOwDGexEWjyQFapkad0UnJdWBQo2wMx1efr1wY_esboWh5FVldj5R_NfQ0lrBazW9tm9_LBvYnuI6dA Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame BBE7	42 B 64 B	197ms 87ms	Fetch image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIJAONvT96wfHq8GS3oQaDL4xNvSgs_yy1j6UulR0-FOiiY2rk0UUcO-yRawdwcsVG8xTbjpoGRYxQ-RvKChzA&sig=Cg0ArKJSzAN9yGuy_zCsEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1474189199&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653365935899&rpt=564&met=ie&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:57 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 301F Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	101ms 100ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers date Tue, 24 May 2022 04:18:57 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame A24B	41 KB 15 KB	54ms 53ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 11:18:14 GMT content-encoding gzip x-content-type-options nosniff age 61243 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 23 May 2023 11:18:14 GMT
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 8206	1 KB 749 B	55ms 53ms	Document text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers age 80713 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding gzip content-length 724 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 23 May 2022 05:53:44 GMT etag 48472445140208031 expires Tue, 24 May 2022 05:53:44 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 2578 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP4ggvgiKJuXSIFYYIawlLE&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP4ggvgiKJuXSIFYYIawlLE&google_cver=1&C=1	43 B 1013 B	68ms 67ms	Image image/gif	23.35.236.247 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP4ggvgiKJuXSIFYYIawlLE&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNWHbN8AXuwl9GKd9LLMp7FaN4iz2Mn9mDHYOLaPzGyLJZT3IymWPlYEuSAMiCKPltfPQa-9FMQshqOHC5Yeh6HOzw1a_fygJ32irI-1j6PwGH_Zz63bI34ZA8T3GvfGFRFtIVZADYlWyFPg7ojw99TGCVhPkIcNJ4YCfso-zR3df4fm3Oo Protocol HTTP/1.1 Server 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-247.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 May 2022 04:18:57 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 24 May 2022 04:18:57 GMT Redirect headers Pragma no-cache Date Tue, 24 May 2022 04:18:57 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP4ggvgiKJuXSIFYYIawlLE&google_cver=1&C=1 Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type text/html; charset=iso-8859-1 Content-Length 308 Expires Tue, 24 May 2022 04:18:57 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 2578 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YoxcsfAvQSwxh7nhsX57swAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP4ggvgiKJuXSIFYYIawlLE&google_cver=1	43 B 1013 B	68ms 68ms	Image image/gif	23.35.236.247 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP4ggvgiKJuXSIFYYIawlLE&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNWHbN8AXuwl9GKd9LLMp7FaN4iz2Mn9mDHYOLaPzGyLJZT3IymWPlYEuSAMiCKPltfPQa-9FMQshqOHC5Yeh6HOzw1a_fygJ32irI-1j6PwGH_Zz63bI34ZA8T3GvfGFRFtIVZADYlWyFPg7ojw99TGCVhPkIcNJ4YCfso-zR3df4fm3Oo Protocol HTTP/1.1 Server 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-35-236-247.deploy.static.akamaitechnologies.com Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 May 2022 04:18:58 GMT Server Apache Vary Is-Traffic-Usersync P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Cache-Control max-age=0, no-cache, no-store Connection keep-alive Content-Type image/gif Content-Length 43 Expires Tue, 24 May 2022 04:18:58 GMT Redirect headers pragma no-cache date Tue, 24 May 2022 04:18:57 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEP4ggvgiKJuXSIFYYIawlLE&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 2578 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEDlmxWKDRfffkxXZ048Hdc0&google_cver=1	43 B 1016 B	100ms 53ms	Image image/gif	37.252.172.249 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEDlmxWKDRfffkxXZ048Hdc0&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNWHbN8AXuwl9GKd9LLMp7FaN4iz2Mn9mDHYOLaPzGyLJZT3IymWPlYEuSAMiCKPltfPQa-9FMQshqOHC5Yeh6HOzw1a_fygJ32irI-1j6PwGH_Zz63bI34ZA8T3GvfGFRFtIVZADYlWyFPg7ojw99TGCVhPkIcNJ4YCfso-zR3df4fm3Oo Protocol HTTP/1.1 Server 37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Pragma no-cache Date Tue, 24 May 2022 04:18:57 GMT X-Proxy-Origin 82.199.130.45; 82.199.130.45; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 6cacc35d-7a8d-4a40-aef4-81dc6f2c24a7 Server nginx/1.21.3 P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive Content-Type image/gif Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Tue, 24 May 2022 04:18:57 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://ib.adnxs.com/setuid?entity=101&code=CAESEDlmxWKDRfffkxXZ048Hdc0&google_cver=1 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 2578 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxODc5ODg4Njc4MjY2NzI1OQ%3D%3D	170 B 188 B	173ms 64ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxODc5ODg4Njc4MjY2NzI1OQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPjqRhC5lOngAhjLzZmxATAB&v=APEucNWHbN8AXuwl9GKd9LLMp7FaN4iz2Mn9mDHYOLaPzGyLJZT3IymWPlYEuSAMiCKPltfPQa-9FMQshqOHC5Yeh6HOzw1a_fygJ32irI-1j6PwGH_Zz63bI34ZA8T3GvfGFRFtIVZADYlWyFPg7ojw99TGCVhPkIcNJ4YCfso-zR3df4fm3Oo Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 24 May 2022 04:18:57 GMT X-Proxy-Origin 82.199.130.45; 82.199.130.45; 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com AN-X-Request-Uuid 373baa87-140a-431f-97cc-b4e556347fe8 Server nginx/1.21.3 Access-Control-Allow-Origin * P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYxODc5ODg4Njc4MjY2NzI1OQ%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Connection keep-alive Content-Type text/html; charset=utf-8 Content-Length 0 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 5154 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	81ms 81ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers date Tue, 24 May 2022 04:18:57 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 3FAB Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	93ms 93ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Redirect headers date Tue, 24 May 2022 04:18:57 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET DATA	200 OK	truncated / Frame A24B	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8a0acbdcedac28b13a081e705a2d718c1fda45ff4aab855767dc850fb2955d9e Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	204 No Content	logcz.aspx inv-nets.admixer.net/	0 220 B	54ms 54ms	Image text/plain	146.0.227.109 VELIANET-AS velia...
