Submitted URL: http://ivona.ua/
Effective URL: https://ivona.ua/
Submission: On March 22 via api from GB — Scanned from GB

Summary

This website contacted 77 IPs in 14 countries across 75 domains to perform 493 HTTP transactions. The main IP is 65.9.66.119, located in United States and belongs to AMAZON-02, US. The main domain is ivona.ua.
TLS certificate: Issued by Amazon on June 27th 2021. Valid for: a year.
This is the only time ivona.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 65.9.66.119 16509 (AMAZON-02)
1 91.198.36.26 43405 (DIGITAL-V...)
13 2a03:90c0:41:... 199524 (GCORE)
1 2a00:1450:400... 15169 (GOOGLE)
66 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 4 54.37.238.28 16276 (OVH)
11 78.159.118.240 28753 (LEASEWEB-...)
10 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 185.187.81.40 43332 (IDSTRATEG...)
17 143.204.215.70 16509 (AMAZON-02)
1 146.59.30.108 16276 (OVH)
3 2a00:1450:400... 15169 (GOOGLE)
8 91.198.36.35 43405 (DIGITAL-V...)
24 146.0.227.109 20773 (GODADDY)
1 3 2a03:2880:f12... 32934 (FACEBOOK)
13 142.250.184.226 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 185.187.81.41 43332 (IDSTRATEG...)
4 185.184.8.65 204995 (RTB-HOUSE...)
2 185.86.138.16 201081 (SMARTADSE...)
1 185.86.137.114 201081 (SMARTADSE...)
1 2a00:1450:400... 15169 (GOOGLE)
6 193.29.200.142 197203 (UMHAS)
2 194.247.175.23 196831 (BEMOBILE-AS)
13 212.8.250.228 49981 (WORLDSTREAM)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 11 137.74.6.209 16276 (OVH)
11 104.16.221.74 13335 (CLOUDFLAR...)
1 193.29.200.162 197203 (UMHAS)
2 2606:4700::68... 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
2 5 2620:116:800d... 16509 (AMAZON-02)
1 167.71.9.19 14061 (DIGITALOC...)
5 5 3.123.105.96 16509 (AMAZON-02)
2 34.98.67.61 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
7 194.247.175.26 196831 (BEMOBILE-AS)
1 193.200.65.5 6681 (GIVEME-CLOUD)
1 31.220.27.134 39572 (ADVANCEDH...)
1 34.120.139.69 15169 (GOOGLE)
1 2 194.190.76.41 48061 (UMA-TECH-AS)
1 37.18.16.22 205675 (HYBRID-AS)
1 217.65.2.150 3175 (CITYTELEC...)
4 4 46.4.121.26 24940 (HETZNER-AS)
2 2 159.69.74.6 24940 (HETZNER-AS)
2 2 195.201.243.72 24940 (HETZNER-AS)
4 4 96.46.183.20 7979 (SERVERS-COM)
2 2 94.130.13.220 24940 (HETZNER-AS)
3 185.29.132.246 30419 (MEDIAMATH...)
6 2a00:1450:400... 15169 (GOOGLE)
1 138.201.63.117 24940 (HETZNER-AS)
1 2.18.233.201 16625 (AKAMAI-AS)
4 138.201.63.150 24940 (HETZNER-AS)
10 45 142.250.186.66 15169 (GOOGLE)
3 5 2.18.234.21 16625 (AKAMAI-AS)
2 3 37.252.172.45 29990 (ASN-APPNEX)
52 2a00:1450:400... 15169 (GOOGLE)
2 2 3.123.203.20 16509 (AMAZON-02)
2 2 104.111.215.191 16625 (AKAMAI-AS)
3 35.186.253.211 15169 (GOOGLE)
4 4 198.47.127.19 3257 (GTT-BACKB...)
3 3 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 37.157.2.238 198622 (ADFORM)
2 35.244.159.8 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
1 1 169.50.137.182 36351 (SOFTLAYER)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 80.64.106.147 20764 (RASCOM-AS...)
2 2 2600:9000:205... 16509 (AMAZON-02)
2 185.86.137.107 201081 (SMARTADSE...)
3 4 185.94.180.126 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
4 4 18.196.142.162 16509 (AMAZON-02)
4 5 3.126.56.137 16509 (AMAZON-02)
2 185.86.137.110 201081 (SMARTADSE...)
10 142.250.184.194 15169 (GOOGLE)
13 37.157.2.248 198622 (ADFORM)
2 2 35.244.174.68 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 3.122.208.3 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 2.18.235.93 16625 (AKAMAI-AS)
1 18.195.155.181 16509 (AMAZON-02)
1 1 52.215.248.120 16509 (AMAZON-02)
1 1 141.94.242.148 16276 (OVH)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 34.96.105.8 15169 (GOOGLE)
1 1 37.157.4.29 198622 (ADFORM)
1 2 51.75.86.98 16276 (OVH)
1 82.113.101.132 6805 (TDDE-ASN1)
493 77
Apex Domain
Subdomains
Transfer
85 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
733 KB
81 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
stats.g.doubleclick.net — Cisco Umbrella Rank: 68
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
cm.g.doubleclick.net — Cisco Umbrella Rank: 176
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
372 KB
52 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
1 MB
37 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 39073
inv-nets.admixer.net — Cisco Umbrella Rank: 2365
215 KB
34 ivona.ua
ivona.ua
i.ivona.ua
470 KB
19 adform.net
track.adform.net — Cisco Umbrella Rank: 3334
s1.adform.net — Cisco Umbrella Rank: 8028
c1.adform.net — Cisco Umbrella Rank: 524
238 KB
14 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 36950
bgstats.mox.tv — Cisco Umbrella Rank: 44466
111 KB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
257 KB
11 idealmedia.io
jsc.idealmedia.io — Cisco Umbrella Rank: 81561
c.idealmedia.io — Cisco Umbrella Rank: 77814
cdn.idealmedia.io — Cisco Umbrella Rank: 125528
servicer.idealmedia.io — Cisco Umbrella Rank: 84489
s-img.idealmedia.io — Cisco Umbrella Rank: 80147
cm.idealmedia.io — Cisco Umbrella Rank: 11609
autocounter.idealmedia.io — Cisco Umbrella Rank: 92805
120 KB
11 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 49976
10 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 57
www.google.com — Cisco Umbrella Rank: 2
2 KB
11 umh.ua
cdn.umh.ua — Cisco Umbrella Rank: 172068
z.cdn.umh.ua — Cisco Umbrella Rank: 182297
6 KB
9 holder.com.ua
i.holder.com.ua — Cisco Umbrella Rank: 201969
h.holder.com.ua — Cisco Umbrella Rank: 202829
9 KB
8 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 194
148 KB
7 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ads.yahoo.com — Cisco Umbrella Rank: 816
ups.analytics.yahoo.com — Cisco Umbrella Rank: 268
2 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 147
243 KB
7 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1227
ww251.smartadserver.com — Cisco Umbrella Rank: 126842
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1266
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 603
1 KB
6 acint.net
www.acint.net — Cisco Umbrella Rank: 33498
acint.net — Cisco Umbrella Rank: 25918
2 KB
6 bemobile.ua
source.mmi.bemobile.ua — Cisco Umbrella Rank: 133692
sslpagestat.mmi.bemobile.ua — Cisco Umbrella Rank: 141544
25 KB
6 informer.ua
exchange.informer.ua — Cisco Umbrella Rank: 334772
32 KB
6 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 38887
ls.hit.gemius.pl — Cisco Umbrella Rank: 11780
googlecm.hit.gemius.pl — Cisco Umbrella Rank: 7401
15 KB
5 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1359
us-u.openx.net — Cisco Umbrella Rank: 323
897 B
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496
4 KB
5 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 28803
hal90008.redintelligence.net — Cisco Umbrella Rank: 200189
7 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 257
3 KB
5 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 381
cms.quantserve.com — Cisco Umbrella Rank: 929
2 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
ajax.googleapis.com — Cisco Umbrella Rank: 251
35 KB
4 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 307
1 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 480
2 KB
4 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 571
2 KB
4 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 2892
pixel.mathtag.com — Cisco Umbrella Rank: 1093
3 KB
4 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1509
3 KB
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 6130
680 B
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8832
www.google.de — Cisco Umbrella Rank: 6433
2 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 289
1 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
3 KB
3 tns-ua.com
pa.tns-ua.com — Cisco Umbrella Rank: 84004
4 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
327 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
40 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 797
486 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 730
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 690
r.turn.com — Cisco Umbrella Rank: 2672
869 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 565
891 B
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 698
879 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 870
344 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1530
1 KB
2 agkn.com
d.agkn.com — Cisco Umbrella Rank: 492
1 KB
2 buzzoola.com
exchange.buzzoola.com — Cisco Umbrella Rank: 21041
380 B
2 sape.ru
ssp-rtb.sape.ru — Cisco Umbrella Rank: 34828
1 KB
2 adhigh.net
px.adhigh.net — Cisco Umbrella Rank: 11171
729 B
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 794
430 B
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 821
43 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 716
695 B
2 zmctrack.net
s.zmctrack.net — Cisco Umbrella Rank: 132182
24 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 124
83 KB
2 bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2181
41 KB
1 o2online.de
portal.o2online.de — Cisco Umbrella Rank: 48066
609 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2593
173 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 2666
104 B
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 2828
376 B
1 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 806
59 B
1 media.net
cs.media.net — Cisco Umbrella Rank: 1593
1 KB
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 37868
511 B
1 rutarget.ru
google-sync.rutarget.ru — Cisco Umbrella Rank: 132931
382 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 707
712 B
1 new-programmatic.com
match.new-programmatic.com — Cisco Umbrella Rank: 35379
215 B
1 hybrid.ai
dm.hybrid.ai — Cisco Umbrella Rank: 21464
238 B
1 eskimi.com
dsp-trk.eskimi.com — Cisco Umbrella Rank: 44432
256 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 3131
241 B
1 trafmag.com
t.trafmag.com — Cisco Umbrella Rank: 13048
351 B
1 kolobok.ua
kolobok.ua
8 KB
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 269802
170 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 54
36 KB
0 recreativ.ru Failed
recreativ.ru Failed
493 75
Domain Requested by
52 s0.2mdn.net ivona.ua
s0.2mdn.net
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
s1.adform.net
50 pagead2.googlesyndication.com ivona.ua
pagead2.googlesyndication.com
cdn.admixer.net
tpc.googlesyndication.com
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
s0.2mdn.net
45 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
ivona.ua
29 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
ivona.ua
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
s0.2mdn.net
24 inv-nets.admixer.net cdn.admixer.net
ivona.ua
ad.mox.tv
17 i.ivona.ua ivona.ua
17 ivona.ua 1 redirects ivona.ua
cdnjs.cloudflare.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
ivona.ua
13 s1.adform.net track.adform.net
s1.adform.net
ivona.ua
13 ad.mox.tv ivona.ua
ad.mox.tv
13 cdn.admixer.net ivona.ua
cdn.admixer.net
11 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
11 a4p.adpartner.pro 1 redirects h.holder.com.ua
a4p.adpartner.pro
ivona.ua
10 googleads4.g.doubleclick.net ivona.ua
10 z.cdn.umh.ua cdn.umh.ua
10 fonts.gstatic.com fonts.googleapis.com
8 www.google.com ivona.ua
tpc.googlesyndication.com
googleads.g.doubleclick.net
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
8 h.holder.com.ua i.holder.com.ua
ivona.ua
8 cdnjs.cloudflare.com ivona.ua
cdnjs.cloudflare.com
7 www.googletagservices.com ad.mox.tv
googleads.g.doubleclick.net
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
ivona.ua
6 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com securepubads.g.doubleclick.net
6 exchange.informer.ua h.holder.com.ua
exchange.informer.ua
5 ups.analytics.yahoo.com 4 redirects googleads.g.doubleclick.net
5 track.adform.net hal90008.redintelligence.net
s1.adform.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 x.bidswitch.net 5 redirects
4 pixel.advertising.com 4 redirects
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 image6.pubmatic.com 4 redirects
4 cms.quantserve.com 2 redirects googleads.g.doubleclick.net
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
4 sslpagestat.mmi.bemobile.ua source.mmi.bemobile.ua
4 hal90008.redintelligence.net hal9000.redintelligence.net
hal90008.redintelligence.net
4 ads.betweendigital.com 4 redirects
4 www.acint.net 4 redirects
4 prebid-eu.creativecdn.com cdn.admixer.net
4 gaua.hit.gemius.pl 1 redirects ivona.ua
gaua.hit.gemius.pl
4 fonts.googleapis.com ivona.ua
s0.2mdn.net
3 www.gstatic.com s0.2mdn.net
3 pixel.rubiconproject.com 3 redirects
3 rtb.openx.net googleads.g.doubleclick.net
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 s-img.idealmedia.io ivona.ua
3 tags.mathtag.com googleads.g.doubleclick.net
tags.mathtag.com
3 pa.tns-ua.com source.mmi.bemobile.ua
pa.tns-ua.com
ivona.ua
3 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 adservice.google.de pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3 www.facebook.com 1 redirects ivona.ua
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
a4p.adpartner.pro
2 onetag-sys.com 1 redirects ivona.ua
2 pm.w55c.net 2 redirects
2 id.rlcdn.com 2 redirects
2 rtb-csync.smartadserver.com googleads.g.doubleclick.net
2 ssbsync.smartadserver.com 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
2 s.ad.smaato.net 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 e.dlx.addthis.com 2 redirects
2 d.agkn.com 2 redirects
2 cm.idealmedia.io jsc.idealmedia.io
2 exchange.buzzoola.com 2 redirects
2 acint.net 2 redirects
2 ssp-rtb.sape.ru 2 redirects
2 px.adhigh.net 1 redirects ivona.ua
2 odr.mookie1.com ivona.ua
2 unpkg.com ad.mox.tv
2 jsc.idealmedia.io i.holder.com.ua
jsc.idealmedia.io
2 source.mmi.bemobile.ua h.holder.com.ua
source.mmi.bemobile.ua
2 prg.smartadserver.com cdn.admixer.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 s.zmctrack.net ivona.ua
2 connect.facebook.net ivona.ua
connect.facebook.net
2 stackpath.bootstrapcdn.com ivona.ua
1 portal.o2online.de ivona.ua
1 c1.adform.net 1 redirects
1 tr.blismedia.com 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
1 dclk-match.dotomi.com 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
1 googlecm.hit.gemius.pl 1 redirects
1 pixel.everesttech.net 1 redirects
1 cs.emxdgt.com 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
1 cs.media.net 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 r.turn.com ivona.ua
1 ad.turn.com 1 redirects
1 ads.yahoo.com googleads.g.doubleclick.net
1 google-sync.rutarget.ru 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 um.simpli.fi 1 redirects
1 ajax.googleapis.com hal90008.redintelligence.net
1 autocounter.idealmedia.io ivona.ua
1 servicer.idealmedia.io jsc.idealmedia.io
1 cdn.idealmedia.io ivona.ua
1 pixel.mathtag.com tags.mathtag.com
1 hal9000.redintelligence.net ivona.ua
1 c.idealmedia.io jsc.idealmedia.io
1 match.new-programmatic.com ivona.ua
1 dm.hybrid.ai ivona.ua
1 dsp-trk.eskimi.com ivona.ua
1 s.uuidksinc.net ivona.ua
1 t.trafmag.com ivona.ua
1 bgstats.mox.tv ivona.ua
1 pixel.quantserve.com ivona.ua
1 kolobok.ua exchange.informer.ua
1 www.google.de ivona.ua
1 stats.g.doubleclick.net www.google-analytics.com
1 ww251.smartadserver.com cdn.admixer.net
1 loadercdn.net ivona.ua
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 cdn.umh.ua ivona.ua
1 cdn.jsdelivr.net ivona.ua
1 www.googletagmanager.com ivona.ua
1 i.holder.com.ua ivona.ua
0 recreativ.ru Failed ivona.ua
493 112
Subject Issuer Validity Valid
ivona.ua
Amazon
2021-06-27 -
2022-07-26
a year crt.sh
holder.com.ua
R3
2022-02-07 -
2022-05-08
3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA
2021-06-08 -
2022-06-21
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-09-21 -
2022-09-20
a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA
2021-09-08 -
2022-09-25
a year crt.sh
cdn.umh.ua
R3
2022-02-08 -
2022-05-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-12-29 -
2022-03-29
3 months crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA
2021-04-21 -
2022-04-25
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
*.google.de
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.google.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
loadercdn.net
R3
2022-02-11 -
2022-05-12
3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2021-03-30 -
2022-04-12
a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2022-01-25 -
2023-01-25
a year crt.sh
exchange.informer.ua
R3
2022-03-10 -
2022-06-08
3 months crt.sh
*.mmi.bemobile.ua
Sectigo RSA Domain Validation Secure Server CA
2022-01-14 -
2023-02-03
a year crt.sh
ad.mox.tv
R3
2022-01-30 -
2022-04-30
3 months crt.sh
www.google.com
GTS CA 1C3
2022-03-17 -
2022-06-09
3 months crt.sh
www.google.de
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
adpartner.pro
R3
2022-01-10 -
2022-04-10
3 months crt.sh
kolobok.ua
R3
2022-03-14 -
2022-06-12
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
bgstats.mox.tv
R3
2022-01-29 -
2022-04-29
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
juke.mmi.tns-ua.com
R3
2022-03-08 -
2022-06-06
3 months crt.sh
*.trafmag.com
Sectigo RSA Domain Validation Secure Server CA
2021-06-10 -
2022-06-22
a year crt.sh
uuidksinc.net
R3
2022-03-21 -
2022-06-19
3 months crt.sh
*.eskimi.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1
2021-04-12 -
2022-05-13
a year crt.sh
*.hybrid.ai
Sectigo RSA Domain Validation Secure Server CA
2020-07-07 -
2022-10-05
2 years crt.sh
new-programmatic.com
R3
2022-01-21 -
2022-04-21
3 months crt.sh
*.mathtag.com
DigiCert SHA2 Secure Server CA
2020-04-15 -
2022-04-22
2 years crt.sh
redintelligence.net
R3
2022-01-27 -
2022-04-27
3 months crt.sh
pixel.mathtag.com
DigiCert SHA2 Secure Server CA
2021-06-29 -
2022-07-07
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2022-02-28 -
2022-05-23
3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
teads.tv
R3
2022-01-03 -
2022-04-03
3 months crt.sh
ui.aps.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-03-21 -
2022-05-11
2 months crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2
2021-05-18 -
2022-06-19
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2021-08-10 -
2022-09-11
a year crt.sh
tr.blismedia.com
GTS CA 1D4
2022-02-20 -
2022-05-21
3 months crt.sh
*.o2online.de
DigiCert TLS RSA SHA256 2020 CA1
2022-02-11 -
2023-03-08
a year crt.sh