General Check archive.org Show headers Download Go to Show image Full URL https://inv-nets.admixer.net/logcz.aspx?zone=d9675bdf-cf85-4051-92db-9ca047f83379 Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_ECDSA, AES_256_GCM Server 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Tue, 24 May 2022 04:18:57 GMT Access-Control-Allow-Credentials true Server nginx Connection keep-alive Keep-Alive timeout=25 X-Xss-Protection 0
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame AF6B	22 KB 8 KB	54ms 53ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ranges bytes age 59844 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 23 May 2022 11:41:33 GMT expires Tue, 23 May 2023 11:41:33 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	cm a.rfihub.com/ Frame 8206 Redirect Chain https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEEV7ySi-MNMnMV4RtxB4TLk&google_cver=1&google_push=AYg5qPL0NDtVa8Ck0dd5AwnvGOoAbFBfw2v5KbWI-otZX01QbtGPJ_r3SInyyF6bL6NiQQt-TBC4UbXkVuPZfrcv5nNzEnL... https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPL0NDtVa8Ck0dd5AwnvGOoAbFBfw2v5KbWI-otZX01QbtGPJ_r3SInyyF6bL6NiQQt-TBC4UbXkVuPZfrcv5nNzEnLfFMc&google_hm=NTkwNDg2Nzc1... https://a.rfihub.com/cm?pub=445&google_error=5	42 B 812 B	229ms 58ms	Image image/gif	193.0.160.129 ROCKETFUEL
General Check archive.org Show headers Download Go to Show image Full URL https://a.rfihub.com/cm?pub=445&google_error=5 Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol HTTP/1.1 Server 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US), Reverse DNS Software Jetty(9.3.29.v20201019) / Resource Hash 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292 Request headers accept-language en-GB,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Date Tue, 24 May 2022 04:18:58 GMT Cache-Control no-cache Server Jetty(9.3.29.v20201019) Content-Type image/gif Content-Length 42 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Redirect headers pragma no-cache date Tue, 24 May 2022 04:18:57 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://a.rfihub.com/cm?pub=445&google_error=5 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 247 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8206 Redirect Chain https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEA0-3SJ607XKfleud2LqL48&google_cver=1&google_push=AYg5qPKaX08AIGQ-YrXGyFnESOBdAhx9QPRKAwIFoufkUB9v3iefGM6I4FkvUokifkO79gNyavOmULhNmjj2VD... https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMTE1MjYyNzc1MDUzMzI2OA%3D%3D&google_push=AYg5qPKaX08AIGQ-YrXGyFnESOBdAhx9QPRKAwIFoufkUB9v3iefGM6I4FkvUokifkO79gNyavOmULhNmjj2VDu-Ob...	170 B 188 B	117ms 63ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMTE1MjYyNzc1MDUzMzI2OA%3D%3D&google_push=AYg5qPKaX08AIGQ-YrXGyFnESOBdAhx9QPRKAwIFoufkUB9v3iefGM6I4FkvUokifkO79gNyavOmULhNmjj2VDu-ObPzx4lx6Kk Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwMTE1MjYyNzc1MDUzMzI2OA%3D%3D&google_push=AYg5qPKaX08AIGQ-YrXGyFnESOBdAhx9QPRKAwIFoufkUB9v3iefGM6I4FkvUokifkO79gNyavOmULhNmjj2VDu-ObPzx4lx6Kk Date Tue, 24 May 2022 04:18:57 GMT Server nginx Connection keep-alive Transfer-Encoding chunked p3p policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
GET H3	200	dot.gif s0.2mdn.net/ Frame 8206	43 B 65 B	171ms 62ms	Image image/gif	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/dot.gif?google_gid=CAESENXr-i1CkDdqEW4woW2Rs34&google_cver=1&google_push=AYg5qPJWWk6SRCFlO7rvK0wZ9DUpOu8ONF5JsBFEpc8l6MiyJn5UuHezPsUtgTBHF4tPNxJjCCTnDC7kvhf_bkb628Nt3_7Nj7U Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:57 GMT x-content-type-options nosniff last-modified Sun, 01 Feb 2009 08:00:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=86400 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43 x-xss-protection 0 cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 25 May 2022 04:18:57 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8206 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOeg9FsMLZ0kShgfrv-x4Z4&google_cver=1&google_push=AYg5qPJsBwZVFnAv_MqC2hrgYOeRmVg47kCUH4wEfAw14TU2WEHgaqbhalgNKo1j-Cq6X-qi0jLbCcoj... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOeg9FsMLZ0kShgfrv-x4Z4&google_cver=1&google_push=AYg5qPJsBwZVFnAv_MqC2hrgYOeRmVg47kCUH4wEfAw14TU2WEHgaqbhalgNKo1j-Cq6X-qi0jL... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDgwMDk3OTQwMDU4MjI2Mzc4Mw&google_push=AYg5qPJsBwZVFnAv_MqC2hrgYOeRmVg47kCUH4wEfAw14TU2WEHgaqbhalgNKo1j-Cq6X-qi0jLbCc...	170 B 188 B	64ms 63ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDgwMDk3OTQwMDU4MjI2Mzc4Mw&google_push=AYg5qPJsBwZVFnAv_MqC2hrgYOeRmVg47kCUH4wEfAw14TU2WEHgaqbhalgNKo1j-Cq6X-qi0jLbCcojczYUmItXO7I2FXtnUvw Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 24 May 2022 04:18:57 GMT server nginx location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDgwMDk3OTQwMDU4MjI2Mzc4Mw&google_push=AYg5qPJsBwZVFnAv_MqC2hrgYOeRmVg47kCUH4wEfAw14TU2WEHgaqbhalgNKo1j-Cq6X-qi0jLbCcojczYUmItXO7I2FXtnUvw access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8206 Redirect Chain https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOeg9FsMLZ0kShgfrv-x4Z4&google_cver=1&google_push=AYg5qPL_YNQphIQfnkHkZuWMBEo-mD3gAHMpanXEmw2UUzVEb4PpYRSu9QxDvB54g59Rm7G7dYcaOoxw... https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOeg9FsMLZ0kShgfrv-x4Z4&google_cver=1&google_push=AYg5qPL_YNQphIQfnkHkZuWMBEo-mD3gAHMpanXEmw2UUzVEb4PpYRSu9QxDvB54g59Rm7G7dYc... https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ2NDI1MTg1NzM2MzgwNjMxNw&google_push=AYg5qPL_YNQphIQfnkHkZuWMBEo-mD3gAHMpanXEmw2UUzVEb4PpYRSu9QxDvB54g59Rm7G7dYcaOo...	170 B 188 B	65ms 65ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ2NDI1MTg1NzM2MzgwNjMxNw&google_push=AYg5qPL_YNQphIQfnkHkZuWMBEo-mD3gAHMpanXEmw2UUzVEb4PpYRSu9QxDvB54g59Rm7G7dYcaOoxwMctl259gHyHG8OLaKsM Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:58 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 24 May 2022 04:18:57 GMT server nginx location https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQ2NDI1MTg1NzM2MzgwNjMxNw&google_push=AYg5qPL_YNQphIQfnkHkZuWMBEo-mD3gAHMpanXEmw2UUzVEb4PpYRSu9QxDvB54g59Rm7G7dYcaOoxwMctl259gHyHG8OLaKsM access-control-max-age 86400 access-control-allow-methods GET access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true strict-transport-security max-age=31536000; includeSubDomains access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8206 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECnCqC8B6amXzNePS9nK99Y&google_cver=1&google_push=AYg5qPLUA0ewf5WvETdn--AYrelvRnxT_OudZF7yiGg4EdixtI2FYoCPzQVhtrktdkTO_ouBWoc... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNKTkUyRlMtMVgtN0owMQ==&google_push=AYg5qPLUA0ewf5WvETdn--AYrelvRnxT_OudZF7yiGg4EdixtI2FYoCPzQVhtrktdkTO_ouBWoca0OqhByBjfuuV-kk7VKYYqKY	170 B 188 B	63ms 63ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNKTkUyRlMtMVgtN0owMQ==&google_push=AYg5qPLUA0ewf5WvETdn--AYrelvRnxT_OudZF7yiGg4EdixtI2FYoCPzQVhtrktdkTO_ouBWoca0OqhByBjfuuV-kk7VKYYqKY Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNKTkUyRlMtMVgtN0owMQ==&google_push=AYg5qPLUA0ewf5WvETdn--AYrelvRnxT_OudZF7yiGg4EdixtI2FYoCPzQVhtrktdkTO_ouBWoca0OqhByBjfuuV-kk7VKYYqKY Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 4b510f0cc5fcbc9800016ef543086418 Expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 8206 Redirect Chain https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDAiFBfQTQ0OAAvfGzVOX3Y&google_cver=1&google_push=AYg5qPJ4retooljmd5rgv7gDhv-34zkEuxMyVr24ooXpbJTFACQdBiJstyXHGMx1_-DZVGgnEx... https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDAiFBfQTQ0OAAvfGzVOX3Y&google_cver=1&google_push=AYg5qPJ4retooljmd5rgv7gDhv-34zkEuxMyVr24ooXpbJTFACQdBiJstyXHGMx1_-DZVGgnEx... https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Mc2kuZzN4RTJ1R1Z4SkYudEpjamMwN2dWTG84amNFWn5B&google_push=AYg5qPJ4retooljmd5rgv7gDhv-34zkEuxMyVr24ooXpbJTFACQdBiJst...	170 B 188 B	63ms 63ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Mc2kuZzN4RTJ1R1Z4SkYudEpjamMwN2dWTG84amNFWn5B&google_push=AYg5qPJ4retooljmd5rgv7gDhv-34zkEuxMyVr24ooXpbJTFACQdBiJstyXHGMx1_-DZVGgnExEX84Ad9TK6x3RWZpu2_boa50ez Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1Mc2kuZzN4RTJ1R1Z4SkYudEpjamMwN2dWTG84amNFWn5B&google_push=AYg5qPJ4retooljmd5rgv7gDhv-34zkEuxMyVr24ooXpbJTFACQdBiJstyXHGMx1_-DZVGgnExEX84Ad9TK6x3RWZpu2_boa50ez date Tue, 24 May 2022 04:18:57 GMT server ATS/9.1.0.46 age 0 content-length 0 strict-transport-security max-age=31536000 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 8206	0 232 B	76ms 62ms	Image text/html	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuCQ6WRNVWmVkxWsGYebUwmbUuNJQls-IdmObd7zE5lbe4Ll7Z6HooZHgtJx_VzJhCou1Jpg Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:57 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame E7C7	42 B 64 B	87ms 87ms	Fetch image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnQe6ahEhL9JgWXwgC3s62X_CJ9Eev01oLhXhCgXb_hhEhbzz9fp6y_T8dmuv4hPJvBLSQ4aeqWr9ZpCYxA_oX&sig=Cg0ArKJSzN9ueKOZDnRUEAE&id=lidar2&mcvt=1013&p=0,0,250,300&mtos=1013,1013,1013,1013,1013&tos=1013,0,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=749833915&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653365935873&rpt=795&met=ie&wmsd=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:57 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/2753383143326280557/ Frame A4DB	38 KB 6 KB	99ms 54ms	Document text/html	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash de24e1eed5d9105cafd245df0b2ee43e6f3a900c77c862dbcd6c9b10fbc9dc56 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 101273 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5784 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Mon, 23 May 2022 00:11:04 GMT expires Tue, 23 May 2023 00:11:04 GMT last-modified Wed, 09 Mar 2022 16:20:37 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
POST H2	200	view googleads4.g.doubleclick.net/pcs/ Frame A24B	0 622 B	226ms 96ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6zBzar-bPF7pWmAH9688ttIO2JnOm1tbvG8H1H67rjXZoX-AWJH64iDYdzZccmn_1q7YNXbU_IFwq4m1Y3RTGoydiXpvNTixPzIUN3JZdLk8r7IMZYep0pq5Qf1bMelEDlYjnY6KgvnXw1rLJZw2JbS9y7eUZu4Pf9sMQhEA7JEOJJvHsGlDHO9jMNiFsnu4_fcl9Psvy78kvGjWz5Oq-dVn6HnKFWqBD7YbxKMo7rfSbok-jjPaEDf7neCo7schjRb6xKatnkROEu1aze2_DegpOTu40eAvU6c9mhFlZ216-lnGlxH7iP6-Sao56v4X0mlSA9U8JYPuv0n2Mw7fy6Atecv-MfKx_dXCp4tgrPkRoWnRWSKYfg7k3v33z3mZztjhW3xr2SS_ByfMbOEXfNRujM5xSq_pjDFqfIWaIoBgJAAl23SGZJNFldbEpKlRSn-GA-8LY8CicrWCJfXxA2_c5C8XcxNz3XLmDnCsiuclinC6X2Xt0PpVuRld8gnR81LGDVVLGjWtQVuqTl0JjLZJkXA0LttN322Tpc06pGLc-Zi5mImYDQ4xwA2Tk7nOkAUf04sS5mKdBlD_Ie-jSIpn6b5x5Ob_b2V70QgVTDgWxvf7t_EqRpanrDhd5ek9xGIZUPCQYX3pKFiFqKsuC69ypUAwcQjakqP_oE2X-3_Vi3rL_qc2MCL7f9URka1k_ymnFaJHUQv7quZ-9gEnAWVw5OmJxlIZC-BjS3Cj24a8fWWOwSGnSXlhYK6bjrWcupwKfoODclogda0jnNoh6c1g_dWppPqZst0flcnBKfOEPIVe2PqAfGCwrw7dLIBeYSD26mAuLTW6Z_8yJsGCsMaMo1HUqWHtzjEvP8ng8t8SWfNn-eQ7y3z1W9lyiuQ8jQokEobBAVtkV6b3hJzsW8_LiF0fas1Rpw1EsMY6Q9Pi8rWvsiDHim1x8yP50SHipuC9-QOH5jB_-QJwb1JMmIMD7Mopv0NPIvwVKrHwRvH4rMh1gWHjJVEhaQxqMMXDL2hiiSsyLoYGi-uzih0xqLzAJlspICEOntRR5YXFkP0MvVw7U_ZIjnjqu6dlRfk9_7onBjmYgzFMeyWxjhJEDGduLJpguXiMsKc7w002s8funn2XkjJ4Zm_g0PGUpZgeHyLDaLuewfU3Ap6TLxYgyfwU&sai=AMfl-YRWk--rUOtkcyoNFFVuSPTdMI9tZ63uJ3ty1dBXpjr3qTZ2DhjlsXMd9e9W3Bx5oFSEJRnDuhpBbDq7IzUro09eOs9_3sozERBTYJrZGkd_YTlUjRyURWEZY5FhcAzjcW6asUGUXh3fFCkAtB00ex52e134TaOR7q1koaiDVQdibHO81bLiLlmPZ-P4YK1GjXzyjzRN-2JUuc8CpPuwQs08dISeAbv9kq0jGBMDF8fkUIwOuc708KLbCx9zGds2VtqrNUy_e1Rh9HCVYtgOu0C7u6Ibt4X6OvhWbRo5eSyu&sig=Cg0ArKJSzFcM04WUm-4HEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=280&cbvp=1&cstd=278&cisv=r20220518.27803&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl= Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 date Tue, 24 May 2022 04:18:57 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response pagead2.googlesyndication.com/bg/ Frame AF6B	35 KB 13 KB	54ms 53ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 21:21:38 GMT content-encoding br x-content-type-options nosniff age 25039 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13771 x-xss-protection 0 last-modified Tue, 17 May 2022 14:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 23 May 2023 21:21:38 GMT