This page contains 55 frames:

Primary Page: https://ivona.ua/
Frame ID: 697333E4E51014697C05C4D621594770
Requests: 196 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: F7BD5CFBF3A75D8CB6F817C4C4FD7C17
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: ECD224925EF44A2EF4DCD3CA222DC28C
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 59E54826851CF2F920E516EFA723587F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html
Frame ID: 8BD3FB7BF63B646973B42D21CD805432
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: D7F462B903E8C9A1A4B17386B2B7E491
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: 0D8FDC63EE33E87E722897D25BF2CFC4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: 508D1B93B2B09BCE9B8647E07B39712A
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: 43D07DEC173A28F6DD1772CCA56C9429
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1647921986&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fivona.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921985872&bpp=4&bdt=1018&idt=314&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7054818411227&frm=20&pv=2&ga_vid=175811496.1647921986&ga_sid=1647921986&ga_hid=1165159230&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065544&oid=2&pvsid=773249475289896&pem=468&tmod=714857295&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=335
Frame ID: 7C4C0EB984A0DD340C59568BC7371C3F
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=kolobok
Frame ID: 7873932E11E174542BECD742C9A49D98
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 060EC5540601D269061A130BF2174BE4
Requests: 8 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 0422DCB43F249A22A3151E092FE52AFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Frame ID: 099CB002D9816BB2BBFEB514396FF619
Requests: 14 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/tt?time=0&apuid=f28c455d-c191-4216-be40-7cd9688b355a&session_pageview=1&session_id=1028c3a1-4b91-423a-b87c-0eba59f73627&site_visited=1&location=https%3A%2F%2Fivona.ua%2F&referer=
Frame ID: 4630308F778F31B1699249C39C15D1E1
Requests: 1 HTTP requests in this frame

Frame: https://a4p.adpartner.pro/jsunit/ls?jsunit=7161&unit_id=7161&shown=&session_pageview=1&session_id=1028c3a1-4b91-423a-b87c-0eba59f73627&site_visited=1&apuid=f28c455d-c191-4216-be40-7cd9688b355a&width=300&screen_width=1600&reload_count=0&banner_num=1647921986785393278&is_in_viewport=0&ref=&location=https%3A%2F%2Fivona.ua%2F
Frame ID: F2585B3B2060CCCE9CE4A084701F030E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C2B8C5126E802A3D6677D41903C7DCAA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 08FFAF428445A4A02848F50D2FEAF2AF
Requests: 2 HTTP requests in this frame

Frame: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5D955D192FE77038819F6C220C298654
Requests: 1 HTTP requests in this frame

Frame: https://pa.tns-ua.com/viewability/cm.html
Frame ID: F2A09E4EE6437ED08F2B40B442911CD6
Requests: 1 HTTP requests in this frame

Frame: https://cm.idealmedia.io/i-noref.js?cbuster=1647921987833596528816
Frame ID: AA69A913C2F660A9E4CB7AE186E0CD95
Requests: 1 HTTP requests in this frame

Frame: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 60B507B2AE97243E938137550A00F709
Requests: 15 HTTP requests in this frame

Frame: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ABE65944671A358FEF076386A31C3455
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARjr_cTDATAB&v=APEucNVp15_jou08-SusmwFGRvQNIUKzErEyiaoymeJNrVZIf9PXUBMv1NVeusjnzYh1E6rSOul_TxUbFX9ptxwz9StBPC4NZDio25iFnAAmIrrRcdBs31oLMidqfJWCh179Zw92ui0nzd4a9b2zA6B0Dp0hp5anw8ZM85OLWTFakp8JqzyO45kChklIMLPP9EaY12UJHhLd
Frame ID: 09D296496D99230BD49D31EE551A4BE6
Requests: 5 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=60439800014014004380380011906008&a=72c628c7
Frame ID: 04146B518F3E291259BFA7EC3F9EC3E2
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1DEDE37CB931914119572E72A4252662
Requests: 9 HTTP requests in this frame

Frame: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 66C7CF54D63B8E3EDA1C5B31C543AD59
Requests: 1 HTTP requests in this frame

Frame: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2BFE2D6EAFD483712BE2F799DAED95C0
Requests: 14 HTTP requests in this frame

Frame: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4B5A26E38A84A0C000207E18164C16BA
Requests: 14 HTTP requests in this frame

Frame: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FA33A652B8238D264F19F5EB6E58B9A8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiC_aO-ATAB&v=APEucNWbvfbLAvHz8-EhdSFB12xTf8BxPlZ62G8slvBHU_ETu2XvXvkLpYxV3gUeicZtFERqfBifXB4d2RhTfA6yvCuKlgkAPpSePeaOOjUuarjx6N0PKst451v2kKYe2oQdhdjbcaWFXBahSEA5DSgNE4GD31CG9khMigfrURep9Ija1yvElg0
Frame ID: 81CE5E6E1E0D6679BE1C5DCE9C8DE8CA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2jdQ9C7nLMxVgJBEK1ayFtwDYli4PX1hpf119zIetcy53AbRgP2NX_m41f2yPq44kDrgVwJz0dOFDnPUa1gyjDY02_44SGsGh7ZZO9PCZl1ejv_LyXnJYbFr86hFDv7CTwSklLUo-ppIWosyRAfoaQlAtHQ&dbm_d=AKAmf-BLze5-IlhwUrHFkM6EEjbGh6q2jKs_pYXbFmRNnkPPoEwIeUXELWCr7yc3MjMWFfIcxof1hTz49hHXCW1h_rakDV4BQmHJ0FPy6Ie9z99XmbzILvO2E4ANNr8K6OLIr5EZoLgYjZRARXavUD3w24BtVx9K43B4wIKGi0JzPn0St5Z-NsbbEe6tjkehqhs59DNtmLqmWo5-Dbj2AwosFv6XpHsW7eeHvD0Cr-UMPefScfoUdyTzfS6zMY1Zk4o1KsIDmIl-p0mGRsmm3YqA784vgNwuLsVOo8kw88vwmgUFZDlAeIut5J2iJjFTwTDJUTr5rm-WPOSkKxQ4V2zXdmdXyYsgVeUWosF5hwETJKFV3sTEHWOMvMJJllQ4P4W_YV36ucgdYuW853hJOy3s0cvV_wj7569TsGNFqRE0Xh639Thfiu4NqpLGphGPG54RCcjFJjK_9Mm1fZ0uFyPCe0plxRHP75xQKDF9sm38IewXhvzzHgZySCb2XcXLNWw3rr_ThvwWtZrtSy9U52mfEdFYNm9pYrynyzJFJ2-gvy68Zl1hxWlkC5bAVlsULB8mHJMA1sxpu6skVIo_KwxxzB02IXoVoDPzqLGx_8AtbEJnCNlRcHLqEy8RkavCSNNpwQ00EhUTpP_LAk1C5T9RfQFiYZHct8Tj7p-6rJHKPfz9_HUuyjA5EXgKcxzoyC-7pBwp4hNJFOCnjxhPBtoIB8lNFK9-rouWhZrLokGjQHNdwqszv0X7ewUsMtl8Av3KPfgjhY-ahaQmkSo3A9f62gHC2TZ8yN13KLASi-cp3Cso92OqftjVq9XvwIvobtc3dgt4_i_N-o_SZZi_GRv5_xSTxXSSy0yCXii2yrYRor6phitE-2wCVNAvmJf5EBsp4KeN5Eqfopu-CY9U3J4rsWUESRdiX4fMBnoVnk1z-1oW5baNgWcOMI7ur0dB-MGFrkLDeHp0yU9aBttc_46f0U_WgG5mGpK9HAsdO-osbry5ARuUIfiv3kNjlOLMyeWxZITxqAg9qfhqWz_mEl7y8p92fkM4sfaLatTSQTibwc49nmJma_CN9cTZNAngY9q7IP_WnBS2zclAexGYnDa0nWlq9E6MMCZf9XsId376teq18iPfcRYWen5N63ShLN6nsO1ccJUEaQJMOCxMZ4RrqtuezMt-4P0WMn8KACkp10RqhoQpO-i7Yb9v3nD0L7PnKAJieogKfEC6AS9aio2wESYZ1WnwsIi5qVc5NMfBuOTT-tbmsPXWrm91LWNAYVaK81hOgvvbkoodZBToMfgQQVRy8z_t3sZPIziV8rvmIfc7fsj-TWeFbtuqHjcHCSg79ck9RhEW5Y-qqF7thpGutWbwQ3lBhhyptNUpru6h4D5Z6FkiuPdil-FvLTh4JksgDnkfaGbAOmuka5GPRmxNXZx2izcHm10cj2m_hveLd4lPNl0oZ0BMywt_0gGm8idEEWQUKZ8ckJ6gMlsHBWRjx-prbyLoKQFQCSDFMLQUHfoDwwWQCSDfo3NY070R9TdZKErrtxy-zaOjhfUsJ2NnL--fnREqojGdhq79ks_t2dI1n8S9GwBy4z0-w-WJQ-UyKDtzGi0zhq_PSCIEX7THiLi8VpDqMOuz0mSNDP60nq8EeYKaky4zaDFosYqkzfVicWZY454qLGfD6apzGtLB8UAMjVOTPz52WDz-XSKHO-K0ep_RoconJoqQQoqXi2qdrtF8Vr7je7vQsrubSnJXAXxTaTqnElG84du-LO6B8kXYumqaH5wzfyazgz4CmoJ_FG2dDpozNQ9NQyRoM5AkZJ5l8opYf1SOiRI96M8bVcmRFDgPK3hFZa7QUbFRKlp_de-ApsOg84ZSxXEnybJyOcmQrk8OWO7OuCtN9918QDpRQKZxUg7lFy_cI0z1X2a48nahUAMtVyCqi-0HxvnR_qwc-1sZMKFef18XwUiDH-lKRv6IoXcWJF-t-1WvJvkn5NVUFPQhFSk2AMzqv0Bvgv2Um6l--ASJXctLKDiFBsKBQTIfYf6-9i4atS3IEYas8tkfW4hWlyI14UMKbqmQdoNlEyqCHBuuPd8ZCnGss1phVZK8wULKY60gADfk140uBoQT-PHJIzcNdExg_S9kE89Jb3TJA7xYgh3IJ4qalKXVZ-TU0mFVVqG0KTUxHeIz29xDbHX5I5EWUrcaPOGr62d-LC4cVlyPebnMyv0STM7OjFb721yaBPFWzMRfB8LpQUug4qR05Te70XF1J9Z-Jll2G0ioLofZzpPxLuvfyIZZSmxqKiV-PLbbc6asQmvpXBZ2crjC-1cf3c7_4n6PuZwvs1ahCdDKW7wzFq63KiYGZuGs7X44RCXwSonDyVuaatvftOUarmCagFUZH6L_aG4iXWJLMj0UHALibBtVbRfCen9o7affYdMSRn-U_WxJlhMP260-EZMBicn2RAk2PxZw9UA3ttddSEHh_0nr_NCfbyRxbDfYVKFPMJUsT5HEtOpFZIW4wjNRFnNYscFnEqQdR_gSdYBqRXOo7Xd9a3fEzj7kK5AfOjTOjeIpLA47IQtcbkHkhB9uQ5xKv9U0pbZLTvRKzeCA8ZLCPp2ZzD5KPp3cNOdaHaq-UoTYgKgFbHe8SBVAuOnmHaAZDyEnKQ3BYNy0EGcjHpKzkw1BCnNkiLw0-FRQL4WOAfvDi-HagQb1hV25PS4skSc0qR5y5F0CEHVqpOdchstLBXboQS4eAOE3nVWRbprSk3wP4IOMy5K9n7XlVWEr985g2oHFdifo3KyzJbYIgt6FgKnJNCuGHQBtjdXhAmiC_zg2xmlr5sfCAGehCZgvUUSZyRNYw18D0Ti2jHDLQ4v-sxl3EIVL9168Gt-RmvpIzor0PnmM-BaAcXm-sHjmzC7bRvo2D4cZ-lbQLPYlsWCRhVstG8d2ZL9ceE4NZydcIFHs1tUVftWv8m2r5rtf2p50gm5JZPfVSHaMYXg3Z7xzfs3ekFaytTl7BFQMWUzF2WytZfAOulD9NR_7dpQ2ej1k1lVfBUKLP89Hs0b5DqD7Njoky30RrBaOoKIPI755w0bqe5KfEDeSGnMVin_H-4V5_ED6Lc4TIYJt0_vhpi46ns0VMpl46VFvCvAUA5y6Iz0Ye1tPgozmolZ5S0uWNw4Su7d8KTcuBES08VYDYURP-N-wGfQS__rvQGJvBBPuclEil6NNDkVYkWk2&cid=CAASJORoJlsYyto8i8qlwO1WGiZWl0ND09KpWk9jRZUzxpLh-lTQLw&rfl=2%2Chttps%253A%252F%252Fivona.ua%252F%240
Frame ID: 22000A7D81692277085A6BF96823833C
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7B1DE923B5BCCDB9F03F10464532B5E3
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDOx8HMAhjyx9fAATAB&v=APEucNW3gKpBlDuuN4Kee4mCfTFYVjWlXoI5btovmsFYnbBlnIEk9ChNQoTbos2CF1sG8qDxopqIgERzKav1nZIN5-26rPpTQoYPRiU6Alv8vEec77myPNFjoD4Csk2BRVCqLj9ToHkJvdm0rBXALdozRoSVlyvoYkvwKasgKqjcC1QeKsK5Vh7KI6RfT9dUxIjlkgPoIKVM
Frame ID: 481B55147AE905E651B5A871A08ECA2D
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARjr_cTDATAB&v=APEucNU94lF5ZvtPx9l0L215lAjyzCJxKhYgunVQDATyxE3tycTWduTVuf9qZQRIsXFWhRa29c9Ahv6STsWI4iBbjhgXTeC84n6LgwVpLr6ff67YCftuC_P5J7ddT-_Trxb9qcmSboygLi4vyRerHYA9yX4MlWzUEoaUbXZr1HfH6VFlvkgij1k
Frame ID: 035349FD8A9556BB401ED907132646EA
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARiZ6sXDATAB&v=APEucNXQGuLcSOa9rcV1kMrV1EN5dgsXYlu0ovZAKG-xRTiilfamhjDT-meRkv2c7JM5h4pCZl5vKDvdSDTbOjsy_dK2iNNTIs37CPNp2YmzdY9OZHIEhN1-yVvp2i1BZ6IVZg_VvL42eBhCkkAq0nFA1-VaiCvqARxcijMjDMhWF069oswuuTs
Frame ID: 004721647DA24FEF84E0872EAA17A370
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8E9BB1337848F52C177F9B72176271EE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D4048305289D9816C9C826B090C1160D
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=4DCIR0Xjx2&t=1&renderingType=2
Frame ID: 1983F07774EB671D811F22BBAD68C611
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 051E361C7E21FD748337BE9C10E12339
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 148D67FF880CC8AFA2BCAC6D886EECCE
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 12BC6C66407177CA32BAFA6C0314E175
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9102CE9E123FFABEC5EB33008E388A97
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/10852055/1643292360957/index.html
Frame ID: AED5B7ECE92CE371814E9C37B208D9D2
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/260227187032981504/320x050.html?e=69&leftOffset=0&topOffset=0&c=meJY7ftQA1&t=1&renderingType=2
Frame ID: 0A60F4B207E3CCBF3105F0852506B937
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 97BDF9DFF3CB51473B2A139EDF1C5C3D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
Frame ID: 5667566B08CEA6B5C256A0EF1193D73E
Requests: 13 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=xdjJ9XweGu&t=1&renderingType=2
Frame ID: 5BB59EE75A1B5F1C9B3A48DE7D220FDE
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CCAC9E0D069821D691BD886FBEC809B3
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8496E16B351EA5634C1FEEF9C15CD492
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31de5ec4464598%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff15d30d91dd2c2c%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline
Frame ID: 953B252A7A6CBC8E29028ED04183E320
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Frame ID: 9AF831BCFBCF3B1BEFE6DBED7AE2CDC6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8DD728A50314EFB81B66F5CBFEEEBE78
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 923F295C232AC870CBBE571B99B630FC
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/160090/10998798/10998798.js?ADFassetID=10998798&bv=258
Frame ID: 74E66F4A2B5FD806265CAC68259C0F7C
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

Женский журнал IVONA

Page URL History Show full URLs

  1. http://ivona.ua/ HTTP 301
    https://ivona.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /popper\.js/([0-9.]+)