POST H2	200	all csm.eu.criteo.net/ Frame 7432	0 127 B	57ms 57ms	Ping text/plain	178.250.2.150 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=AtrTMUj3fnc0FoRqUJr_TPsndQjnpYQm4IDFoVYMUKasVUvn6TMNqp17vL7-FUXjabOLFdA75uGPnfR1EcR9yXis1ZEw6OfYTi8dPHzqWCRLPPaVPhs6iDZ6lYR3sUufTCmCDK2Dy4Tfpl95HdGSPtx3LQYFEEIkDHIxq2ZL9XnfHYBnVpnnWOVTukxBdcmjOXYrzWX8jGh_GFNhdIRjOU90c__iAvNYCoq5I-yM-B1aF68SMuiXBIEJtacq_4LfxAXObA&sds=2&rev=81571&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOnS0KmqcKAAjXXTLYOrWMG_7scHJ3Ug&u=%7ClrN9DnZIMNfWlJBaV9kxNX2wPf%2BFXsS%2Bmptl%2FHoR%2FHo%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD5dtzg65u47GLpITaeszFI2gD5TBFxjhRhp4n-7JdJ7PPAgJYDQKc9yaYvzMLLNMwnq7hv6UZY8nWEv_I2LhC6U9pK8nnSh9GkvLt7K9eeNkBe9YhvDC-W1i36eHj2EYv_OnwDukvywJ303dGjjAb635oVtppFlIbbUJ-zZzckapWJXnLkw6iLR4tYYiEN40fM53c7Wfol0Z_Ngj-6F2oxjCIfQsj2Ckd3Zo4VgzGbghGl0qJfD7xjXuK4G59WQmOU6bw9pgPyVkjSnvhuqiCK4LKJTJ8B22CXNDrjuEENsvS4fj7-TMpDR_ol_qIZXkCGp7InMc9jHcUnPOkjTKeCtk-6aHXlMaTSAeJyNrMzTE4zV-Unycm6HpjC684scAyouQJ23S8lCgKgJOhavmKGcMelZCESLj-bMF1vUTrZuSIHnXE69aoXgwkKCTWBkPZonbX7tGOqA2w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2XDOr1yMYq26OorO6gTdrqPAA8me0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakCaKI22w3lsT6oAwGqBLABT9DCQOA3F1LfMzFeprk2Vr6q2vgdktIQMtmnus1u5pI3T3_pLepjRsjqlNRkWx58XrhNUD971C26fW-yEpESJVOQ3hCIRpd135q66fEttFD8Wth8X5Dqbwn5dH6k2SIvc-BwMSN58EslIc_NM5S0Ea-z1o6vgi_FHMNXbVoo0uRaIijkm13jmOBie-PneNY6zke7LhX7729ul6Cri69PK5zFKbisEDnRTx8IyNLeR6yABrKJkaLm_rq4H6AGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1fa1wdqI7PdLzshyN5OD9fOUJ-5A%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Tue, 24 May 2022 04:18:57 GMT cross-origin-resource-policy cross-origin server Finatra content-length 0 strict-transport-security max-age=31536000; preload;
POST H2	200	all csm.eu.criteo.net/ Frame 8745	0 127 B	57ms 57ms	Ping text/plain	178.250.2.150 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Full URL https://csm.eu.criteo.net/all?cppv=3&cpp=qkoxTEj3fnc0FoRqrns47O4u9fu0VS4q_Ne1Vi3Trmwhz2yJkzXOxYtxUYlJewHP8EwxMjqpJBAbIiqdfCB1ZjQv0d18NjuOzAikQFwY9H8pIJETD1bTLAtn7ofHp64Oo5Rt18OIVzzVYcv5r17PPtrQO95wM28VAABqW06Dp_zIlqcLg64aix_46kCe4Axz6YO8yrX5S6CqXPkVlchFK6Gfot9DP7jN9u22fiVK_WKMxw17s_ABtaCeB3AZKQogXQ-92Q&sds=2&rev=81571&sendBeacon=true Requested by Host: ads.eu.criteo.com URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YoxcrwAOMuYKmpWOAAkMbZFE0Gmt6iN5ffaEBg&u=%7ClrN9DnZIMNfBC57332bs3jmnZ21jy5hPXM2nxoNdfow%3D%7C&c1=0n2XosTo5cm_tfHJjNi5fEy4DzrWVmZwmkt4eP72VD6mTtaykQo6PG6C6f--GT7EED9pk1WyDbmWK608BvppvzDDn169oHYdaxdqS6CklVrehje3Shnjb2WG7sh4xskloQx6BY7noEhyWVeCoSkzjyd0U_RMHGHgYV9XeBFw7lClNcRPyfNqacs51A_g6FQR1a6VC2qUsVZB0-OPkqRovLaKZIfm8wCgRhbja0I5vt5r7e46k8npEhP09yx2NGcxVVDTds_1a-Tk4x-_ZD9otVTARh-2ZrzK__o3-dgIPzLmaViQ7N6OiTZJ9LlH7fhcmhRU7nYK8Eb_eK1cy3p3-fyu_Ig5rA-LNRkzIbJuCpi064bl2rWXeAnMSU2-e5t5_HGbD8P-D_ZAJrLwz5kV0VbByR5ddybEIEit8fxLH4UZELXpKv63gf066b27XWq6ckpV-ksXc6UekxM-uSIuAsZTrNp0mTmr7zCr3naERRY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCCjAJr1yMYublOI6r6gTtmKSYCMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0zNzU1NjYyMTk3Mzg2MjY5oAHVttLqA8gBCakC_tKoKWXssT6oAwGqBLIBT9AALRgfXYF9ifbOwjvDpllQ4dCAZF-69ZeFKRGgkIpTR6saC6XJyOe7F0DTGWN5tVC36JbcyuaJWcgFfiheSilf1yDdamFtsd9xw_ezYsgit_NxRxW1TY9GA7cGLScodJuACrvHMERxbkZX5Ecwx_mJRpcbeySTjQ17u5jVfj0cRcz98TFJte3mU1fw2qJRZ3Oe6NvQSpC1aubJbxeYYH7M3DYmILQ83YAca-zUmU50e4AGsomRoub-urgfoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1RVG7RjJkI-GvdXm14yCXlywvNsQ%26client%3Dca-pub-3755662197386269%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS Software Finatra / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers Referer https://ads.eu.criteo.com/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin * date Tue, 24 May 2022 04:18:56 GMT cross-origin-resource-policy cross-origin server Finatra content-length 0 strict-transport-security max-age=31536000; preload;
GET H3	200	a8355064648aa7a1ab68278019a58f4a.js Show response s0.2mdn.net/sadbundle/2753383143326280557/ Frame A4DB	65 KB 17 KB	55ms 55ms	Script application/x-javascript	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/a8355064648aa7a1ab68278019a58f4a.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 096ddcd6353390a194d3a68b5f7c2fbf5ccf142dbb32421c927042af27e9c400 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 00:56:55 GMT content-encoding gzip x-content-type-options nosniff age 12122 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17337 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 24 May 2023 00:56:55 GMT
GET H3	200	62cb648c2b03099a9d7af6cb0f943ca4.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	4 KB 2 KB	56ms 56ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/62cb648c2b03099a9d7af6cb0f943ca4.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a1a7e0734e57be7f5ca3f90c5e30ac070e93a1f2f55100884920da36aaf57705 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 02:14:22 GMT content-encoding gzip x-content-type-options nosniff age 7475 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1717 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 24 May 2023 02:14:22 GMT
GET H3	200	9b623992979c2c99451765094199c43a.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	1 KB 709 B	57ms 57ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/9b623992979c2c99451765094199c43a.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b3ae1be851de91fea1d6c42b19df2f1a35df8fa626b30c879b090324eda44ce6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 17 May 2022 13:38:58 GMT content-encoding gzip x-content-type-options nosniff age 571199 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 680 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 17 May 2023 13:38:58 GMT