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

493
Requests

89 %
HTTPS

29 %
IPv6

75
Domains

112
Subdomains

77
IPs

14
Countries

4798 kB
Transfer

10626 kB
Size

130
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ivona.ua/ HTTP 301
    https://ivona.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 87
  • https://gaua.hit.gemius.pl/_1647921986098/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=341&lsdata=aytxFCaAtzeCOm4l2du4bP5Gffs2L6QkC5l8BEOJvdr.u7eXr1N0nCt7tSP7qHNZoreiz4tB3khBO54I2ocTG04UD6LO/5C.maSXVY80zz/&fpdata=Nkhxt3KUEG8..I9_ZT2RIqY5pCG.1FZsj_tqkEI6yUr.A7&vis=1&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1647921986098/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=341&lsdata=aytxFCaAtzeCOm4l2du4bP5Gffs2L6QkC5l8BEOJvdr.u7eXr1N0nCt7tSP7qHNZoreiz4tB3khBO54I2ocTG04UD6LO/5C.maSXVY80zz/&fpdata=Nkhxt3KUEG8..I9_ZT2RIqY5pCG.1FZsj_tqkEI6yUr.A7&vis=1&fpcap=
Request Chain 152
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=22d38ef4-4a01-4667-ba85-392080a21a80&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=22d38ef4-4a01-4667-ba85-392080a21a80&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d46b6bbd-ed08-4279-9fce-3b6861d24f24&ssp=prodoohmox&gdpr=0&gdpr_consent=
Request Chain 153
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=38d34758-dfd3-4d9e-8b93-6fde47bcbe6c&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=38d34758-dfd3-4d9e-8b93-6fde47bcbe6c&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d46b6bbd-ed08-4279-9fce-3b6861d24f24&ssp=prodoohmox&gdpr=0&gdpr_consent=
Request Chain 170
  • https://px.adhigh.net/p/cm/adpdigital HTTP 302
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
Request Chain 173
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F434B39623A004AAD02B8DF73&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F434B3962DF09BA0302A94303
Request Chain 174
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1 HTTP 302
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$%257BUSER_ID%257D&dp=14 HTTP 302
  • https://acint.net/rmatch?dp=14&euid=0100007F434B39623D0097AD02F4BF48&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F434B3962DF09BA0302A94303
Request Chain 175
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=af26d260-1ff0-5351-8eac-37baec957cf9
Request Chain 176
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=af26d260-1ff0-5351-8eac-37baec957cf9
Request Chain 177
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=5d3c08b9-bdde-4269-592e-251af210a832
Request Chain 178
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D HTTP 301
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=b7152f12-d2e3-4acf-77af-4e646a425e03
Request Chain 179
  • https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id} HTTP 302
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
Request Chain 245
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_oMS3z9u-PYk-xSzCEVJY&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_oMS3z9u-PYk-xSzCEVJY&google_cver=1&C=1
Request Chain 246
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjlLRKp8whwlHmFQz0T4ugAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_oMS3z9u-PYk-xSzCEVJY&google_cver=1
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDebqmO7-dZ1Jg92B7J0HQA&google_cver=1
Request Chain 248
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1MjM4MzIwMDcyMjA4ODk4MQ%3D%3D
Request Chain 266
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEI__Fdqp2eVrYCEVROGsqgY&google_cver=1&google_push=AYg5qPLlewzpf9TGEIRmQTJu3lGErYC75i-UR-wYhRiGOeGpuU485UVW5ZnKCcV8wQq3juyRGkVODvGfsuLRl3udRNx__pShNcc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLlewzpf9TGEIRmQTJu3lGErYC75i-UR-wYhRiGOeGpuU485UVW5ZnKCcV8wQq3juyRGkVODvGfsuLRl3udRNx__pShNcc&google_hm=Q0FFU0VJX19GZHFwMmVWcllDRVZST0dzcWdZ
Request Chain 267
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL7W116xMAJ1Gp_h-VeRTDYfDwZYWnnqlSmsOeufsRqO4mA25NMIW-VOmgGeXqe4U28Wtl-UNfBPgsPfW8FaB2zf5Bn7f4&google_gid=CAESEJNFKBsb3OF8zu3sSIUO9U8&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL7W116xMAJ1Gp_h-VeRTDYfDwZYWnnqlSmsOeufsRqO4mA25NMIW-VOmgGeXqe4U28Wtl-UNfBPgsPfW8FaB2zf5Bn7f4&google_gid=CAESEJNFKBsb3OF8zu3sSIUO9U8&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjIwNDA2MjgwMDA4Njk1Mjc3NTQyMg%3D%3D&google_push=AYg5qPL7W116xMAJ1Gp_h-VeRTDYfDwZYWnnqlSmsOeufsRqO4mA25NMIW-VOmgGeXqe4U28Wtl-UNfBPgsPfW8FaB2zf5Bn7f4
Request Chain 269
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECNKRNUxpwD_XJDKdBdBm1E&google_cver=1&google_push=AYg5qPJwbrIUG1kWZRyMm3gN-sMaKIdeIp7d5PpQuCf6lD15IjW7NY9EQ8hZUIPGssTGyP3TQ9_M8_bKrmp5BgabmTzo0qN_i5g HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECNKRNUxpwD_XJDKdBdBm1E&google_cver=1&google_push=AYg5qPJwbrIUG1kWZRyMm3gN-sMaKIdeIp7d5PpQuCf6lD15IjW7NY9EQ8hZUIPGssTGyP3TQ9_M8_bKrmp5BgabmTzo0qN_i5g&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=21q0qmKdQpyoNWXYUWvrhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJwbrIUG1kWZRyMm3gN-sMaKIdeIp7d5PpQuCf6lD15IjW7NY9EQ8hZUIPGssTGyP3TQ9_M8_bKrmp5BgabmTzo0qN_i5g
Request Chain 270
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFWOM8Map7onvD8A7PKR04s&google_cver=1&google_push=AYg5qPKKfKuh10HmsTfyDB-KYucQxCT2zIh9IM-7tdMvgtN-XtNFaBfFLvmh1CNROYbYsFuyf8Sm_q1F3A8uLcH5PT7mssxCeD8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDExTTdDNjQtMVYtTUE0MQ==&google_push=AYg5qPKKfKuh10HmsTfyDB-KYucQxCT2zIh9IM-7tdMvgtN-XtNFaBfFLvmh1CNROYbYsFuyf8Sm_q1F3A8uLcH5PT7mssxCeD8
Request Chain 271
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4
Request Chain 292
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO03qDG0F0_LGbze2Bl52ro&google_cver=1
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEKEen8mvFeHUqXSgWOlMKb0&google_cver=1
Request Chain 307
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBdTekdK8l6JZQVHAfBH0iE&google_cver=1&google_push=AYg5qPLgwXm3TDYdAV3Ve2fonb09VahPg0Rn5KV7sjF6x0d9Hm5V7_TIzFT_OmYClu7i0ON49leoRGhfcRJdynsrncVM4zRreQk HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLgwXm3TDYdAV3Ve2fonb09VahPg0Rn5KV7sjF6x0d9Hm5V7_TIzFT_OmYClu7i0ON49leoRGhfcRJdynsrncVM4zRreQk&google_hm=0Ud45bkYiwOBH6jV11gJcQ
Request Chain 308
  • https://um.simpli.fi/gp_match?google_gid=CAESEIPjcoMjwGx2KOBTC1-P7lg&google_cver=1&google_push=AYg5qPJL2ZGGS143n-Jw3T3B5LDsMO_OkUVXtu_3CcgxuZxJ1kJJ8FhO-BP37cQSF-nfRPF10JH64Sics936lxB8B33rUfNyUwE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D749FB212B4044B7AAEBB4EBCFE1789E&google_push=AYg5qPJL2ZGGS143n-Jw3T3B5LDsMO_OkUVXtu_3CcgxuZxJ1kJJ8FhO-BP37cQSF-nfRPF10JH64Sics936lxB8B33rUfNyUwE
Request Chain 309
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC0J6CloqozcTneeyVRUBBI&google_cver=1&google_push=AYg5qPL7wiYPH9VKbGQhsc1Q0HsZC0__DiSyTvwC1OmnwjlDO9FZFJXPqqlDAwpvb6kiTY4Yj99UzXU7mco4x-Jw1QjbhpJ76u0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL7wiYPH9VKbGQhsc1Q0HsZC0__DiSyTvwC1OmnwjlDO9FZFJXPqqlDAwpvb6kiTY4Yj99UzXU7mco4x-Jw1QjbhpJ76u0&google_hm=1Gtrve0IQnmfzjtoYdJPJA==
Request Chain 310
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHxMZPb0d5HAEExK9ORb6Pc&google_cver=1&google_push=AYg5qPLgB3h4lBtIjtM0e5XHXgezcWUuOvHm-IhvEmV9BpNydW-3OpHwdAjWgPcYgD7m70mbocokjAoTpAbndTYbBzWsl750JA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLgB3h4lBtIjtM0e5XHXgezcWUuOvHm-IhvEmV9BpNydW-3OpHwdAjWgPcYgD7m70mbocokjAoTpAbndTYbBzWsl750JA&google_hm=MjQ1NTE5ODMxNDc4NzI1OTU5Mg%3D%3D
Request Chain 311
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEO55-Bs_hqYCqQZV73odUec&google_cver=1&google_push=AYg5qPJzlBbAFTPoEnDXD3Y6ePfj-yqkyHcQKx_RWzC0ldCy58aAybyB-evy4uoKNF1K-Bh0f5JqpF8Cigi5qfHXmkQ3ryjE_xo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=R3cxVDBKUWtyanZC&google_ula=2046794&google_push=AYg5qPJzlBbAFTPoEnDXD3Y6ePfj-yqkyHcQKx_RWzC0ldCy58aAybyB-evy4uoKNF1K-Bh0f5JqpF8Cigi5qfHXmkQ3ryjE_xo
Request Chain 312
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEMqpy2xDiXRiihviBMcPeM&google_cver=1&google_push=AYg5qPKtCNTrbtl1KGVL527KrC9e16PlNIq4PdQ1b157aO5rJG7Hhj4TnPAwho-5MO8BwTL0xBTVWXSnxyJGvIF-_qdS54_IoPE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKtCNTrbtl1KGVL527KrC9e16PlNIq4PdQ1b157aO5rJG7Hhj4TnPAwho-5MO8BwTL0xBTVWXSnxyJGvIF-_qdS54_IoPE
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMRwaThRnV-uuF_w2DhiaLU&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMRwaThRnV-uuF_w2DhiaLU&google_cver=1&__user_check__=1&sync_id=7306eb5c-a995-11ec-9a68-1ab0ad8d0306
Request Chain 316
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=72fb95a9-a995-11ec-90d3-19da87bf0106 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzJmYjk1NzItYTk5NS0xMWVjLTkwZDMtMTlkYTg3YmYwMTA2
Request Chain 318
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEFVGszpqcoEQYwfdV1Xqm0w&_origin=1&google_cver=1 HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEFVGszpqcoEQYwfdV1Xqm0w&_origin=1&google_cver=1&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEFVGszpqcoEQYwfdV1Xqm0w&_origin=1&google_cver=1&apid=UP72fbf976-a995-11ec-aeb6-0254fab0062e
Request Chain 319
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP72fbf976-a995-11ec-aeb6-0254fab0062e HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA3MmZiZjk3Ni1hOTk1LTExZWMtYWViNi0wMjU0ZmFiMDA2MmU%3D
Request Chain 320
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1sSHRJV3k1RTJ1SHhGWkhQRENIeWg5cHY0NXVkTWRFeH5B
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEE_wqCeSxDZYkYrNn4zDLr8&google_cver=1
Request Chain 345
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEI__Fdqp2eVrYCEVROGsqgY&google_cver=1&google_push=AYg5qPLch8HUw494_fumH8Rx2zsMcsh_2gmEOag1wWxLoplC-jJmNrodlEZKSvslAiHhhbQKrbEirEBaB477R4f0s2DY0ODgGaE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLch8HUw494_fumH8Rx2zsMcsh_2gmEOag1wWxLoplC-jJmNrodlEZKSvslAiHhhbQKrbEirEBaB477R4f0s2DY0ODgGaE&google_hm=Q0FFU0VJX19GZHFwMmVWcllDRVZST0dzcWdZ
Request Chain 346
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKY85T27CCcps_e0dGBJ2fb-zAjJzTDAbjiVNZecaELVHSRDRoGwD11Eg4E6-0mL8rlF9QVTExeLR47cWx4pGVhR2Lxyxfg&google_gid=CAESEEsM7xm2OcWqGeOb3fbVGIc&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMSW5ZEGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBLWTg1VDI3Q0NjcHNfZTBkR0JKMmZiLXpBakp6VERBYmppVk5aZWNhRUxWSFNSRFJvR3dEMTFFZzRFNi0wbUw4cmxGOVFWVEV4ZUxSNDdjV3g0cEdWaFIyTHh5eGZn HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM2JPSFRiTU15QmFfbFNJWE9UR1QtSEhhU0wwdFYzUlZ5OU5Pa1BEeU9DQQ==&google_push
Request Chain 348
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECNKRNUxpwD_XJDKdBdBm1E&google_cver=1&google_push=AYg5qPI3qDc0R9uVNhv_NuHhXak6CiKG0H_lAweoq4rzPZzFOFxLvrNR-VL2MbcR7mtWj0u8UaIL-m2Sk0oGakJuImIaETDR8lOp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=21q0qmKdQpyoNWXYUWvrhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI3qDc0R9uVNhv_NuHhXak6CiKG0H_lAweoq4rzPZzFOFxLvrNR-VL2MbcR7mtWj0u8UaIL-m2Sk0oGakJuImIaETDR8lOp
Request Chain 349
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFWOM8Map7onvD8A7PKR04s&google_cver=1&google_push=AYg5qPJ0eJIoconZcPTAmj960eb1Punw9kycVkEeO3FkZhJ2bSoHHE0LPuWXSN-9w01Bz8OqPmDTnHnaqZ04MTANvlQEWYkwWYC6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDExTTdDQjEtVC00NDhI&google_push=AYg5qPJ0eJIoconZcPTAmj960eb1Punw9kycVkEeO3FkZhJ2bSoHHE0LPuWXSN-9w01Bz8OqPmDTnHnaqZ04MTANvlQEWYkwWYC6
Request Chain 350
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1
Request Chain 370
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH-DCmnsVAu4wkkc6kDi3kY&google_cver=1&google_push=AYg5qPJItSkNpJy0knjw2Y-CuppGYZXyIT0KGxzFTYAadDZAFqmT1aQnsuD_Y9Vix3o927ddmsGI2pe4w6OLM6PvMBq0M2TD4Be3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzgwNjk0NjEzNDcyMjMyNzY4Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH-DCmnsVAu4wkkc6kDi3kY&google_cver=1
Request Chain 371
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPK6dM6Sd9BvX2hEjtpJedo&google_cver=1&google_push=AYg5qPKn8HUUIIPSairA-mciVRqj2BeCOFunJ1aY2q7lZydDo6A0DXjfGt16RqSulOTG41HgEmg0aW-_47zYyxxvDVbVj8F7lyp1 HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPK6dM6Sd9BvX2hEjtpJedo&google_cver=1&google_push=AYg5qPKn8HUUIIPSairA-mciVRqj2BeCOFunJ1aY2q7lZydDo6A0DXjfGt16RqSulOTG41HgEmg0aW-_47zYyxxvDVbVj8F7lyp1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjFlY2ZJaWQxTnd2TVY1&google_gid=CAESEPK6dM6Sd9BvX2hEjtpJedo&google_cver=1&google_push=AYg5qPKn8HUUIIPSairA-mciVRqj2BeCOFunJ1aY2q7lZydDo6A0DXjfGt16RqSulOTG41HgEmg0aW-_47zYyxxvDVbVj8F7lyp1
Request Chain 372
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBgi2S9_02R0aUUu4kQ0qjk&google_cver=1&google_push=AYg5qPK06RZOmwyzmBBcKXv7W1xg0GXkNaoHy2HYocGzdTFDjlPqncQf7g403zJXltEdAZZ7LNJuB4GN1y7PE54wrr8BEJt0MDN3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK06RZOmwyzmBBcKXv7W1xg0GXkNaoHy2HYocGzdTFDjlPqncQf7g403zJXltEdAZZ7LNJuB4GN1y7PE54wrr8BEJt0MDN3&google_hm=2s-oh2HJTka_lvDlf_Iptyc
Request Chain 373
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEMqpy2xDiXRiihviBMcPeM&google_cver=1&google_push=AYg5qPKQQ9jTKP1IYLKtrQj1PcmtjQKiJlqzIZLzALY2yIuj8mYF1Q3dXFbyj8Be_9nCA22O1aAFXtwNHUEusb7b9qHU1hw-xnw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKQQ9jTKP1IYLKtrQj1PcmtjQKiJlqzIZLzALY2yIuj8mYF1Q3dXFbyj8Be_9nCA22O1aAFXtwNHUEusb7b9qHU1hw-xnw
Request Chain 374
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDF63aMzvpnCYBWqZrZHluA&google_cver=1&google_push=AYg5qPIxitJyjy14O57LQZKW3vOBzoUklbZwgSsTkyck4uwl6J-BdMFvLTpLxue4A8tMDPXgYvJOXnhW2mgeK5ojG2HHZGMJKAoc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkwOTIzNTg4MDY2OTU4NDAwMFYxMA%3d%3d&mn_hm=MjkwOTIzNTg4MDY2OTU4NDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIxitJyjy14O57LQZKW3vOBzoUklbZwgSsTkyck4uwl6J-BdMFvLTpLxue4A8tMDPXgYvJOXnhW2mgeK5ojG2HHZGMJKAoc&gdpr=&gdpr_consent=
Request Chain 382
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBdTekdK8l6JZQVHAfBH0iE&google_cver=1&google_push=AYg5qPJ2lV0FHfuj6myDmx2_HCXvtJeJ54JbqcE4itwR4d1iJcrZkB3BlsWIYg5TdaIvMSULIi-bCo2Yky3CMFxoUWlexqgnOAL0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJ2lV0FHfuj6myDmx2_HCXvtJeJ54JbqcE4itwR4d1iJcrZkB3BlsWIYg5TdaIvMSULIi-bCo2Yky3CMFxoUWlexqgnOAL0&google_hm=0Ud45bkYiwOBH6jV11gJcQ
Request Chain 383
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKljno6e-YpqS5SItjCIxaD6S6IMe9Dqnh1OCoxGmiD7FGgmLMIzmG5t_fHc19IFN8RfoHGbfJJbUEMPG49bqSIqVog_F_d&google_gid=CAESEIbdgeworDXsSLXGKyNXK80&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpsTFJRQUFCTGFPdkFPNw&google_push=AYg5qPKljno6e-YpqS5SItjCIxaD6S6IMe9Dqnh1OCoxGmiD7FGgmLMIzmG5t_fHc19IFN8RfoHGbfJJbUEMPG49bqSIqVog_F_d
Request Chain 385
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECNKRNUxpwD_XJDKdBdBm1E&google_cver=1&google_push=AYg5qPLW-OO8BP-rqLHF8T0ju1Gngv1TTbVczjJ1ta8GBmOuByIjPdOqHM8WDFoQAqQ6BvPAHqvpZkw6Y6NYnDk8DRRaGUqV5uqA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=21q0qmKdQpyoNWXYUWvrhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLW-OO8BP-rqLHF8T0ju1Gngv1TTbVczjJ1ta8GBmOuByIjPdOqHM8WDFoQAqQ6BvPAHqvpZkw6Y6NYnDk8DRRaGUqV5uqA
Request Chain 386
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFWOM8Map7onvD8A7PKR04s&google_cver=1&google_push=AYg5qPLXrO2DAHfW1BvPBve08wbFqUvvZ7WHiQ2MCOwXA7R32Rn7CYHC2_hfw2e5DNHjUiUH9X5JTysceukQFB4Asnu-s5hGSKIh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDExTTdDSEMtMTYtRExBOA==&google_push=AYg5qPLXrO2DAHfW1BvPBve08wbFqUvvZ7WHiQ2MCOwXA7R32Rn7CYHC2_hfw2e5DNHjUiUH9X5JTysceukQFB4Asnu-s5hGSKIh
Request Chain 387
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is
Request Chain 388
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEB5bKYk5nGyG7g9SvsM7cZY&google_cver=1&google_push=AYg5qPKtsNtC5ZEs_VcHETM5oKhonMZY1o0bt_EpAPxaWYgDyS1mCbfYsh2R70Ekj8MRaF47lxgMZ5Wi95DXQP341VgLOfGI1266 HTTP 301
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKtsNtC5ZEs_VcHETM5oKhonMZY1o0bt_EpAPxaWYgDyS1mCbfYsh2R70Ekj8MRaF47lxgMZ5Wi95DXQP341VgLOfGI1266&google_hm=fclblkycazcpsbebpfqdwqloweka
Request Chain 395
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEEKdIudzgrDSuSSyD-zgRg&google_cver=1&google_push=AYg5qPIu2WHOd-0Zt5z6yhykuDQLVxbmjUy0Amvt_82lbWqOQBbXXD12oxvqA3bQHDG_tVROphoRz6A882HRg3ww46MV5TQ2sRGa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE0NDgxNzY1NDA0NTA0Mjk1Ng&google_push=AYg5qPIu2WHOd-0Zt5z6yhykuDQLVxbmjUy0Amvt_82lbWqOQBbXXD12oxvqA3bQHDG_tVROphoRz6A882HRg3ww46MV5TQ2sRGa
Request Chain 396
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEG0sQerRDZcsK8KBAdSED8s&google_cver=1&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
Request Chain 397
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKPmJpmOUM0GnQGIRX1fseE&google_cver=1&google_push=AYg5qPKOcy9pu0GwgqjNGX3dXW8wNNCSPCyvdlbQHSvoPGzNvFbfZCCWwdoD4PxD430gvJ8kYoAQMvYQZFkaYENQZjNHrL6cTkfIXBY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GYjBrODdORTJ1Rkx1em5UNVcxZjY2X1l6YVRyd2FyUn5B&google_push=AYg5qPKOcy9pu0GwgqjNGX3dXW8wNNCSPCyvdlbQHSvoPGzNvFbfZCCWwdoD4PxD430gvJ8kYoAQMvYQZFkaYENQZjNHrL6cTkfIXBY
Request Chain 398
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEG0sQerRDZcsK8KBAdSED8s&google_cver=1&google_push=AYg5qPJSZ8eiud8PMpchMIs8orWAiJsMr7s_otqOjRzIYelb45GPwt9CYE-UbLZFeszFhFMdolcr8_rClBydjYQzekiFtuomGxK-AeM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJSZ8eiud8PMpchMIs8orWAiJsMr7s_otqOjRzIYelb45GPwt9CYE-UbLZFeszFhFMdolcr8_rClBydjYQzekiFtuomGxK-AeM HTTP 302
  • https://onetag-sys.com/sync/i,19/?google_error=5
Request Chain 444
  • https://www.facebook.com/v3.1/plugins/page.php?adapt_container_width=true&app_id=1797034293858937&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31de5ec4464598%26domain%3Divona.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fivona.ua%252Ff15d30d91dd2c2c%26relation%3Dparent.parent&container_width=320&height=600&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FIvona.bigmir.net%2F&locale=uk_UA&sdk=joey&show_facepile=true&small_header=true&tabs=timeline HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31de5ec4464598%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff15d30d91dd2c2c%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline

493 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ivona.ua/
Redirect Chain
  • http://ivona.ua/
  • https://ivona.ua/
102 KB
24 KB
Document
General
Full URL
https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
bbb94c9bab834a9b73833943be7ebbf7a309bf6b8dc5a34e9a80f2ea1616f5fe

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

content-type
text/html; charset=UTF-8
server
nginx
date
Tue, 22 Mar 2022 04:05:18 GMT
cache-control
public, max-age=300
content-encoding
gzip
x-cache
Hit from cloudfront
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
t3GVs-wMnWtfD7Dv6DvK9EMvbm-ZLZqyBeCLWOndmgxxanuLk4s-Nw==
age
99

Redirect headers

Server
CloudFront
Date
Tue, 22 Mar 2022 04:06:24 GMT
Content-Type
text/html
Content-Length
183
Connection
keep-alive
Location
https://ivona.ua/
X-Cache
Redirect from cloudfront
Via
1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-C1
X-Amz-Cf-Id
BAfs5AFKcvtZfD-bpLitR6qnahl2n4EFHF3hGHWqjQAqyk_NNdu5jg==
holder.js
i.holder.com.ua/t/
9 KB
4 KB
Script
General
Full URL
https://i.holder.com.ua/t/holder.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
i1.i.ua
Software
nginx /
Resource Hash
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2017 14:14:15 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Wed, 22 Mar 2023 04:06:25 GMT
loader2.js
cdn.admixer.net/scripts3/
176 KB
55 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
e1a9f29f42c8aded9c06916867c167eeefff784bb887ea25d10959df0bbf25ec

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:43 GMT
server
nginx
etag
W/"621a6a17-2c0e6"
x-cached-since
2022-03-22T04:02:41+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Sat, 26 Feb 2022 18:08:55 GMT
js
www.googletagmanager.com/gtag/
92 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-206274582-1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0be2379234dc3da388a009dec6a8204e17edd28b2f09b2003b64282d59125702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36856
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 22 Mar 2022 04:06:25 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
156 KB
54 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e51c445db4975b5607340b0d87f43e608360dd02f7f8e3a5acbd8d4cf4ef4c66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54642
x-xss-protection
0
server
cafe
etag
995895933099923602
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Mar 2022 04:06:25 GMT
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e0258e66eddc5ec291e7b9089c7c1897ae1b38c693f5627aaa3911f83d83d26e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 04:06:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 22 Mar 2022 04:06:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Mar 2022 04:06:25 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/
56 KB
10 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
367833
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10022
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-de0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F%2FvuQYz4K3pR9iknAs9AWA0GeBtoBfoIb8MyBD3YrkjCXf%2FvhcOlxxV1MgzOnNJb5kMp4aabTHkGRTRMzjcB4Sx4od05Qgbm0slg0SSKzRr5bs7eJYcg0skXjABtckC7qAIfe9vhup5ZLjVNerwZ08Gf"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6efc0df689539279-FRA
expires
Sun, 12 Mar 2023 04:06:25 GMT
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/
152 KB
25 KB
Stylesheet
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
756
age
4824089
cdn-cachedat
12/27/2021 07:28:05
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c93bb13724f1916e0ec0f105adc4675a
cf-ray
6efc0df689b86997-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
v10
ivona.ua/css/style.css/
77 KB
15 KB
Stylesheet
General
Full URL
https://ivona.ua/css/style.css/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
2c87d3e2f818ba84a6d76a422499b997d743c05d936adfd84539290a8f0fec42

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:24 GMT
content-encoding
gzip
age
3516131
x-cache
Hit from cloudfront
last-modified
Wed, 09 Feb 2022 11:22:20 GMT
server
nginx
etag
W/"6203a3ec-13503"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
ShRKb421ovXAINCcALzciCImI-glKh4quliG-RMxXi8U2AjMcioSTw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v10
ivona.ua/a-custom/custom.css/
970 B
829 B
Stylesheet
General
Full URL
https://ivona.ua/a-custom/custom.css/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8c49566661e25a56098710ae7c23c306a8cd94bf3ac3614686aa7f9a3afb1c32

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:24 GMT
content-encoding
gzip
age
3516132
x-cache
Hit from cloudfront
last-modified
Mon, 11 Oct 2021 09:24:29 GMT
server
nginx
etag
W/"616402cd-3ca"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
gZ5EABxm9zsVMMiqqr5rd1FBG-v0QP6P2HVyFJq-v1VSt4ezMI5Ewg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/
95 KB
30 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
124389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30360
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-17b8b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yPpRjYfWLXk08rVp2VUxSTwFJojvkkNpurGCe%2BFAQmt4ZI0Pmqt2s6BRnyGVxIOmCe91iEQ%2B0rnPVPYRxLJk6wFi2g8nh2GjZD30I%2BqpsBWg0CMa2Io7iHNqyWpJ%2FB5XLR%2FVSso3F0XvwzV8LGV4FypE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6efc0df689549279-FRA
expires
Sun, 12 Mar 2023 04:06:25 GMT
630x283.png
ivona.ua/img/
130 B
587 B
Image
General
Full URL
https://ivona.ua/img/630x283.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7b4b07d23354c543dc43e161b5abe841f026ebaf1d53ac0cce0e3884b970f871

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Feb 2022 20:57:57 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
age
2358524
x-cache
Hit from cloudfront
content-length
130
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-82"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
tHj-dzkEZI9KM-tHvwrC82y2a2z9y-QFGLIvoJRKshqbif9ZxpxYEw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
4x3.png
ivona.ua/img/
96 B
543 B
Image
General
Full URL
https://ivona.ua/img/4x3.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a10e7064bf6a788c67304be2dacba454fca986a3bac0d0de71c79fb6a54bd1bc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 21 Dec 2021 05:34:37 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
age
7856962
x-cache
Hit from cloudfront
content-length
96
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-60"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
MpXZlKh6-TY4qMhfRGMPH2RmjeC1ktHyLTlT25togMKytCjoY8N1Ow==
expires
Thu, 31 Dec 2037 23:55:55 GMT
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/
21 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
628875
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6646
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:37 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fa9-520c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5RCN4jsK0sKFR67WOU9jkifwv%2FeqHYQOspvk7MUKVN2m%2Ff5o7oW8U6OG603fW%2FAs%2BN4HrN6y%2FMI3mUYupJ%2Fm3ljxAUDE4HE03VJCj8CWdmTw4v0PRrMS3njvsz8MvQH%2B3hThr6zNhePF7oe1HI1fF86M"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6efc0df7e84a6945-FRA
expires
Sun, 12 Mar 2023 04:06:25 GMT
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/
57 KB
16 KB
Script
General
Full URL
https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
617
age
4823864
cdn-cachedat
09/16/2021 08:35:32
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.0
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:08 GMT
server
cloudflare
cdn-requestpullcode
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
c239f396e013db8d9d102d486169f4ac
cdn-requestcountrycode
US
cf-ray
6efc0df8df199054-FRA
cdn-cache
HIT
cdn-status
200
cdn-requestpullsuccess
True
jquery.fancybox.min.js
cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/
67 KB
19 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.5.7/jquery.fancybox.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
374222
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19249
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e58-10a9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wjd%2BBjZQ9%2FdSP3nLPKvm%2FD46jcOpE7bFd7z9Axp8qI0OLg7b0mKLBUt8UJ3AWZkRnibm0PnN3f%2BC9aFJXqHPXTrpRUKv4WcBMgXPDe%2BrDfVyQjvBOlG9yHANEIljQWlmfYuwAPvZUzwR1mxIgSDMIoHU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6efc0df97e4d918e-FRA
expires
Sun, 12 Mar 2023 04:06:25 GMT
lazyload.js
cdn.jsdelivr.net/npm/lazyload/
6 KB
2 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/lazyload/lazyload.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
24224
x-jsd-version
2.0.0-rc.2
x-cache
HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19171-FRA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"162a-+bHVRc9Mhd3adT/5YJ7eVp2Ssx8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6efc0dfa4b176958-FRA
v10
ivona.ua/js/theme-script.min.js/
2 KB
1 KB
Script
General
Full URL
https://ivona.ua/js/theme-script.min.js/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6056ffc424715134bc8cb5583ce0af5e2bb6c2eb772550a0519e1afd163eb4d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:25 GMT
content-encoding
gzip
age
3516132
x-cache
Hit from cloudfront
last-modified
Wed, 09 Feb 2022 11:22:20 GMT
server
nginx
etag
W/"6203a3ec-693"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
vKWjZh9Fx58MS6xMY5dKr9w8JbAFsObU1lzomiPOdCmaKhTMDquGjw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
v10
ivona.ua/js/banner-index.js/
2 KB
806 B
Script
General
Full URL
https://ivona.ua/js/banner-index.js/v10
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
24b8dee038e42eb0a35f5f2250385a6e7821a0410a4c55f4afaab79dad56b470

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 11:22:25 GMT
content-encoding
gzip
age
3516132
x-cache
Hit from cloudfront
last-modified
Sat, 21 Aug 2021 13:24:17 GMT
server
nginx
etag
W/"6120fe81-725"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
PYJQ5xmpcW1q9s5FCSllu5L9GCmmO99xuqu7XigjjrsWTxVtFiMbDA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
article-stat-v2.js
ivona.ua/click/js/
976 B
1 KB
Script
General
Full URL
https://ivona.ua/click/js/article-stat-v2.js?8
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:58 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
last-modified
Mon, 29 Apr 2019 05:26:10 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
etag
"5cc68af2-3d0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
x-cache
Miss from cloudfront
accept-ranges
bytes
access-control-allow-headers
*
content-length
976
x-amz-cf-id
GDsDkXPU8eiJptOjb2X-yFMJNAoLvkDxgBEUxVPvA30LipN1UswWmQ==
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/
1 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
18312
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
591
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZM6k6PlZwqfbTq2e87pCheXr62zbRcEkm74c8Il3xra0zGkLXDl28e7RtxI%2BYEBbMqmBJgJoPo2sd8g9GD3Cr3F7zgOQXklh763EL9tj%2BG49JFzu3JLerJs3DC%2FRKaBxGJ4%2FQhfBrSdWC2x3U2SXDN3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6efc0df97e4f918e-FRA
expires
Sun, 12 Mar 2023 04:06:25 GMT
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/
4 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1424862
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1339
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-eb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vxRpZHCvDtCMhD3GxhNUhY8HDdBDwJjf7UD7Cyz4PL5ev%2Btvhryv4ReigBQWexAzfQ%2BU12qdXihWAdk7N%2BU5BXa8ubM784PsNNr4tQXBCB%2B3fbKOL4v7MGGM1MrqqfAipHYDMKBGMMNSwpA27Yo%2Fetjv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6efc0df97e49918e-FRA
expires
Sun, 12 Mar 2023 04:06:25 GMT
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/
5 KB
2 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1307471
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1763
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1483"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1ImhBWbC4PB1QDTusQBRmBBtcw%2BTV7JZJUypMYwty%2F14kq3qm0JGxCphwjdplwq2GG7VMQ8OcM2gHKh0BkWSvyqxyvxFgTNH2glhp6vhF8nRtFHXhCQeILEA3cfljJnfXYKBJUAjUB3IEU45Am%2FAeFr"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6efc0df97e4b918e-FRA
expires
Sun, 12 Mar 2023 04:06:25 GMT
common.js
ivona.ua/click/js/
3 KB
3 KB
Script
General
Full URL
https://ivona.ua/click/js/common.js?1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:58 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
last-modified
Mon, 06 Jan 2020 10:11:50 GMT
server
nginx
x-amz-cf-pop
FRA56-C1
etag
"5e1307e6-a00"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
x-cache
Miss from cloudfront
accept-ranges
bytes
access-control-allow-headers
*
content-length
2560
x-amz-cf-id
1OQes9xzFpySpvh1VjvAq5YFX-316Z2O95XkZjEPMtoT92GL1lGkpw==
xgemius.js
gaua.hit.gemius.pl/
40 KB
11 KB
Script
General
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
gzip
last-modified
Wed, 16 Mar 2022 07:51:19 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
10838
expires
Tue, 22 Mar 2022 16:06:25 GMT
e.js
cdn.umh.ua/libs/
6 KB
3 KB
Script
General
Full URL
https://cdn.umh.ua/libs/e.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block;
last-modified
Tue, 01 Mar 2022 15:54:34 GMT
server
nginx
etag
W/"621e41ba-16f4"
access-control-max-age
1728000
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER
expires
Wed, 23 Mar 2022 04:06:25 GMT
logo.png
ivona.ua/img/
1 KB
2 KB
Image
General
Full URL
https://ivona.ua/img/logo.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
2a5ffc4b5364d3c9b497b0358cec59b47658cdbb7455e840977d80dffcc4c37b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:26:19 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
age
17858186
x-cache
Hit from cloudfront
content-length
1326
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-52e"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
qhqb7dz4WO4RL_k4ETujlbFRBIX4kqdFU_7dCCVA0B2ZH6OG-a8JzA==
expires
Thu, 31 Dec 2037 23:55:55 GMT
sitename.png
ivona.ua/img/
1 KB
1 KB
Image
General
Full URL
https://ivona.ua/img/sitename.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ca18a695aa649c8be202136c7e83fe201f90b7c3391d45fbe971689d9bb3ebcd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 20 Dec 2021 00:23:06 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
age
7962058
x-cache
Hit from cloudfront
content-length
1058
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-422"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
aLpq7ZfgNOO58_ehmGgw3MjprZkfTBuc_eXJ6BY3y40noBnHoRISMg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v16/
44 KB
45 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:33:58 GMT
x-content-type-options
nosniff
age
462747
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45300
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:33:58 GMT
search_icon.png
ivona.ua/img/
253 B
700 B
Image
General
Full URL
https://ivona.ua/img/search_icon.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
7a3e2211e9bf114d049bb17ffdab66a889f20a55770d462a3136b573e23c439c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 28 Nov 2021 16:20:09 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
age
9805542
x-cache
Hit from cloudfront
content-length
253
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-fd"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
BJOvwevWNciuQ3LPrqPXc-yqFovYpkKlKbp5LhLuf0GamL66HnphkQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v16/
29 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 21:04:06 GMT
x-content-type-options
nosniff
age
457339
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29928
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:39 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 21:04:06 GMT
jizaRExUiTo99u79D0aExdGM.woff2
fonts.gstatic.com/s/ptsans/v16/
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0aExdGM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:38:01 GMT
x-content-type-options
nosniff
age
462504
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28444
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:38:01 GMT
c.html
cdn.admixer.net/scripts3/44184/ Frame F7BD
738 B
509 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 22 Mar 2022 04:06:25 GMT
content-type
text/html
last-modified
Sat, 26 Feb 2022 17:57:57 GMT
vary
Accept-Encoding
etag
W/"621a6a25-2e2"
expires
Wed, 22 Mar 2023 10:10:09 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-03-21T10:10:09+00:00
x-id
fr5-up-gc29
content-encoding
gzip
0967ebea4a2a8854ab82.b.js
cdn.admixer.net/scripts3/44184/
23 KB
8 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:44 GMT
server
nginx
etag
W/"621a6a18-5d41"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:56 GMT
849bc7976a13501da8fc.b.js
cdn.admixer.net/scripts3/44184/
74 KB
19 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/44184/849bc7976a13501da8fc.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ad8d6790c4653e3bd078031ffcd5b9c231056162ff04ae386ad85fb74e89407e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:52 GMT
server
nginx
etag
W/"621a6a20-12993"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:56+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:56 GMT
sdk.js
connect.facebook.net/uk_UA/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/uk_UA/sdk.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
619f5ad8418d48505c939e316c463f6316f47b1c15b4b1333cb2c92488cae840
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
cZWHIFQAWwzSEWBnqbGeFw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 22 Mar 2022 04:16:15 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1687
x-fb-rlafr
0
x-fb-debug
8mdj9rUQEDc9qHMsP34FlM7bvsVJGqNZJ/RzacXdDTbbY+AhGkKhVi/pMR973o5kHRS0YtjLQuazeKqmSKLCsQ==
x-fb-trip-id
2050670934
x-fb-content-md5
dad7c53685eb7db52922a024431e1914
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Tue, 22 Mar 2022 04:06:25 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"ebc928905294767c2ef717c42ec5f142"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
arrows.png
ivona.ua/img/
562 B
1008 B
Image
General
Full URL
https://ivona.ua/img/arrows.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
e0aa33565d329e1218a6d190b0aa8c20e73d637429df09713949330e4632d7cd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 27 Aug 2021 11:26:19 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
age
17858186
x-cache
Hit from cloudfront
content-length
562
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-232"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
sY02-1nMuzCfad1R4JhidT54RiiJr4s_X5hfS4flQomOC97FYn6ZoQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/
74 KB
75 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-solid-900.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.min.css
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12744
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
75728
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-127d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W3eABXWd%2FjQSFXabzBCo2bCnR8WFCgxGxHtRvFAaU8TeJ9mEzzfDaWoDVYPCrYc9RIVAHBAfvtN3uBrry%2Bm2aT1mEalnQn5Sd8D7JINGk6QCUsx4iIAYCf%2FwAW46bLd74GJoCndDNnD7XN3mwOWKc3wa"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6efc0df9a9bb6945-FRA
expires
Sun, 12 Mar 2023 04:06:25 GMT
bigmir_logo.svg
ivona.ua/img/
3 KB
2 KB
Image
General
Full URL
https://ivona.ua/img/bigmir_logo.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
33ba16e1b1d8a7bd9b5fd855dbe3db459460d39b818944c98fa56efc03d04070