GET H3	200	3212338bb0be0b574ad231e216e32f4c.jpg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	6 KB 6 KB	58ms 57ms	Image image/jpeg	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/3212338bb0be0b574ad231e216e32f4c.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1e01229bbb5b2f75d84278ab92afb8d3613223493bb7f58700b7f26b5bd7c71d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 22:01:19 GMT x-content-type-options nosniff age 22658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6140 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 May 2023 22:01:19 GMT
GET H3	200	0e882d2e9d695c89581c4d3d88957eec.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	3 KB 990 B	63ms 62ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/0e882d2e9d695c89581c4d3d88957eec.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8cca43627e4d80bb78c2437c793b99da78310efaf2d7f6d041671c73d3a693f3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 23:01:46 GMT content-encoding gzip x-content-type-options nosniff age 19031 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 961 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 May 2023 23:01:46 GMT
GET H3	200	46a20774c1da411f51bca4b8ca9b3774.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	2 KB 751 B	63ms 62ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/46a20774c1da411f51bca4b8ca9b3774.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 475316d3002b7bf04d39e01825b8443b2748411e616908cbc2a87e49faa1f1ef Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 17 May 2022 05:45:52 GMT content-encoding gzip x-content-type-options nosniff age 599585 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 722 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 17 May 2023 05:45:52 GMT
GET H3	200	41086e9e644dfd6edb1dee1a27276fbe.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	1 KB 518 B	64ms 62ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/41086e9e644dfd6edb1dee1a27276fbe.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 06e0e91a01af508f9eb830feafe8dbf0b381e0333ce3667489e6cf48809c927b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:13:54 GMT content-encoding gzip x-content-type-options nosniff age 303 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 489 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 24 May 2023 04:13:54 GMT
GET H3	200	edab4929a40146fb821d586457d137e6.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	5 KB 2 KB	72ms 70ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/edab4929a40146fb821d586457d137e6.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e5c486bf7d530918b59fe569c9b232ff2356ec265bdd25c3977a4dbbd9da123e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 22 May 2022 14:06:32 GMT content-encoding gzip x-content-type-options nosniff age 137545 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1633 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 22 May 2023 14:06:32 GMT
GET H3	200	756d757e6528c3a0a9338cc41f9a61b1.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	299 B 256 B	66ms 64ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/756d757e6528c3a0a9338cc41f9a61b1.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 572bc0584a0476c0e03db0b475dcf119873378e8e950ddd66ba027264432f2b2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 17 May 2022 16:38:26 GMT content-encoding gzip x-content-type-options nosniff age 560431 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 227 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 17 May 2023 16:38:26 GMT
GET H3	200	9c31fe11844006970ffaccbcad1fd41f.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	4 KB 2 KB	71ms 69ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/9c31fe11844006970ffaccbcad1fd41f.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 43a9a2154c658cf0a3a1aebe3d5ce4ea817564fc27e85b90f2651cf46f37deda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 17 May 2022 07:35:12 GMT content-encoding gzip x-content-type-options nosniff age 593025 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1712 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 17 May 2023 07:35:12 GMT
GET H3	200	20cd3c9c87a3dcad42074ff89b4391e0.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	8 KB 2 KB	69ms 67ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/20cd3c9c87a3dcad42074ff89b4391e0.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 16dde9a1942cbd39c1f882ebd1e6f3768b933c64051c589feb1243c4fcd050ba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Sun, 22 May 2022 14:06:32 GMT content-encoding gzip x-content-type-options nosniff age 137545 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2458 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 22 May 2023 14:06:32 GMT
GET H3	200	ccddd80afeb32369f13a2e1a87086966.png s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	2 KB 2 KB	65ms 64ms	Image image/png	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/ccddd80afeb32369f13a2e1a87086966.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1b78344a18cc46582ecbd6c65057aa0d36c76a8f2d9d23a738eba4a905f27a51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 13:52:26 GMT x-content-type-options nosniff age 51991 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1855 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 May 2023 13:52:26 GMT
GET H3	200	d4759bcbd6e2fc771310419f7fc638e2.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	921 B 432 B	77ms 75ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/d4759bcbd6e2fc771310419f7fc638e2.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1cf6723bc6fdabc360afa8360ff6fa68bbaf5678344c2ef5367019c1c68f9e39 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 22:01:19 GMT content-encoding gzip x-content-type-options nosniff age 22658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 394 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 May 2023 22:01:19 GMT