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 16 Oct 2021 15:48:31 GMT
content-encoding
gzip
age
13522519
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
W/"60fc3da0-d2d"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
access-control-allow-headers
*
x-amz-cf-id
tyxGjarV7zZtg2eHrL0zArntqiu5Yz72cjd22B4wFD3pjBSBTwm3zQ==
expires
Thu, 31 Dec 2037 23:55:55 GMT
add-view
ivona.ua/click/articles/stat/
39 B
409 B
XHR
General
Full URL
https://ivona.ua/click/articles/stat/add-view?cid=6&site=ivona&aid=5255288&0.13108983971318366
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
2dc7824b4593a58aaed31c8fdf7599e685f8e164900349adb9c8c09948b48f01

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://ivona.ua/
X-Requested-With
XMLHttpRequest
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 22 Mar 2022 04:06:59 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA56-C1
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://ivona.ua
access-control-allow-credentials
true
x-cache
Miss from cloudfront
access-control-allow-headers
*
x-amz-cf-id
me4i6cs8Sf52uZiuKQPcHSVxIxDuSj0lCbd9pqqqHavO0GITXwZQag==
z
s.zmctrack.net/ Frame ECD2
50 KB
23 KB
XHR
General
Full URL
https://s.zmctrack.net/z
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
c7a700ef088ffaea195e7a00957b4af5d85147d811902d847ec8e86d94162f4f

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23351
expires
Thu, 01 Jan 1970 00:00:01 GMT
817f297d8f0d3a6f13a36c8ab3ac0774-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
i.ivona.ua/i/62/62/07/8/6262078/image_main/
130 KB
130 KB
Image
General
Full URL
https://i.ivona.ua/i/62/62/07/8/6262078/image_main/817f297d8f0d3a6f13a36c8ab3ac0774-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fc1a4ccf57ea460936d3328138ec4053d59bdb7445ea7930e9820cfe57eb2c0a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 16:12:39 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 15:43:33 GMT
server
AmazonS3
age
42827
etag
"4753ba370d11c7d20b2318c3129ed9db"
x-cache
Hit from cloudfront
x-amz-version-id
S0JlUJeacTNWI59x64SAywzkhmHvpZdC
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
132950
x-amz-cf-id
yFFrWoIVo4G4V9UuZHWeypNVhEhuo9GO8VXIFyD8l83FXN_9MSxWQg==
817f297d8f0d3a6f13a36c8ab3ac0774-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/62/07/8/6262078/image_main/
8 KB
8 KB
Image
General
Full URL
https://i.ivona.ua/i/62/62/07/8/6262078/image_main/817f297d8f0d3a6f13a36c8ab3ac0774-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8ef68c532845c4d011981f695c3506d8f1e37ce40786ac175953e70178edf19

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 16:12:54 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 15:43:34 GMT
server
AmazonS3
age
42812
etag
"d29a5b733e48f7bdcad74c4133fdc259"
x-cache
Hit from cloudfront
x-amz-version-id
Q_hL6WWNOla_L3sbUtPSmpI5Ulr0yFRY
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
8291
x-amz-cf-id
irQW3trgZZMsvDIPw6YbvyGFshK5kRWu4WJjxJz8qAAbtin8dbEVQQ==
6e165c746a724430caae15178e21a6e2-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/62/04/1/6262041/image_main/
5 KB
5 KB
Image
General
Full URL
https://i.ivona.ua/i/62/62/04/1/6262041/image_main/6e165c746a724430caae15178e21a6e2-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad04ecc25afc06bdc025fced82e8487a956f9c5a43fe7d0123b713b260fd53ea

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 15:05:34 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 14:49:27 GMT
server
AmazonS3
age
46852
etag
"fda8358638e5feb431b833c6a747fe70"
x-cache
Hit from cloudfront
x-amz-version-id
JGTj_Tdw33_JXooKKjIYml7gVt91GZX9
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
5118
x-amz-cf-id
kbLSuP8tfRUw83i13Mz2_fboobe5dQE-u-1dlnciBwfX3cppTvDbVg==
c6a97a4854f26a830544c99cc4af26b8-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/62/02/6/6262026/image_main/
6 KB
6 KB
Image
General
Full URL
https://i.ivona.ua/i/62/62/02/6/6262026/image_main/c6a97a4854f26a830544c99cc4af26b8-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20b48f2d06a2ee4cdf0af422cb963e9245c92654af2706678e6f69f0391fe7b8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 14:43:19 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 14:17:57 GMT
server
AmazonS3
age
48187
etag
"1274d7036eccb30fba757a3e491799a0"
x-cache
Hit from cloudfront
x-amz-version-id
BzVvTLdnIcXa8hOekKeDR1vffR72yjZ3
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
5948
x-amz-cf-id
dGzaOb_XG07HEXW6LIBAOv2En_LIG7PtGKrREBLQkTjnGOYMtQGpaw==
7cc83d19df864159cdab62545331e5c1-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/61/92/9/6261929/image_main/
9 KB
9 KB
Image
General
Full URL
https://i.ivona.ua/i/62/61/92/9/6261929/image_main/7cc83d19df864159cdab62545331e5c1-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3fef54925ab497557a1799dadb2064f78e3557c19fbc9b27b9439b5ff529cec5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:41:02 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 13:14:58 GMT
server
AmazonS3
age
51924
etag
"115623bacffaa1a87195c366e1956800"
x-cache
Hit from cloudfront
x-amz-version-id
CHwPzKNdQuOH1U0CPXH0K6lyhStxZXR_
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
8794
x-amz-cf-id
31yuMVHHzXG2ubGcVGuD2gD9f5bw7dbQT0VAKm_Uv7E4RrMFb11K_Q==
7cc83d19df864159cdab62545331e5c1-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/61/92/9/6261929/image_main/
13 KB
13 KB
Image
General
Full URL
https://i.ivona.ua/i/62/61/92/9/6261929/image_main/7cc83d19df864159cdab62545331e5c1-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c36e47807dcd7007ad03da542eaf26372ca10a82abf270d73d7ada5be65fd767

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:14:13 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 13:10:22 GMT
server
AmazonS3
age
53533
etag
"dea19185f6ca5e3d426768fac20b38ff"
x-cache
Hit from cloudfront
x-amz-version-id
8g9NmdeIhqJMJpKWyn5RVzppupdxxmkj
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
12938
x-amz-cf-id
946eVc9RqmzFsWgthTuNEMvljms3FbH1I78VxV7k7vl2iURdO5Q_RA==
9f8523019c32c2f0b831aef2ef10a3cf-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/61/86/9/6261869/image_main/
14 KB
15 KB
Image
General
Full URL
https://i.ivona.ua/i/62/61/86/9/6261869/image_main/9f8523019c32c2f0b831aef2ef10a3cf-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47620c41b67e387ccf1f9f1e5148c4f14a8d48cdcb8c5669472a0edfe6e3738a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 12:16:52 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 12:11:22 GMT
server
AmazonS3
age
56974
etag
"f8c8d9c7e297a621f0c8aff71a2569f3"
x-cache
Hit from cloudfront
x-amz-version-id
8uoDd.4DpzlMVJ5TfPxo3EAY6IvELRad
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
14752
x-amz-cf-id
lF2lcYb3rjUCDFK2ymUxOErntHiaw0dd0HB9VVmKG8ucEGVg6F3nIg==
771a5cac6a235dd4079d4e9dc48084fe-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/61/79/7/6261797/image_main/
14 KB
14 KB
Image
General
Full URL
https://i.ivona.ua/i/62/61/79/7/6261797/image_main/771a5cac6a235dd4079d4e9dc48084fe-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fd84710193a102562bd8326c528bb5336dbf27f814f2954dc086a90131a6eca0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:16:52 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 11:12:42 GMT
server
AmazonS3
age
60574
etag
"77d8f14e15d43ff419cb69b4b1fd6b2a"
x-cache
Hit from cloudfront
x-amz-version-id
VmXoqECSI7edn1eKGrDJPxTxjLuDY.qv
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
14147
x-amz-cf-id
hMkoF65ZgZGmL0L7Vn4iXt01Y60RZIUF7H3uUwbd51RueoQQUH0XRA==
5312d1a7523d531abfb3114e7dcaf8a8-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/61/76/5/6261765/image_main/
37 KB
37 KB
Image
General
Full URL
https://i.ivona.ua/i/62/61/76/5/6261765/image_main/5312d1a7523d531abfb3114e7dcaf8a8-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b91db7c75a9298ebde0c0fdd241fdf8178a860f1ae22cbd11fa78bd78fa54f3c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 08:56:43 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 08:56:43 GMT
server
AmazonS3
age
68983
etag
"4842047d0eb470a279a5dab17758bcda"
x-cache
Hit from cloudfront
x-amz-version-id
x4ZdKDJS4ZvOHYDjiNeR2T2x3JmFcukA
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
37742
x-amz-cf-id
9xYw79uo7i5NStwi7NVu3ezBgWhAo94XNAXwOASucT4Hu5yW2xzmkw==
a8e232978bb099f3227a2735ba5e14ba-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/61/03/6/6261036/image_main/
9 KB
10 KB
Image
General
Full URL
https://i.ivona.ua/i/62/61/03/6/6261036/image_main/a8e232978bb099f3227a2735ba5e14ba-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a6be2093e3e0effead5f267e134429c4645c7a98141e4b47dc025e9a2d069a7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 15:29:47 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Sat, 19 Mar 2022 15:12:07 GMT
server
AmazonS3
age
218199
etag
"74776878489722eaabb6c9e3712ac6b3"
x-cache
Hit from cloudfront
x-amz-version-id
kgegFeR4G_WbM8v9xPD..8unrtiRr0qH
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
9494
x-amz-cf-id
xW2zfCYIW59OZua_Zgc8448KEBKDQ7NfwipIV3cTnrcctzXtK8-u2A==
344363afb4a443b8f781f78cd7ee2700-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/57/70/6/6257706/image_main/
35 KB
35 KB
Image
General
Full URL
https://i.ivona.ua/i/62/57/70/6/6257706/image_main/344363afb4a443b8f781f78cd7ee2700-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76e49115526453de96a772c70c6c021b844fde78b5aa5a467b40c33c0dd8f783

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 08:21:37 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Tue, 15 Mar 2022 08:12:24 GMT
server
AmazonS3
age
589488
etag
"821b838be11be6fcc73f2d230c1452a4"
x-cache
Hit from cloudfront
x-amz-version-id
tPDvvzGtYOHejZANYmap8BJAUmqjHzYy
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
35602
x-amz-cf-id
G3x3XuxQWjeH2r8kSuJOyMYt9HBoMJEJGe4lNxX49nmHp43NmOgD1w==
edbfc75e97cdadf7cd649d52592fb0ec-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/56/91/7/6256917/image_main/
29 KB
29 KB
Image
General
Full URL
https://i.ivona.ua/i/62/56/91/7/6256917/image_main/edbfc75e97cdadf7cd649d52592fb0ec-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
759834b7316b31b838b427955065153b2eda46f8022fe1e0892323f599d6947e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 13 Mar 2022 15:32:58 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Sun, 13 Mar 2022 15:10:19 GMT
server
AmazonS3
age
736408
etag
"e90d4edb75917fdeb43fd08cfcadb423"
x-cache
Hit from cloudfront
x-amz-version-id
loBaVzFqdey3mK0UOqvdT9b6OullyGSF
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
29193
x-amz-cf-id
0cq20klzK_nCNbW-CAKFHa_52lYmVC-aeLsoi17_5Ss02ud1uBw74w==
74791c0ce9a3f37eaf7abbaa23e6b9c7-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
i.ivona.ua/i/62/46/62/6/6246626/image_main/
8 KB
9 KB
Image
General
Full URL
https://i.ivona.ua/i/62/46/62/6/6246626/image_main/74791c0ce9a3f37eaf7abbaa23e6b9c7-quality_100Xresize_crop_1Xallow_enlarge_0Xw_120Xh_90.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ea13b282c1ba7a41f41f284b0c1c084e7151e48be7c78cc9e57824c44d2c0e0c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 23 Feb 2022 18:47:13 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Wed, 23 Feb 2022 18:42:34 GMT
server
AmazonS3
age
2279953
etag
"f02e053bf0976e85b2e0bddbf2844f23"
x-cache
Hit from cloudfront
x-amz-version-id
G3WxX5JHI1b9KrMxZXGTRGwF6jkRMMf_
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
8333
x-amz-cf-id
ZVbC432xddMolcE8B5KubYa1Nwix5XqtzVepZuta7PK0pK5fjH8Nhg==
8e74e26cb3b1d592123ade402127f6dc-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/61/06/7/6261067/image_main/
5 KB
6 KB
Image
General
Full URL
https://i.ivona.ua/i/62/61/06/7/6261067/image_main/8e74e26cb3b1d592123ade402127f6dc-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5b4c50db42f5cb9000efc48143a7a8bff2f887712a77874defbd30a9372e0e83

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 16:38:46 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Sat, 19 Mar 2022 16:22:24 GMT
server
AmazonS3
age
214060
etag
"a98491387cbc43ea3641605e4bc032f4"
x-cache
Hit from cloudfront
x-amz-version-id
uROY96h.D5oOiEhVa6XPpk0uzJtoP81t
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
5307
x-amz-cf-id
eIA5_EGJXe5ms54WkCO8zdOc1HJ-7ltHQ8ZZgoJp5-2NNjrpKQcg3w==
5b340afe98b8ac571a1482d583194f9b-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/58/72/1/6258721/image_main/
7 KB
8 KB
Image
General
Full URL
https://i.ivona.ua/i/62/58/72/1/6258721/image_main/5b340afe98b8ac571a1482d583194f9b-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6b9d2159a8298cef6fd0897da2f2e8002b416ddf5d33b5d7ee93b5e951a60c7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 06:37:21 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Wed, 16 Mar 2022 06:23:08 GMT
server
AmazonS3
age
509345
etag
"73c4759bdf4e8670197b600bac5ab4f9"
x-cache
Hit from cloudfront
x-amz-version-id
mR2psdPx2oLaMTFv3FlaHFHkRuDyvwOB
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
7579
x-amz-cf-id
hRE_jJ0QjlaOBgvkBQarRQGPebWJ4iEhhn0MgZ5a21c2vMGaJfJV0g==
771a5cac6a235dd4079d4e9dc48084fe-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
i.ivona.ua/i/62/61/79/7/6261797/image_main/
7 KB
7 KB
Image
General
Full URL
https://i.ivona.ua/i/62/61/79/7/6261797/image_main/771a5cac6a235dd4079d4e9dc48084fe-quality_100Xresize_crop_1Xallow_enlarge_0Xw_80Xh_60.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6bdc397f15aaf13d1d53fa82dc2b2b44fb65561176562d0f46e7cfd2e277b6b6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 11:38:54 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 11:12:40 GMT
server
AmazonS3
age
59252
etag
"9bab880f33a03790df012525012ccef6"
x-cache
Hit from cloudfront
x-amz-version-id
bY4FZXhg8XslRJjgCLbLr6k2MTpqr0Uq
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
6926
x-amz-cf-id
VPoOqCUDiJmBYqfAYdYxuJbQ0apIH78-trAAQLUd9Wbz_3Kz4p6FQw==
load
z.cdn.umh.ua/
42 B
367 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1817662902&div=zone_1817662902&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1303&pl=3&mi=4&me=8&hc=4&n=1647921985749&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2666238683
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
7b8e36274e8930a38a94c85117c749376c2a1d7a219fe1558e2a58dd39e9e1dd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:25 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/
42 B
367 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=2096059570&div=zone_2096059570&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1303&pl=3&mi=4&me=8&hc=4&n=1647921985749&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2666238683
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
258648f036b2724ed8b9868d5e04d05d6f76b6a9aed313da504c76e436a127c8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:25 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/
42 B
367 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1604070069&div=zone_1604070069&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1303&pl=3&mi=4&me=8&hc=4&n=1647921985749&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2666238683
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
e09b2dd8838df37e9abab83c276821dce1d4484bf03e0b2d6bdea6a454e8657d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:25 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/
57 B
184 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=2068016217&div=zone_2068016217&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1303&pl=3&mi=4&me=8&hc=4&n=1647921985749&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2666238683
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
b6ce302111de6cc0467e584ea54cd79e186e2c2d2872c1809ff7548ed750ce96

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:25 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
57
expires
-1
load
z.cdn.umh.ua/
75 B
202 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1451965891&div=zone_1451965891&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1303&pl=3&mi=4&me=8&hc=4&n=1647921985749&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2666238683
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
57390a59a4e6bc139c12e476c0811a97ba27438d8281070035d778f336ddb30c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:25 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
load
z.cdn.umh.ua/
57 B
184 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1217097366&div=zone_1217097366&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1303&pl=3&mi=4&me=8&hc=4&n=1647921985749&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2666238683
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
c30b014e3192d3d0d52b07e96b08e53ae72996798717bd8a46eeecfb353e7f16

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:25 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
57
expires
-1
load
z.cdn.umh.ua/
42 B
169 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1320962835&div=zone_1320962835&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1303&pl=3&mi=4&me=8&hc=4&n=1647921985749&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2666238683
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
813e00e93ee3876232674bfb1e27eebbeebc4a9494fbe02aff87c00aa6834ee9

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:25 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/
415 B
429 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1579786519&div=zone_1579786519&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1303&pl=3&mi=4&me=8&hc=4&n=1647921985749&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2666238683
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
8fc1968b29dece9ab454a19447e2ba9565358032217a6b3b9fe2f8b25e0c209e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
gzip
server
nginx
content-type
text/plain; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
284
expires
-1
load
z.cdn.umh.ua/
75 B
202 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1966145486&div=zone_1966145486&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1303&pl=3&mi=4&me=8&hc=4&n=1647921985749&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2666238683
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
0c816db78c9677581e1a5944e4822496ff397e2fdba0df34a2f809b49562f3cf

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:25 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
load
z.cdn.umh.ua/
75 B
202 B
Script
General
Full URL
https://z.cdn.umh.ua/load?z=1424319715&div=zone_1424319715&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=1303&pl=3&mi=4&me=8&hc=4&n=1647921985749&url=ivona.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&zyx=2666238683
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
1713a1dc09693d01f4724c48cfaab88da8b9a434a417bfc33be94f6e566fa731

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:25 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
sdk.js
connect.facebook.net/uk_UA/
283 KB
81 KB
Script
General
Full URL
https://connect.facebook.net/uk_UA/sdk.js?hash=89a9060dd3c99587b42ae706e69cafd2
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fe875ad1c8a536d3bef1595405d66497bc653fe49af89f83e840fb5b88a5ee5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
SimULLSDJh565DqrD29eBw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Wed, 22 Mar 2023 02:36:13 GMT
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
82822
x-fb-rlafr
0
x-fb-debug
oFD1p3fklz4Gu7xCKE39TbX/u2PZY8f+7Ff2cvw0C4ZwF18uCH1Sk/XAQmJ/EOgFv8N0cAYbA1+z4oUOBbHVOA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
a2e562e18a59f1828d91ff95ae517395
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 22 Mar 2022 04:06:25 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"70da4cff192222fe67190ab01906f9f4"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
fpdata.js
gaua.hit.gemius.pl/
277 B
391 B
Script
General
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=ivona.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
9d26abfff6599dc90bba98b8fb31c76249394c0dcf43d0ec542882b1f324cd1a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
277
expires
Thu, 21 Apr 2022 04:06:25 GMT
lsget.html
ls.hit.gemius.pl/ Frame 59E5
5 KB
3 KB
Document
General
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS
ip108.ip-146-59-30.eu
Software
GHC /
Resource Hash
87e858bf975ef9f79ae3d7750fe8c607ffda672ecc3be636859f14be59b080b5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
expires
Thu, 21 Apr 2022 04:06:25 GMT
server
GHC
accept-ranges
none
cache-control
private, max-age=2592000
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
etag
PRIVATE7520710249
vary
Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy
cross-origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
content-type
text/html;charset=utf-8
content-length
2719
content-encoding
gzip
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-206274582-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
100
date
Tue, 22 Mar 2022 04:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 22 Mar 2022 06:04:46 GMT
s
h.holder.com.ua/
731 B
1 KB
Script
General
Full URL
https://h.holder.com.ua/s?ta&b8655&c1&r66042817&dholder1817662902&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
a7bd160faadecf8e0df42d750aa8ce10138284d76481555c3044551104cc8964

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:26 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
731
Expires
Thu, 01 Jan 1970 00:00:00 GMT
s
h.holder.com.ua/
735 B
1 KB
Script
General
Full URL
https://h.holder.com.ua/s?ta&b8656&c1&r66042817&dholder2096059570&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
dca8823de767a73c21ca691a91cf4a6b73390a64ee42565d8c47c70f3a6e24eb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:26 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
735
Expires
Thu, 01 Jan 1970 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/
297 KB
107 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9cdb8386ec50b0345596bcb5e09cd9dc70a852baaf4725eebbf1b2b3633a367d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109610
x-xss-protection
0
server
cafe
etag
13364310204535023472
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 22 Mar 2022 04:06:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/ Frame 8BD3
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4502
x-xss-protection
0
date
Mon, 21 Mar 2022 23:16:13 GMT
expires
Mon, 04 Apr 2022 23:16:13 GMT
cache-control
public, max-age=1209600
age
17413
etag
4044455266028820542
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
h.holder.com.ua/
980 B
2 KB
Script
General
Full URL
https://h.holder.com.ua/s?ta&b8654&c1&r66042817&dholder1604070069&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
d7df2bcaf741416b5b5da1db82854dcaa9baef9cb1af177735b6ba8ee8b2b07a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:26 GMT
Server
nginx
P3P
policyref="https://i.holder.com.ua/w3c/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Content-Type
text/javascript; charset=windows-1251
Keep-Alive
timeout=5
Content-Length
980
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.html
cdn.admixer.net/scripts3/44184/ Frame D7F4
738 B
419 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 22 Mar 2022 04:06:26 GMT
content-type
text/html
last-modified
Sat, 26 Feb 2022 17:57:57 GMT
vary
Accept-Encoding
etag
W/"621a6a25-2e2"
expires
Wed, 22 Mar 2023 10:10:09 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-03-21T10:10:09+00:00
x-id
fr5-up-gc29
content-encoding
gzip
s
h.holder.com.ua/
0
0
Script
General
Full URL
https://h.holder.com.ua/s?ta&bholder_320x100_5759&c1&r66042817&dholder2068016217&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:26 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
s
h.holder.com.ua/
0
0
Script
General
Full URL
https://h.holder.com.ua/s?ta&bholder_320x100_4084&c1&r66042817&dholder1217097366&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:26 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
s
h.holder.com.ua/
0
126 B
Script
General
Full URL
https://h.holder.com.ua/s?ta&b2718&c1&r66042817&dholder1320962835&hhttps%3A//ivona.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:26 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
c.html
cdn.admixer.net/scripts3/44184/ Frame 0D8F
738 B
396 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 22 Mar 2022 04:06:26 GMT
content-type
text/html
last-modified
Sat, 26 Feb 2022 17:57:57 GMT
vary
Accept-Encoding
etag
W/"621a6a25-2e2"
expires
Wed, 22 Mar 2023 10:10:09 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-03-21T10:10:09+00:00
x-id
fr5-up-gc29
content-encoding
gzip
c.html
cdn.admixer.net/scripts3/44184/ Frame 508D
738 B
396 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 22 Mar 2022 04:06:26 GMT
content-type
text/html
last-modified
Sat, 26 Feb 2022 17:57:57 GMT
vary
Accept-Encoding
etag
W/"621a6a25-2e2"
expires
Wed, 22 Mar 2023 10:10:09 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-03-21T10:10:09+00:00
x-id
fr5-up-gc29
content-encoding
gzip
c.html
cdn.admixer.net/scripts3/44184/ Frame 43D0
738 B
396 B
Document
General
Full URL
https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 22 Mar 2022 04:06:26 GMT
content-type
text/html
last-modified
Sat, 26 Feb 2022 17:57:57 GMT
vary
Accept-Encoding
etag
W/"621a6a25-2e2"
expires
Wed, 22 Mar 2023 10:10:09 GMT
cache-control
max-age=31622400
cache
HIT
x-cached-since
2022-03-21T10:10:09+00:00
x-id
fr5-up-gc29
content-encoding
gzip
dsp.aspx
inv-nets.admixer.net/
14 KB
4 KB
Script
General
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=1100180453766861.4&cpv=12a482b7-4198-049e-6ed6-667bd0d5c3ff&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%227aa5e81b-a57e-5215-1876-638f639ac9bd%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22e41e693f-bd78-6875-082c-60a2556807c0%22%2C%22tagid%22%3A%22c15953fe-60cc-47f4-a7b2-8735f0b6c691%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1451965891%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
bf0a76fe476f36dbb44a925fdfc3425c12db0ccc71f08e54f998faf49699e4bd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:26 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
3729
X-Xss-Protection
0
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1797034293858937&ev=fb_page_view&dl=https%3A%2F%2Fivona.ua%2F&rl=&if=false&ts=1647921986078&sw=1600&sh=1200&at=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Tue, 22 Mar 2022 04:06:26 GMT
dsp.aspx
inv-nets.admixer.net/
9 KB
3 KB
Script
General
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=1504504237455264.2&cpv=12a482b7-4198-049e-6ed6-667bd0d5c3ff&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22a412106b-f444-de22-b65e-8dcc799fd677%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22a33098d9-9bc3-c482-1813-fa419e44563b%22%2C%22tagid%22%3A%22e7702231-2e98-4fd2-8c48-2b474cab0363%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1424319715%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
ff08dcde9a458eb086ac477a627e4074978ac9655fc243620e91232064c32b79
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:26 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
3018
X-Xss-Protection
0
dsp.aspx
inv-nets.admixer.net/
10 KB
3 KB
Script
General
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=744083304079896.6&cpv=12a482b7-4198-049e-6ed6-667bd0d5c3ff&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22906c4c28-bfd3-c70e-3255-f23bd272e4bf%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224c3e6b58-4b06-e3aa-464b-e6820594d611%22%2C%22tagid%22%3A%2289ccbdfd-1266-46c2-a1de-466d0d5c1f57%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1579786519%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
d6dcdc16622f417e6c5dc299bbe515ebb636e2964a1c8729fd869474f66b80ee
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:26 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
2849
X-Xss-Protection
0
dsp.aspx
inv-nets.admixer.net/
222 B
674 B
Script
General
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=6598614515501113&cpv=12a482b7-4198-049e-6ed6-667bd0d5c3ff&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%220e26756d-7dad-6cc0-518b-bf11730954be%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fivona.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2284c9734c-cb64-6679-8958-398d2c92fadd%22%2C%22tagid%22%3A%22d9675bdf-cf85-4051-92db-9ca047f83379%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1966145486%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
d2f0f0ea6979359bd491ba9560cb1bad817ab00b74a14a1308ef8bf372e8846e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:26 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
201
X-Xss-Protection
0
rexdot.js
gaua.hit.gemius.pl/__/_1647921986098/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1647921986098/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F...
  • https://gaua.hit.gemius.pl/__/_1647921986098/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua...
169 B
425 B
Script
General
Full URL
https://gaua.hit.gemius.pl/__/_1647921986098/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=341&lsdata=aytxFCaAtzeCOm4l2du4bP5Gffs2L6QkC5l8BEOJvdr.u7eXr1N0nCt7tSP7qHNZoreiz4tB3khBO54I2ocTG04UD6LO/5C.maSXVY80zz/&fpdata=Nkhxt3KUEG8..I9_ZT2RIqY5pCG.1FZsj_tqkEI6yUr.A7&vis=1&fpcap=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
501625e01479ab61367685da5241d5c2e035c98e1770182b278844059a8b1bb8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:26 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Mon, 21 Mar 2022 04:06:26 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:26 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1647921986098/rexdot.js?l=100&id=0tg7AmcKFHRIcUflR11FG6Q9rkJirKcywUtsA4vEdun.v7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fivona.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=341&lsdata=aytxFCaAtzeCOm4l2du4bP5Gffs2L6QkC5l8BEOJvdr.u7eXr1N0nCt7tSP7qHNZoreiz4tB3khBO54I2ocTG04UD6LO/5C.maSXVY80zz/&fpdata=Nkhxt3KUEG8..I9_ZT2RIqY5pCG.1FZsj_tqkEI6yUr.A7&vis=1&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 21 Mar 2022 04:06:26 GMT
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1165159230&t=pageview&_s=1&dl=https%3A%2F%2Fivona.ua%2F&ul=en-us&de=UTF-8&dt=%D0%96%D0%B5%D0%BD%D1%81%D0%BA%D0%B8%D0%B9%20%D0%B6%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20IVONA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=877975875&gjid=757155256&cid=175811496.1647921986&tid=UA-206274582-1&_gid=1350180959.1647921986&_r=1&gtm=2ou3e0&z=1915814733
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/
212 B
642 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ivona.ua&callback=_gfp_s_&client=ca-pub-3755662197386269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ec66339ee29bea838a449c34e107fced546cf0ee0e04e9085dda0a12cf7119f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7C4C
0
19 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1647921986&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fivona.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921985872&bpp=4&bdt=1018&idt=314&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7054818411227&frm=20&pv=2&ga_vid=175811496.1647921986&ga_sid=1647921986&ga_hid=1165159230&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31065544&oid=2&pvsid=773249475289896&pem=468&tmod=714857295&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=335
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 22 Mar 2022 04:06:26 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 22 Mar 2022 04:06:26 GMT
cache-control
private
/
loadercdn.net/
0
170 B
Image
General
Full URL
https://loadercdn.net/?r=1&u=1343d5c8e4a4bba2&d=ivona.ua
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Mar 2022 04:06:26 GMT
server
openresty
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
170 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ivona.ua
date
Tue, 22 Mar 2022 04:06:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/
0
330 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:26 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ivona.ua
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
170 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ivona.ua
date
Tue, 22 Mar 2022 04:06:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
v1
ww251.smartadserver.com/prebid/
0
330 B
XHR
General
Full URL
https://ww251.smartadserver.com/prebid/v1
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:26 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ivona.ua
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
collect
stats.g.doubleclick.net/j/
4 B
437 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-206274582-1&cid=175811496.1647921986&jid=877975875&gjid=757155256&_gid=1350180959.1647921986&_u=YEBAAUAAAAAAAC~&z=848020568
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c01::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 22 Mar 2022 04:06:26 GMT
content-type
text/plain
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/44184/
28 KB
11 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/44184/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:58 GMT
server
nginx
etag
W/"621a6a26-702f"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:57+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:57 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/44184/
42 KB
18 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/44184/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:58:00 GMT
server
nginx
etag
W/"621a6a28-a793"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:57+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:57 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/44184/
13 KB
5 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/44184/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:52 GMT
server
nginx
etag
W/"621a6a20-326c"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:57+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:57 GMT
182f2d74c34963cea11e.b.js
cdn.admixer.net/scripts3/44184/
11 KB
4 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/44184/182f2d74c34963cea11e.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
51963d3074e03b274597ec8a657697e989d104197d060d7f71e4df8971c25edb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:44 GMT
server
nginx
etag
W/"621a6a18-2a79"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:57+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:57 GMT
631117330f3e56489daa.b.js
cdn.admixer.net/scripts3/44184/
214 KB
74 KB
Script
General
Full URL
https://cdn.admixer.net/scripts3/44184/631117330f3e56489daa.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
2cb6aa168491f0d76255839ccbed19fba4f560bcf0b95aea1dc84aa257ac685c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc29
date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
last-modified
Sat, 26 Feb 2022 17:57:49 GMT
server
nginx
etag
W/"621a6a1d-3594f"
vary
Accept-Encoding
x-cached-since
2022-02-26T17:58:57+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Mon, 27 Feb 2023 17:58:57 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
170 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ivona.ua
date
Tue, 22 Mar 2022 04:06:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
bids
prebid-eu.creativecdn.com/bidder/prebid/
0
170 B
XHR
General
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-65.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ivona.ua
date
Tue, 22 Mar 2022 04:06:26 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
v1
prg.smartadserver.com/prebid/
0
330 B
XHR
General
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:26 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://ivona.ua
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
/
exchange.informer.ua/informer/stat/ Frame 7873
5 KB
2 KB
Document
General
Full URL
https://exchange.informer.ua/informer/stat/?s=kolobok
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b8656&c1&r66042817&dholder2096059570&hhttps%3A//ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 / PHP/7.1.17
Resource Hash
19cfa2789b5c347c0f7f12eca121b19d0c863b8836a07a1ea8c439787d2488e8