GET H3	200	2b6305a7c8bdb2e12dccb485473bf946.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	333 B 272 B	76ms 74ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/2b6305a7c8bdb2e12dccb485473bf946.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9d99d5dc2e523d10581441a4c4de7cf29527063bd6c1198f601f863ceba76913 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 00:16:11 GMT content-encoding gzip x-content-type-options nosniff age 14566 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 234 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 24 May 2023 00:16:11 GMT
GET H3	200	563d35e070b536fe99ac6f90cc143021.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	262 B 226 B	73ms 71ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/563d35e070b536fe99ac6f90cc143021.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4f824255471c27fa4d1711fb3dc95cd1abb01d4267cddb88a80da9de0ad9e568 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 22:01:19 GMT content-encoding gzip x-content-type-options nosniff age 22658 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 190 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 May 2023 22:01:19 GMT
GET H3	200	14e32be1039d7747a8b5345c4a4b813f.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	764 B 481 B	73ms 71ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/14e32be1039d7747a8b5345c4a4b813f.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bb609adfb919b1b06ba838c242ceeb6351bdfd1917ac381e841b3c68c107fd94 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 02:10:26 GMT content-encoding gzip x-content-type-options nosniff age 7711 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 444 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 24 May 2023 02:10:26 GMT
GET H3	200	0cde5efc0567bcab21474422961ea657.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	904 B 409 B	76ms 74ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/0cde5efc0567bcab21474422961ea657.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ce4076cd760ba035ee9d326f3a1bf9157dfeac50fb058a9aedfe53b2fd10ad91 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 13:40:40 GMT content-encoding gzip x-content-type-options nosniff age 52697 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 371 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 May 2023 13:40:40 GMT
GET H3	200	e2b684e2986ea6141e36de2511a816c1.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	1 KB 634 B	72ms 70ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/e2b684e2986ea6141e36de2511a816c1.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0aca9d549981e9a27a786545ba75fed3bc70738752aa299e95af6669f199464a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Wed, 18 May 2022 16:21:54 GMT content-encoding gzip x-content-type-options nosniff age 475023 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 598 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 18 May 2023 16:21:54 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame AF6B	0 20 B	89ms 88ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BS7R9sFyMYumNMqmZrASr0JHICgAAAAA4AeAEAg&bg=!urmluf3NAAZ4vKt9WLw7ACkAdvg8WtwN7ufe3lmu59ChwF5wJjHHH2phOzlM8ldg6Ys0AaDuRbLIzgIAAABUUgAAAAJoAQeZAuVOwHISZv5dnEGF-BR1xo5-8Ef0Mh2bMXszHyqkHuC0ega7nWVXdQCJ3S_CAHZQ0rUelYgO17PoJeQVXTl4sf8FtpHMAi9qg0YizgLFvUN5ht-YLPuuGCFilIo6viymEuplSYB1f-CJh5saHtttAzeybB87JDOBxGAN_iRcAZbGbh4cjXjt3KuzuUBNSoxwWJiIEJ9CukBEfQLqadsv8mdPxoR3jFnxYyuEe7tfGuOATRXNMtJ94UGxVj3Q3osF4Xvg28TRwQXfRJOej_n81vvGY0OWBbOac5VhixFXniI34n7bEFyb8hOpbjK-EGt2aCL-ONoms3MFOqgwS0wDn6Ueehy7PASuz2VGifmoV_KE41spN-o9hY6OAj3ly9gl37JscjPbyGfXiehZINlozhvj5i6jS6yqi08q_q--Eph2FpbFSZc53vI6yXTBBP5pwh-6WjdLj-dcNvZHoGjj6JLtdhBmSV3z5S3aPz3GMo9Q80BdYz9FBW1tfsgystis-wsjSo0yZ9g4-pq6cTmhTxjuy_sK-BV5leNqAZ6eWryFVsKsguZMOQYnfnXXh0dXVtJfzKHUUAnJ0yY8SRAgaaT_a8ai8BGs3N4sng7FhxQl4IuHb90nz6s4rL5Ax4--0O4inYEFZVIuku1HFCrBQ5BokM1QkrjUql-qADg6bwzIvQ9BqmNQnPQppy-G75TzEofeaW6JzpJrzbG37dBMhxexZyV4q1RNLScZy0lHWD8B_ME-FuMUgbEpoK7gf4ZhPfDGzX7TK3QWPWbA7vblUn6Td7qe2Bmbn6FEWYd5n295eYQx4dIQXLYBiMJn8Htv3rhhnCs50lSvzMW4ks9kt_vuaKtYo2TcQc-AGE2nCwhX21FsuiVCC9u8ABo1nheNMOheynj5Y-zcERRHB4oB-O1YuxRlY81XHlEN1WsASuLl9Chxbz-UZf5Nd_OqY0AL-ksXM5ffxAnvhLk-TPKeQk9aeDInf0Y Requested by Host: 586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com URL: https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:57 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	1f919b0412977966595ef751686a6826.svg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	4 KB 1 KB	54ms 54ms	Image image/svg+xml	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/1f919b0412977966595ef751686a6826.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c24a4ad3d4e23f8037feb38744e17fabeb0c2d3b5714c049d091dfc5f6811280 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 13:46:07 GMT content-encoding gzip x-content-type-options nosniff age 52370 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1396 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 23 May 2023 13:46:07 GMT
GET H3	200	16e2073035968668e0268512ee5031a5.jpg s0.2mdn.net/sadbundle/2753383143326280557/media/ Frame A4DB	17 KB 17 KB	55ms 55ms	Image image/jpeg	2a00:1450:4001:80e::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2753383143326280557/media/16e2073035968668e0268512ee5031a5.jpg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2753383143326280557/index.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bfd1106b87f96ff783e71e722d5ea8cd707006bca6b293d2860c20e03cf864e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/2753383143326280557/index.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 01:04:38 GMT x-content-type-options nosniff age 11659 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 17252 x-xss-protection 0 last-modified Wed, 09 Mar 2022 16:20:37 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Wed, 24 May 2023 01:04:38 GMT