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx/1.12.2
date
Tue, 22 Mar 2022 04:07:02 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.1.17
content-encoding
gzip
cmeter_an.js
source.mmi.bemobile.ua/cm/
10 KB
4 KB
Script
General
Full URL
https://source.mmi.bemobile.ua/cm/cmeter_an.js
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b8656&c1&r66042817&dholder2096059570&hhttps%3A//ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 07:53:34 GMT
server
nginx/1.13.0
etag
W/"5dc27bfe-2699"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
expires
Thu, 07 Nov 2019 07:53:34 GMT
ev_prebid.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=b2d7dbba5e8345328475ef26e78e696e&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=b84a8e95-4804-4f5a-8a10-736e12eac7d6&hp=-370074540&page=ivona.ua%2F&segments=495%2C5%2C2&ts=637835187862245994&ap=MA%3D%3D&asign=-1807885476&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-7&pxl=0&pvid=c573095d-86cc-4659-9aef-8bddbdf0dbed&ip=82.199.130.39&item=1EBE7643-AB97-4780-A4A5-EC43BEC73EA9&crid=1EBE7643-AB97-4780-A4A5-EC43BEC73EA9&size=350x240&profile=476857EE-5211-4F53-A2E9-6B14A06EFC2C&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 04:06:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=b2d7dbba5e8345328475ef26e78e696e&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=931aceb8-4184-4a10-b5cc-e42702adf4ff&hp=-370074540&page=ivona.ua%2F&segments=2%2C495%2C5&ts=637835187862889834&ap=MA%3D%3D&asign=-1984102256&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-7&pxl=0&pvid=b9919893-1840-4d8e-8e17-840011b01401&ip=82.199.130.39&item=8167273D-0350-4192-A2A7-6E2A0FB7CFFF&crid=8167273D-0350-4192-A2A7-6E2A0FB7CFFF&size=350x240&profile=36DBA250-021E-4192-BB34-F2EE916251DD&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 04:06:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=b2d7dbba5e8345328475ef26e78e696e&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=b84a8e95-4804-4f5a-8a10-736e12eac7d6&hp=-370074540&page=ivona.ua%2F&segments=2%2C495%2C5&ts=637835187862245994&ap=MA%3D%3D&asign=-1807885476&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-7&pxl=0&pvid=c573095d-86cc-4659-9aef-8bddbdf0dbed&ip=82.199.130.39&item=C3C5CCA8-CF47-42BE-A945-6D3416B60CD6&crid=C3C5CCA8-CF47-42BE-A945-6D3416B60CD6&size=350x240&profile=5EEA8F57-F0AA-4422-A5D9-20C13E0F2FBF&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 04:06:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_prebid.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=b2d7dbba5e8345328475ef26e78e696e&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=931aceb8-4184-4a10-b5cc-e42702adf4ff&hp=-370074540&page=ivona.ua%2F&segments=5%2C2%2C495&ts=637835187862889834&ap=MA%3D%3D&asign=-1984102256&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-7&pxl=0&pvid=b9919893-1840-4d8e-8e17-840011b01401&ip=82.199.130.39&item=5E5EC4A4-287F-4613-8D3B-354B1602DCD2&crid=5E5EC4A4-287F-4613-8D3B-354B1602DCD2&size=350x240&profile=A01BDF0B-F125-40F1-9022-C7F2F7F7F847&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 04:06:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
mwayss_invocation.min.js
ad.mox.tv/mox/
29 KB
10 KB
Script
General
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 22 Mar 2022 05:06:26 GMT
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=b2d7dbba5e8345328475ef26e78e696e&zone=E7702231-2E98-4FD2-8C48-2B474CAB0363&device=28&rule=367981D1-53B6-4DD6-8A3E-50DB6709E57C&requestId=6d4d30c9-45aa-41a3-82a5-3edb3b5f16f0&hp=-370074540&page=ivona.ua%2F&segments=495%2C5%2C2&ts=637835187862676021&ap=NDU%3D&asign=1410551059&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-7&pxl=0&pvid=b9919893-1840-4d8e-8e17-840011b01401&ip=82.199.130.39&item=F8B2536D-904F-43FA-A7FF-34F8638AC44B&crid=F8B2536D-904F-43FA-A7FF-34F8638AC44B&profile=A882975B-8C3C-40D9-B188-89F4EF2DFCE1&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:26 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ga-audiences
www.google.com/ads/
42 B
501 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-206274582-1&cid=175811496.1647921986&jid=877975875&_u=YEBAAUAAAAAAAC~&z=543236223
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
501 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-206274582-1&cid=175811496.1647921986&jid=877975875&_u=YEBAAUAAAAAAAC~&z=543236223
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ev_prebid.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=b2d7dbba5e8345328475ef26e78e696e&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=b84a8e95-4804-4f5a-8a10-736e12eac7d6&hp=-370074540&page=ivona.ua%2F&segments=5%2C2%2C495&ts=637835187862245994&ap=MA%3D%3D&asign=-1807885476&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-7&pxl=0&pvid=c573095d-86cc-4659-9aef-8bddbdf0dbed&ip=82.199.130.39&item=D0EEA9F9-C933-4D86-8C78-4628D65839DD&crid=D0EEA9F9-C933-4D86-8C78-4628D65839DD&size=350x240&profile=08C7770D-D6A5-444B-8C99-6C11B1376450&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 04:06:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 060E
156 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81c08fef0a82e1cc4a63f66a1b54ef3eefe0a1fd676620bb02529cffe36bcb4e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54709
x-xss-protection
0
server
cafe
etag
13601409971535512199
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 22 Mar 2022 04:06:26 GMT
ev_prebid.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=b2d7dbba5e8345328475ef26e78e696e&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=931aceb8-4184-4a10-b5cc-e42702adf4ff&hp=-370074540&page=ivona.ua%2F&segments=5%2C2%2C495&ts=637835187862889834&ap=MA%3D%3D&asign=-1984102256&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-7&pxl=0&pvid=b9919893-1840-4d8e-8e17-840011b01401&ip=82.199.130.39&item=9B1B0305-7D25-4D27-94D9-2AAB9CA411F2&crid=9B1B0305-7D25-4D27-94D9-2AAB9CA411F2&size=350x240&profile=A30ACB44-18F1-45CA-BA85-5B440B44C7DF&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 04:06:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=b2d7dbba5e8345328475ef26e78e696e&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=931aceb8-4184-4a10-b5cc-e42702adf4ff&hp=-370074540&page=ivona.ua%2F&segments=5%2C2%2C495&ts=637835187862889834&ap=OA%3D%3D&asign=-1701777254&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-7&pxl=0&pvid=b9919893-1840-4d8e-8e17-840011b01401&ip=82.199.130.39&item=08C00FAB-E6A6-4787-A1BA-A1848F9630CB&crid=08C00FAB-E6A6-4787-A1BA-A1848F9630CB&size=728x90&profile=C87AA202-A622-463B-98B8-FBABB05C7EEA&isopt=0&adv=N%2FA&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:26 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
jsunit
a4p.adpartner.pro/
12 KB
3 KB
Script
General
Full URL
https://a4p.adpartner.pro/jsunit?id=7161&ref=&0.39385717787707675
Requested by
Host: h.holder.com.ua
URL: https://h.holder.com.ua/s?ta&b8654&c1&r66042817&dholder1604070069&hhttps%3A//ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
2e6388440eb7209bea8e05c25d23d9751b5f3512f1052ffc52a79cc09d5b457e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
cache-control
no-store no-transform
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
s
h.holder.com.ua/
3 B
371 B
Image
General
Full URL
https://h.holder.com.ua/s?tv&p1&b8654&r1420216176
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:27 GMT
Server
nginx
Content-Type
application/x-www-form-urlencoded; charset=windows-1251
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
3
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ivona.bigmir.net.1211636.js
jsc.idealmedia.io/i/v/
2 KB
1 KB
Script
General
Full URL
https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be705c134d98e7a215275e82ed9d928f4361b65143517f9809ae1c9e113eeb42

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4952
cf-ray
6efc0e01682b9a17-FRA
content-length
746
x-amz-id-2
Pmnn4McqNPCNVwutBlrvMOOnQj81mKj2FvVzA/CLc07rNejOOBKVgaap3lmKFU5ii1JpsdaLAUU=
last-modified
Fri, 04 Feb 2022 07:41:12 GMT
server
cloudflare
etag
"d245c3976e8b37aa0431b5a7963b9259"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
VDRF1T0NMPPN6N9N
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 22 Mar 2022 07:06:26 GMT
s
h.holder.com.ua/
3 B
371 B
Image
General
Full URL
https://h.holder.com.ua/s?tv&p1&b8655&r1689834847
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:26 GMT
Server
nginx
Content-Type
application/x-www-form-urlencoded; charset=windows-1251
Cache-Control
no-cache, no-store, must-revalidate, no-cache=Set-Cookie, max-age=0, proxy-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
3
Expires
Thu, 01 Jan 1970 00:00:00 GMT
mwayss_invocation.min.js
ad.mox.tv/mox/
29 KB
10 KB
Script
General
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 22 Mar 2022 05:06:26 GMT
ev_prebid.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_prebid.aspx?cc=DE&am-uid=b2d7dbba5e8345328475ef26e78e696e&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=b84a8e95-4804-4f5a-8a10-736e12eac7d6&hp=-370074540&page=ivona.ua%2F&segments=5%2C2%2C495&ts=637835187862245994&ap=MA%3D%3D&asign=-1807885476&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-7&pxl=0&pvid=c573095d-86cc-4659-9aef-8bddbdf0dbed&ip=82.199.130.39&item=742F880D-0B09-4A22-9509-965113280D36&crid=742F880D-0B09-4A22-9509-965113280D36&size=350x240&profile=C27F7D27-35B0-471E-9AB7-5DD4D760EF40&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 04:06:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=b2d7dbba5e8345328475ef26e78e696e&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=b84a8e95-4804-4f5a-8a10-736e12eac7d6&hp=-370074540&page=ivona.ua%2F&segments=5%2C2%2C495&ts=637835187862245994&ap=OA%3D%3D&asign=-2090210478&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-7&pxl=0&pvid=c573095d-86cc-4659-9aef-8bddbdf0dbed&ip=82.199.130.39&item=6F40F793-2197-419B-99FF-3A23ACB393CA&crid=6F40F793-2197-419B-99FF-3A23ACB393CA&size=300x600&profile=B774ED5B-868F-4830-AF4F-06A3722C07AE&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:26 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/ Frame 060E
297 KB
107 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9cdb8386ec50b0345596bcb5e09cd9dc70a852baaf4725eebbf1b2b3633a367d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
109610
x-xss-protection
0
server
cafe
etag
13364310204535023472
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 22 Mar 2022 04:06:26 GMT
z
s.zmctrack.net/ Frame 0422
102 B
446 B
XHR
General
Full URL
https://s.zmctrack.net/z
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
373aefdd3a72fc0f86f179979bb9c55bfe0883cc9df51f792a68a7ef66ddc3b1

Request headers

Referer
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://ivona.ua
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
impress
ad.mox.tv/delivery/
18 KB
10 KB
XHR
General
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=ivona.ua&top_url=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&url=https%3A%2F%2Fivona.ua%2F&referrer=&async=1&uid=3546044832
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b368c76d7ca58e5f4cd899c8a886714ec5d002fc6f6cbf180fb6781dde21c18d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://ivona.ua
date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
impress
ad.mox.tv/delivery/
19 KB
11 KB
XHR
General
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=ivona.ua&top_url=https%3A%2F%2Fivona.ua%2F&domain=ivona.ua&url=https%3A%2F%2Fivona.ua%2F&referrer=&async=1&uid=2470827108
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ace460c46045291b5ad4be14c916040abb638a717f7737b062e05405be837611

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://ivona.ua
date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
logo_top.png
kolobok.ua/images/ Frame 7873
8 KB
8 KB
Image
General
Full URL
https://kolobok.ua/images/logo_top.png
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:07:00 GMT
last-modified
Thu, 04 Feb 2021 12:11:24 GMT
server
nginx
etag
"601be46c-208f"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
8335
expires
Thu, 31 Dec 2037 23:55:55 GMT
142fdc42b261787f0193cbfdae025308.jpg
exchange.informer.ua/assets/thumbnails/14/ Frame 7873
6 KB
7 KB
Image
General
Full URL
https://exchange.informer.ua/assets/thumbnails/14/142fdc42b261787f0193cbfdae025308.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
33400288ff10f1c8cec3cad23ad3c910f5a1f93ee89860224ac248fdb1118f1d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:07:02 GMT
last-modified
Thu, 17 Mar 2022 08:31:06 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"6232f1ca-1989"
content-length
6537
content-type
image/jpeg
dada2ca2e09b1a1e16aa1e8413d3db62.jpg
exchange.informer.ua/assets/thumbnails/da/ Frame 7873
6 KB
6 KB
Image
General
Full URL
https://exchange.informer.ua/assets/thumbnails/da/dada2ca2e09b1a1e16aa1e8413d3db62.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
a54b4444ecbfff874f40f5696136c22e13cc98a9311fea8dba07daef9d219b80

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:07:02 GMT
last-modified
Sun, 20 Mar 2022 10:21:05 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62370011-176a"
content-length
5994
content-type
image/jpeg
f56472dc4ce38f64c7ccc6cc7369e565.jpg
exchange.informer.ua/assets/thumbnails/f5/ Frame 7873
7 KB
7 KB
Image
General
Full URL
https://exchange.informer.ua/assets/thumbnails/f5/f56472dc4ce38f64c7ccc6cc7369e565.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
96178a9090fb5b87690faea4f0d19b95ecf89435f1d01995af9c176531719686

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:07:02 GMT
last-modified
Mon, 21 Mar 2022 23:21:11 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62390867-1a60"
content-length
6752
content-type
image/jpeg
47d7269c31c35ec907f385e3b48aa4c0.jpg
exchange.informer.ua/assets/thumbnails/47/ Frame 7873
5 KB
5 KB
Image
General
Full URL
https://exchange.informer.ua/assets/thumbnails/47/47d7269c31c35ec907f385e3b48aa4c0.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
9d1f93cc58ce3d5ed14e88bc68458c2b4f41569bc8a9f8e239bc5449ff179852

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:07:02 GMT
last-modified
Thu, 03 Mar 2022 19:51:04 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"62211c28-141c"
content-length
5148
content-type
image/jpeg
9dc5a3c70e8f8a07ac1744da64b7ddc3.jpg
exchange.informer.ua/assets/thumbnails/9d/ Frame 7873
6 KB
6 KB
Image
General
Full URL
https://exchange.informer.ua/assets/thumbnails/9d/9dc5a3c70e8f8a07ac1744da64b7ddc3.jpg
Requested by
Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=kolobok
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx/1.12.2 /
Resource Hash
68859645aef6b0e9900bd3de2a284c24022de62f9b4e6295113a9f33c12faa70

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://exchange.informer.ua/informer/stat/?s=kolobok
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:07:02 GMT
last-modified
Thu, 10 Mar 2022 09:11:03 GMT
server
nginx/1.12.2
accept-ranges
bytes
etag
"6229c0a7-1846"
content-length
6214
content-type
image/jpeg
cookie.js
partner.googleadservices.com/gampad/ Frame 060E
12 B
53 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ivona.ua&callback=_gfp_s_&client=ca-pub-3755662197386269&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 060E
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 060E
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ivona.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 099C
27 KB
12 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8c9ddeb88e1152c1d38e48a1809e5b2077917d09a06c2336e909feeae19ec01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 22 Mar 2022 04:06:27 GMT
server
cafe
content-length
12403
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 22 Mar 2022 04:06:27 GMT
cache-control
private
sodar
pagead2.googlesyndication.com/getconfig/ Frame 060E
14 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220317&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a8315eb3d9f6bc8cf656427db34ba9fbf5a4aebc59d6ed07598738d21afc4ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10603
x-xss-protection
0
upwards.png
ivona.ua/img/
2 KB
2 KB
Image
General
Full URL
https://ivona.ua/img/upwards.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/css/style.css/v10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-119.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c228cfe6b3ebb46f183eda1d08be68dfc80fd7680ce97ec6daef9b3d81f52b44