POST H3	200	view googleads4.g.doubleclick.net/pcs/ Frame A24B	0 26 B	200ms 91ms	Ping image/gif	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu6zBzar-bPF7pWmAH9688ttIO2JnOm1tbvG8H1H67rjXZoX-AWJH64iDYdzZccmn_1q7YNXbU_IFwq4m1Y3RTGoydiXpvNTixPzIUN3JZdLk8r7IMZYep0pq5Qf1bMelEDlYjnY6KgvnXw1rLJZw2JbS9y7eUZu4Pf9sMQhEA7JEOJJvHsGlDHO9jMNiFsnu4_fcl9Psvy78kvGjWz5Oq-dVn6HnKFWqBD7YbxKMo7rfSbok-jjPaEDf7neCo7schjRb6xKatnkROEu1aze2_DegpOTu40eAvU6c9mhFlZ216-lnGlxH7iP6-Sao56v4X0mlSA9U8JYPuv0n2Mw7fy6Atecv-MfKx_dXCp4tgrPkRoWnRWSKYfg7k3v33z3mZztjhW3xr2SS_ByfMbOEXfNRujM5xSq_pjDFqfIWaIoBgJAAl23SGZJNFldbEpKlRSn-GA-8LY8CicrWCJfXxA2_c5C8XcxNz3XLmDnCsiuclinC6X2Xt0PpVuRld8gnR81LGDVVLGjWtQVuqTl0JjLZJkXA0LttN322Tpc06pGLc-Zi5mImYDQ4xwA2Tk7nOkAUf04sS5mKdBlD_Ie-jSIpn6b5x5Ob_b2V70QgVTDgWxvf7t_EqRpanrDhd5ek9xGIZUPCQYX3pKFiFqKsuC69ypUAwcQjakqP_oE2X-3_Vi3rL_qc2MCL7f9URka1k_ymnFaJHUQv7quZ-9gEnAWVw5OmJxlIZC-BjS3Cj24a8fWWOwSGnSXlhYK6bjrWcupwKfoODclogda0jnNoh6c1g_dWppPqZst0flcnBKfOEPIVe2PqAfGCwrw7dLIBeYSD26mAuLTW6Z_8yJsGCsMaMo1HUqWHtzjEvP8ng8t8SWfNn-eQ7y3z1W9lyiuQ8jQokEobBAVtkV6b3hJzsW8_LiF0fas1Rpw1EsMY6Q9Pi8rWvsiDHim1x8yP50SHipuC9-QOH5jB_-QJwb1JMmIMD7Mopv0NPIvwVKrHwRvH4rMh1gWHjJVEhaQxqMMXDL2hiiSsyLoYGi-uzih0xqLzAJlspICEOntRR5YXFkP0MvVw7U_ZIjnjqu6dlRfk9_7onBjmYgzFMeyWxjhJEDGduLJpguXiMsKc7w002s8funn2XkjJ4Zm_g0PGUpZgeHyLDaLuewfU3Ap6TLxYgyfwU&sai=AMfl-YRWk--rUOtkcyoNFFVuSPTdMI9tZ63uJ3ty1dBXpjr3qTZ2DhjlsXMd9e9W3Bx5oFSEJRnDuhpBbDq7IzUro09eOs9_3sozERBTYJrZGkd_YTlUjRyURWEZY5FhcAzjcW6asUGUXh3fFCkAtB00ex52e134TaOR7q1koaiDVQdibHO81bLiLlmPZ-P4YK1GjXzyjzRN-2JUuc8CpPuwQs08dISeAbv9kq0jGBMDF8fkUIwOuc708KLbCx9zGds2VtqrNUy_e1Rh9HCVYtgOu0C7u6Ibt4X6OvhWbRo5eSyu&sig=Cg0ArKJSzFcM04WUm-4HEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=618&vt=11&dtpt=338&dett=3&cstd=278&cisv=r20220518.27803&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl= Requested by Host: ivona.ua URL: https://ivona.ua/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://586aa1bb4232f5e3f485c349556a5057.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Tue, 24 May 2022 04:18:58 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 server cafe
GET H3	200	/ www.facebook.com/login/ Frame 7232 Redirect Chain https://www.facebook.com/v3.1/plugins/page.php?adapt_container_width=true&app_id=1797034293858937&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2a... https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook...	0 0	188ms 188ms	Document text/html	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2abe947b7d5634%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff21c951d1405d2%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline Requested by Host: connect.facebook.net URL: https://connect.facebook.net/uk_UA/sdk.js?hash=bc83bb62781b1c4c9a4e0dde91bb2b78 Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer about:blank Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-encoding br content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none date Tue, 24 May 2022 04:18:58 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT pragma no-cache priority u=0 strict-transport-security max-age=15552000; preload vary Accept-Encoding x-content-type-options nosniff x-fb-debug 6sP4o2TCfv8ra6vq81o5+Z2AZW8OqMBc9xcWnhSkPc4k2IOtmGoXqmYv2fMcr5ZgHiH0kCUfxVu3BMXFfAz21Q== x-fb-rlafr 0 x-frame-options DENY x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control private, no-cache, no-store, must-revalidate content-length 0 content-security-policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; content-security-policy-report-only default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-type text/html; charset="utf-8" cross-origin-opener-policy unsafe-none date Tue, 24 May 2022 04:18:58 GMT document-policy force-load-at-top expires Sat, 01 Jan 2000 00:00:00 GMT facebook-api-version v7.0 location https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df2abe947b7d5634%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff21c951d1405d2%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline pragma no-cache priority u=3,i strict-transport-security max-age=15552000; preload x-content-type-options nosniff x-fb-debug 9WYCNSg4JugHyQr3jevB1Ko3szgYq0Aqkx/4cMauWrmMTenFXa+OF/tK7Ve14KO/namBErCYl1+k/nzWY2Y69A== x-fb-rlafr 0 x-xss-protection 0
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	14 KB 11 KB	67ms 67ms	XHR application/json	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220518&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067738 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c572d318a79abca677f9ad2901a863e2afac45b2c0c4fd87e23c44a61eecb3bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers timing-allow-origin * date Tue, 24 May 2022 04:18:58 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 10767 x-xss-protection 0
GET DATA	200 OK	truncated /	287 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/svg+xml
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	75ms 74ms	Script text/javascript	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205230101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua&bust=31067738 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:58 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Tue, 24 May 2022 04:18:58 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 67C3	13 KB 5 KB	54ms 53ms	Document text/html	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://ivona.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers accept-ranges bytes age 7450 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 24 May 2022 02:14:48 GMT expires Wed, 24 May 2023 02:14:48 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	aframe Show response www.google.com/recaptcha/api2/ Frame EFFC	783 B 535 B	64ms 64ms	Document text/html	2a00:1450:4001:80f::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 7f9219e6b9c4f5d3fbcfd7e28304c68acb2856f0263d6033062c9bee4f7a7f26 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-200jH6tHvVuvpb3m2QD2Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://ivona.ua/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private, max-age=300 content-encoding gzip content-length 513 content-security-policy script-src 'report-sample' 'nonce-200jH6tHvVuvpb3m2QD2Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Tue, 24 May 2022 04:18:58 GMT expires Tue, 24 May 2022 04:18:58 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response pagead2.googlesyndication.com/bg/ Frame 67C3	35 KB 13 KB	54ms 54ms	Script text/javascript	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 21:21:38 GMT content-encoding br x-content-type-options nosniff age 25040 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13771 x-xss-protection 0 last-modified Tue, 17 May 2022 14:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 23 May 2023 21:21:38 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame EFFC	0 0	107ms 106ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220518&jk=493688156032542&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 67C3	0 9 B	54ms 53ms	Image text/plain	2a00:1450:4001:831::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?3L4MwA Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:58 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0
GET H3	200	activeview pagead2.googlesyndication.com/pcs/ Frame 3FAB	42 B 64 B	95ms 95ms	Image image/gif	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv76wsDRA-sYIstmeprrkC7JtvYDzoxE4eeV3pQdR5j1rWEF7ntYeCzMLjZSoSc2L6KEqkiwPkGHdNSrlubkzyMPxDg3wBqbUV2qG1cCC4NygimcfNBQfLV_1ASpSEJ4alsyS2y-LJKZjHDAG57fzg&sai=AMfl-YTR_NEvK-u6peJXkEGtSjUm-AvmiM1J75OkUNlaJbEgmJDtLhP9xOa_iCqcnITWG6bN0K21lxryjVRDI3pdQ9ceViGNdiIVVXTFI_FS9hAgNfiAZ78u8nuVrv-n&sig=Cg0ArKJSzCy6lXux7TB7EAE&cid=CAASF-RoPs5rs5x53IeZs434HgQy8VWK3CTl&id=ampim&o=0,950&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=451&tls=1451&g=100&h=100&tt=1451&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1598591618 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers pragma no-cache date Tue, 24 May 2022 04:18:58 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	106ms 105ms	Image text/html	2a00:1450:4001:80f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220518&jk=493688156032542&bg=!lJell9PNAAZ4vKt9WLw7ACkAdvg8WnrneLsEt01SK5ug3ka0Gq2r1WVi8evPEGHJ-lRp4rdRO13ipQIAAABaUgAAAAJoAQcKAAsHZcRBlYVMYySy65kCnv5rJ_Ibu27DcA9rk6OyxHgaQvQhV_Rljk5oP8FK8NPWXjJJDE7Q-b_NwxetFUpLYr1ZWvaP2Oixm7u5jTtn52sSAvnaLDaRDVxJoBq-YC0KHjdMY-4--Vn5jjtxZLyIcb_at6zO9lcXnydvPYBHIW1O2Kwq6186y4CxQ73lflRexetPN-Nkzu9YBMp71EYacAKGNbQJTw7fVVjIYWcm6vIM9tZC2IN_gW5NkjIsjP6CEKWatc5lR-Ef8p5khulRW6j4F38uDSwYC1GcYt4ZQAJb60Sc3qB4pm_w-E6kl2ZtgEsths9PvCn9k-Nvl6_kG1l7xCqsYSGomZNrS5CIBrJThcs7fU0zbZqHcmowWWoLSs6JDaRcSQG3sV52EWktREj0Au9YSzL4-hrM-FE13HQYkJBRm2fHKRDrjO-slEAriJNH6RQtJtkAHsU46FpUPc9pvKsjEtOsQZ0Ul1WIE28neUo1kLdu-bM3mfmkApR4YHSQlsICuhyWBqxJxpARnSdsElLjFWFFsYXeDXFTdwjiDJCQmq5g2taEW9mtsKmUasuq7XlzfckvUvJg87hkMjAvLssulae0nADjeYqfPxufrd10p8zkyaHb-Lm2D3aJw7SkMGJrfKoWE90haxONuqkjXg5vVBVKew5hQ7NwT1dP2sHdQHYxgd_BP6MHPl0ovTHiODvAc_ALZ3NgvV7vYF4vfGUOXEea1xb-zOYU-JGb1HxrGIOvtvXIp3f9fpmECFt0zZzgy7B6m6ChPajDc_-CEQU_bjzpDm0Ici3FOOejwzZ7QPEncibrAPH7Y2sXptYL63epbz5r4OAecmp1VWMVCwNXz_Jcn83MwEtr-Dr6_AjoLOdipc-NUioZBMzbfcXUmj5nR0ghvvWp5lw Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers
GET H2	200	img pix.eu.criteo.net/img/ Frame 7432	5 KB 5 KB	57ms 57ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fi%2Fn%2Finstytutumn-c-erum-anti-wrinkle-brightening-gesichtsserum-30-ml-7640162870252.jpg&v=3&w=800&s=d1CYGWW5f5TdW7mC_y0yqDtk&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash b3cd65a4f945b5d8b2766b947eda115924f0577b5eb2fdd84b18d0f13b7c3486 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:59 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=57378 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 5200 expires Tue, 24 May 2022 20:15:19 GMT
GET H2	200	img pix.eu.criteo.net/img/ Frame 8745	5 KB 5 KB	57ms 57ms	Image image/webp	178.250.0.139 ASN-CRITEO-EUROPE
General Check archive.org Show headers Download Go to Show image Full URL https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=10309&q=80&r=0&u=https%3A%2F%2Fcdn.flaconi.de%2Fmedia%2Fcatalog%2Fproduct%2Fi%2Fn%2Finstytutumn-c-erum-anti-wrinkle-brightening-gesichtsserum-30-ml-7640162870252.jpg&v=3&w=400&s=zhTgv-pMvjDM_3LLVx1oEFrv&b=400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR), Reverse DNS pix.par.vip.prod.criteo.com Software Finatra / Resource Hash b3cd65a4f945b5d8b2766b947eda115924f0577b5eb2fdd84b18d0f13b7c3486 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; Request headers accept-language en-GB,en;q=0.9 Referer https://ads.eu.criteo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Tue, 24 May 2022 04:18:59 GMT last-modified Wed, 4 Jun 2008 06:06:06 GMT server Finatra vary Origin content-type image/webp cache-control public, max-age=57378 cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; preload; timing-allow-origin * content-length 5200 expires Tue, 24 May 2022 20:15:19 GMT
GET H2	200	1227eb683f421e385122c0b22657ada3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg i.ivona.ua/i/63/07/59/5/6307595/image_main/	140 KB 141 KB	56ms 56ms	Image image/jpeg	143.204.215.125 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://i.ivona.ua/i/63/07/59/5/6307595/image_main/1227eb683f421e385122c0b22657ada3-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 143.204.215.125 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-143-204-215-125.fra53.r.cloudfront.net Software AmazonS3 / Resource Hash 730f99390dc121b3a365734afbd15b78de553434351dd12b0c53e9ca0dc96c66 Request headers accept-language en-GB,en;q=0.9 Referer https://ivona.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers date Mon, 23 May 2022 18:06:56 GMT via 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront) last-modified Mon, 23 May 2022 17:59:26 GMT server AmazonS3 age 36727 etag "fdfa167681c9953bf3c677e493808ecc" x-cache Hit from cloudfront x-amz-version-id nApaTVFdoEIUPcQszRO7C12ct3WGX_bF cache-control public, max-age=315360000 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-type image/jpeg content-length 143799 x-amz-cf-id 82vnswInoMp6v6whky6I_wKNciZhudCe6ZPQ-KYbVX8hnqBndDDK9A==