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/css/style.css/v10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 20 Oct 2021 13:35:31 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
age
13184880
x-cache
Hit from cloudfront
content-length
1602
last-modified
Sat, 24 Jul 2021 16:19:44 GMT
server
nginx
etag
"60fc3da0-642"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
YK-YwFRM0vgMjxRzBxC13I247lsDiuj91e59fvL304FCrLd7NWmQZg==
expires
Thu, 31 Dec 2037 23:55:55 GMT
swiper-bundle.min.css
unpkg.com/swiper@7.3.0/
15 KB
5 KB
Stylesheet
General
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
4916832
fly-request-id
01FT5BT4R4R9T5XAD97TJZYFJT
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6efc0e026a629b45-FRA
achernar.min.js
ad.mox.tv/js/achernar/
11 KB
4 KB
Script
General
Full URL
https://ad.mox.tv/js/achernar/achernar.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 14:47:09 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6213a5ed-2b1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 22 Mar 2022 05:06:26 GMT
prebid.js
ad.mox.tv/js/achernar/
212 KB
66 KB
Script
General
Full URL
https://ad.mox.tv/js/achernar/prebid.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
abda83b7b0fcad530a82341fef5a3b7acdfa13778c13debf5bddcc21beea49c5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
last-modified
Mon, 27 Sep 2021 12:39:02 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6151bb66-34fc0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Tue, 22 Mar 2022 05:06:26 GMT
gpt.js
www.googletagservices.com/tag/js/
82 KB
28 KB
Script
General
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d75ab9d55ca668d58f3b3f444267c3f38dd0d731c093a9c3221e1ee4f19ef512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27964
x-xss-protection
0
server
sffe
etag
"1165 / 85 of 1000 / last-modified: 1647900437"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 22 Mar 2022 04:06:26 GMT
swiper-bundle.min.js
unpkg.com/swiper@7.3.0/
132 KB
38 KB
Script
General
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
1879320
fly-request-id
01FWZWKMW4D5XZVDAAQ34HNM8B-fra
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
6efc0e026a639b45-FRA
mwayss_invocation.min.css
ad.mox.tv/mox/
3 KB
850 B
Stylesheet
General
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-a0a"
vary
Accept-Encoding
content-type
text/css
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/
35 B
372 B
Image
General
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
magic.png
bgstats.mox.tv/
0
66 B
Image
General
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=22d38ef4-4a01-4667-ba85-392080a21a80&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=22d38ef4-4a01-4667-ba85-392080a21a80&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d46b6bbd-ed08-4279-9fce-3b6861d24f24&ssp=prodoohmox&gdpr=0&gdpr_consent=
43 B
324 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d46b6bbd-ed08-4279-9fce-3b6861d24f24&ssp=prodoohmox&gdpr=0&gdpr_consent=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:27 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d46b6bbd-ed08-4279-9fce-3b6861d24f24&ssp=prodoohmox&gdpr=0&gdpr_consent=
Date
Tue, 22 Mar 2022 04:06:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
sync
odr.mookie1.com/t/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=38d34758-dfd3-4d9e-8b93-6fde47bcbe6c&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=38d34758-dfd3-4d9e-8b93-6fde47bcbe6c&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d46b6bbd-ed08-4279-9fce-3b6861d24f24&ssp=prodoohmox&gdpr=0&gdpr_consent=
43 B
106 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d46b6bbd-ed08-4279-9fce-3b6861d24f24&ssp=prodoohmox&gdpr=0&gdpr_consent=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:27 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=d46b6bbd-ed08-4279-9fce-3b6861d24f24&ssp=prodoohmox&gdpr=0&gdpr_consent=
Date
Tue, 22 Mar 2022 04:06:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cm.js
source.mmi.bemobile.ua/cm/
52 KB
20 KB
Script
General
Full URL
https://source.mmi.bemobile.ua/cm/cm.js
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cmeter_an.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.23 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
last-modified
Wed, 06 Nov 2019 07:53:34 GMT
server
nginx/1.13.0
etag
W/"5dc27bfe-d0f6"
content-type
application/javascript; charset=utf-8
cache-control
no-cache
expires
Thu, 07 Nov 2019 07:53:34 GMT
ivona.bigmir.net.1211636.es6.js
jsc.idealmedia.io/i/v/
238 KB
72 KB
Script
General
Full URL
https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33e16199d9717148e8043208cda7ac30a9140610e98aaab2d6ac8bfd8a6e5e74

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:26 GMT
content-encoding
gzip
cf-cache-status
HIT
age
4952
cf-ray
6efc0e01c8809a17-FRA
content-length
73235
x-amz-id-2
P4+62gC48SMHFh78WJ2Y2Bq+f8h7CKXOlXI+XkX1zsoSWeTehBc23dfYSyNXEYFvbR1EQXC+BCQ=
last-modified
Fri, 04 Feb 2022 07:41:12 GMT
server
cloudflare
etag
"fbaa30e6ac69d6335c32af00f9374da7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
ZFSEC416RCA2VW03
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Tue, 22 Mar 2022 07:06:26 GMT
tt
a4p.adpartner.pro/ Frame 4630
0
0
Document
General
Full URL
https://a4p.adpartner.pro/tt?time=0&apuid=f28c455d-c191-4216-be40-7cd9688b355a&session_pageview=1&session_id=1028c3a1-4b91-423a-b87c-0eba59f73627&site_visited=1&location=https%3A%2F%2Fivona.ua%2F&referer=
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7161&ref=&0.39385717787707675
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 22 Mar 2022 04:06:27 GMT
cache-control
no-store no-transform
ls
a4p.adpartner.pro/jsunit/ Frame F258
5 KB
2 KB
Document
General
Full URL
https://a4p.adpartner.pro/jsunit/ls?jsunit=7161&unit_id=7161&shown=&session_pageview=1&session_id=1028c3a1-4b91-423a-b87c-0eba59f73627&site_visited=1&apuid=f28c455d-c191-4216-be40-7cd9688b355a&width=300&screen_width=1600&reload_count=0&banner_num=1647921986785393278&is_in_viewport=0&ref=&location=https%3A%2F%2Fivona.ua%2F
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit?id=7161&ref=&0.39385717787707675
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
9dc5161268f9c2758201d0e6ddfadfc0b12da19ebdc6b3f14cb22e78438c790d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx
date
Tue, 22 Mar 2022 04:06:26 GMT
content-type
text/html; charset=utf-8
cache-control
no-store no-transform
content-encoding
br
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 060E
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Mar 2022 04:06:27 GMT
analytics.js
www.google-analytics.com/ Frame F258
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7161&unit_id=7161&shown=&session_pageview=1&session_id=1028c3a1-4b91-423a-b87c-0eba59f73627&site_visited=1&apuid=f28c455d-c191-4216-be40-7cd9688b355a&width=300&screen_width=1600&reload_count=0&banner_num=1647921986785393278&is_in_viewport=0&ref=&location=https%3A%2F%2Fivona.ua%2F
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://a4p.adpartner.pro/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
100
date
Tue, 22 Mar 2022 04:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 22 Mar 2022 06:04:46 GMT
jsunit
a4p.adpartner.pro/ Frame F258
6 KB
2 KB
XHR
General
Full URL
https://a4p.adpartner.pro/jsunit?banner_num=1647921986785393278&id=7161&is_in_viewport=0&ref=&reload_count=0&session_id=1028c3a1-4b91-423a-b87c-0eba59f73627&session_pageview=1&shown=&site_visited=1&unit_id=7161
Requested by
Host: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/jsunit/ls?jsunit=7161&unit_id=7161&shown=&session_pageview=1&session_id=1028c3a1-4b91-423a-b87c-0eba59f73627&site_visited=1&apuid=f28c455d-c191-4216-be40-7cd9688b355a&width=300&screen_width=1600&reload_count=0&banner_num=1647921986785393278&is_in_viewport=0&ref=&location=https%3A%2F%2Fivona.ua%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
8e516d1a4cd79279eca3fd875d4b461e2f5ab5a782a2449c64fbc7b217d649c7

Request headers

Referer
https://a4p.adpartner.pro/jsunit/ls?jsunit=7161&unit_id=7161&shown=&session_pageview=1&session_id=1028c3a1-4b91-423a-b87c-0eba59f73627&site_visited=1&apuid=f28c455d-c191-4216-be40-7cd9688b355a&width=300&screen_width=1600&reload_count=0&banner_num=1647921986785393278&is_in_viewport=0&ref=&location=https%3A%2F%2Fivona.ua%2F
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
text/plain

Response headers

access-control-allow-origin
https://a4p.adpartner.pro
date
Tue, 22 Mar 2022 04:06:27 GMT
cache-control
no-store no-transform
access-control-allow-credentials
true
server
nginx
content-encoding
br
content-type
application/javascript; charset=utf-8
cds.js
pa.tns-ua.com/viewability/
2 KB
3 KB
Script
General
Full URL
https://pa.tns-ua.com/viewability/cds.js
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
last-modified
Mon, 02 Jul 2018 17:26:53 GMT
server
nginx/1.13.0
accept-ranges
bytes
etag
"5b3a605d-9c3"
content-length
2499
content-type
application/javascript; charset=utf-8
pubads_impl_2022031601.js
securepubads.g.doubleclick.net/gpt/
365 KB
124 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 21:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
23566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126823
x-xss-protection
0
last-modified
Wed, 16 Mar 2022 08:34:12 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 21 Mar 2023 21:33:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
160 B
742 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ivona.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
36e8435564fbeaa59d7c1b052cc8297092a2fce7471d86976777f7027daef8a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Tue, 22 Mar 2022 04:06:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C2B8
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 22:42:01 GMT
expires
Tue, 21 Mar 2023 22:42:01 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
19466
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 08FF
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
db42a29165eb970adf9b58acafc76da5159f787943ee213e4c1c6e1aadec9992
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-oVnP8SMioUb9xn1gQ0wlyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 22 Mar 2022 04:06:27 GMT
date
Tue, 22 Mar 2022 04:06:27 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-oVnP8SMioUb9xn1gQ0wlyQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
1px-matching-adpartner.gif
t.trafmag.com/images/
35 B
351 B
Image
General
Full URL
https://t.trafmag.com/images/1px-matching-adpartner.gif?id=f28c455d-c191-4216-be40-7cd9688b355a
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS
t.trafmag.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:27 GMT
Server
nginx
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
P3P
CP="NON DSP COR CURa TIA"
uid=f28c455d-c191-4216-be40-7cd9688b355a
s.uuidksinc.net/match/798/
74 B
241 B
Image
General
Full URL
https://s.uuidksinc.net/match/798/uid=f28c455d-c191-4216-be40-7cd9688b355a
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.220.27.134 Amsterdam, Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.0 /
Resource Hash
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
server
nginx/1.19.0
content-length
74
content-type
image/png
f28c455d-c191-4216-be40-7cd9688b355a
recreativ.ru/mtch/31/
0
0

pix
dsp-trk.eskimi.com/
43 B
256 B
Image
General
Full URL
https://dsp-trk.eskimi.com/pix?e=24&exuid=f28c455d-c191-4216-be40-7cd9688b355a
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.139.69 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
69.139.120.34.bc.googleusercontent.com
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
adpdigital
px.adhigh.net/p/cm/
Redirect Chain
  • https://px.adhigh.net/p/cm/adpdigital
  • https://px.adhigh.net/p/cm/adpdigital?bounced=1
49 B
326 B
Image
General
Full URL
https://px.adhigh.net/p/cm/adpdigital?bounced=1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
194.190.76.41 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS
smtp11.sender.ltmse.com
Software
nginx /
Resource Hash
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:27 GMT
server
nginx
x-backend-id
f11-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
*
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-type
image/gif
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:27 GMT
server
nginx
access-control-allow-origin
*
x-backend-id
f11-ru
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://px.adhigh.net/p/cm/adpdigital?bounced=1
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
match
dm.hybrid.ai/
0
238 B
Image
General
Full URL
https://dm.hybrid.ai/match?id=177&vid=f28c455d-c191-4216-be40-7cd9688b355a
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),
Reverse DNS
Software
Hybrid Web Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:27 GMT
server
Hybrid Web Server
p3p
CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin
*
cache-control
no-cache, no-store
x-mode
124
x-xss-protection
1; mode=block
expires
-1
userbind
match.new-programmatic.com/
0
215 B
Image
General
Full URL
https://match.new-programmatic.com/userbind?src=adpartner&id=f28c455d-c191-4216-be40-7cd9688b355a
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.65.2.150 Moscow, Russian Federation, ASN3175 (CITYTELECOM-MSK, RU),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 04:05:34 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
0
Vary
Origin
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D53%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007F434B39623A004AAD02B8DF73&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D53%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F434B3962DF09BA0302A94303
43 B
455 B
Image
General
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F434B3962DF09BA0302A94303
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
last-modified
Tue, 22 Mar 2022 04:06:28 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Tue, 22 Mar 2022 04:06:28 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=53&user_id=0100007F434B3962DF09BA0302A94303
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://www.acint.net/rmatch?dp=152&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D%24%7BUSER_ID%7D
  • https://www.acint.net/rmatch?r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D&dp=152&tc=1
  • https://ssp-rtb.sape.ru/rmatch?r=https%3A%2F%2Facint.net%2Frmatch%3Fdp%3D14%26euid%3D$%7BUSER_ID%7D%26r%3Dhttps%253A%252F%252Fa4p.adpartner.pro%252Fssp%252Fmatch%253Fdsp_id%253D55%2526user_id%253D$...
  • https://acint.net/rmatch?dp=14&euid=0100007F434B39623D0097AD02F4BF48&r=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D55%26user_id%3D$%7BUSER_ID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F434B3962DF09BA0302A94303
43 B
455 B
Image
General
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F434B3962DF09BA0302A94303
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
last-modified
Tue, 22 Mar 2022 04:06:28 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

date
Tue, 22 Mar 2022 04:06:28 GMT
server
openresty
p3p
CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL"
location
https://a4p.adpartner.pro/ssp/match?dsp_id=55&user_id=0100007F434B3962DF09BA0302A94303
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
content-type
text/html
content-length
154
expires
Wed, 19 Apr 2000 11:43:00 GMT
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44025&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D47%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=af26d260-1ff0-5351-8eac-37baec957cf9
43 B
457 B
Image
General
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=af26d260-1ff0-5351-8eac-37baec957cf9
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
last-modified
Tue, 22 Mar 2022 04:06:28 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=47&user_id=af26d260-1ff0-5351-8eac-37baec957cf9
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D
  • https://ads.betweendigital.com/match?bidder_id=44053&callback_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D57%26user_id%3D%24%7BUSER_ID%7D&crf=1
  • https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=af26d260-1ff0-5351-8eac-37baec957cf9
43 B
457 B
Image
General
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=af26d260-1ff0-5351-8eac-37baec957cf9
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
last-modified
Tue, 22 Mar 2022 04:06:28 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=57&user_id=af26d260-1ff0-5351-8eac-37baec957cf9
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D63%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=5d3c08b9-bdde-4269-592e-251af210a832
43 B
457 B
Image
General
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=5d3c08b9-bdde-4269-592e-251af210a832
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:27 GMT
last-modified
Tue, 22 Mar 2022 04:06:27 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=63&user_id=5d3c08b9-bdde-4269-592e-251af210a832
date
Tue, 22 Mar 2022 04:06:27 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
match
a4p.adpartner.pro/ssp/
Redirect Chain
  • https://exchange.buzzoola.com/cookiesync/redirect/adpartner?redirect_url=https%3A%2F%2Fa4p.adpartner.pro%2Fssp%2Fmatch%3Fdsp_id%3D64%26user_id%3D%24%7BUUID%7D
  • https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=b7152f12-d2e3-4acf-77af-4e646a425e03
43 B
457 B
Image
General
Full URL
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=b7152f12-d2e3-4acf-77af-4e646a425e03
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
137.74.6.209 Warsaw, Poland, ASN16276 (OVH, FR),
Reverse DNS
app-ngx-pl-02.adpartner.pro
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:27 GMT
last-modified
Tue, 22 Mar 2022 04:06:27 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-store no-transform
content-length
43
expires
Wed, 11 Nov 1998 11:11:11 GMT

Redirect headers

location
https://a4p.adpartner.pro/ssp/match?dsp_id=64&user_id=b7152f12-d2e3-4acf-77af-4e646a425e03
date
Tue, 22 Mar 2022 04:06:27 GMT
server
nginx
content-length
129
serverid
TODO
content-type
text/html; charset=utf-8
adxcm.aspx
inv-nets.admixer.net/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122&id={user_id}
  • https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
43 B
463 B
Image
General
Full URL
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:27 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0

Redirect headers

location
https://inv-nets.admixer.net/adxcm.aspx?ssp=5942A2DB-845D-4521-B8C1-8F2E4FE4D122
date
Tue, 22 Mar 2022 04:06:27 GMT
cache-control
no-store no-transform
server
nginx
content-length
146
content-type
text/html; charset=utf-8
js
tags.mathtag.com/notify/ Frame 099C
3 KB
2 KB
Script
General
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdObU9URmpObUV0Tm1GbFl5MWpaRGsxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NjIwNTk2NDk0NjUyNzE4MTcvMTA0MDYyOTQvMTExNDI0ODEvNC9jSGRFdmg2M3BIVnJqNXRsQzhUanM4eHBlZk9iRl9DXzRTYngzcEhiYUZZLzEvNC8wLzAvMTg1MzkyMS8wLzIxNTU0My8xMTI5Mjc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzk2MjA1OTY0OTQ2NTI3MTgxNy96cmgvMC83ODYwLzEwLzk5OS8yNTgvMmEwMTo0YTA6MmM6Oi8wLjAwMC8xNjQ3OTIxOTg2LzE2NDc5MzQ1ODYvNC9wdWItMzc1NTY2MjE5NzM4NjI2OS8/DQ048fwzCGCkEW8z6H1Xy1ZItA0&nodeid=2634&group=zrh&auctionid=3962059649465271817&shardkey=3962059649465271817&sid=11142481&cid=10406294&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.169&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVpv7Qks5YuqmMpuV3gOSzrjgCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMzc1NTY2MjE5NzM4NjI2OcgBCagDAaoE1QFP0HCnsHhPqdHcRd7-2zjRXDm7_wjDZiZmVwaPWxeSOzlZM7VfXjG_CcjJqLDB0_JyQMPoWVjMjND2pf4gMEaRVgK2FY-hs3wswLo-SVkNMiPawhldCSva4F9avb-rTBsuKYghiUlrmj5gQPm2xJPwvF39bkSVG03qwTTudFb5wl1V8vzJKZ3tObObQ_hjTeBh3krumXUawY_yMcuWmjhSY9OT_Tu5eV4oX5fLbaTN75rALFVjvzFadw_svZ0Ms-abhJ164oIj8D7LaqYbCUQ6yzzASOaABp-jv7-I5MiHkAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y0ilabHJzuV7lHr-MXAIdXkNeVQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.305.0 /
Resource Hash
80a84b01f3b3b41111d7d7b39f85f94ffd5883ec617bb40cde73a1f69251dea6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:27 GMT
Content-Encoding
gzip
x-mm-bid-request-time
1647921986
Last-Modified
Tue, 22 Mar 2022 04:06:26 GMT
Server
MMBD/3.305.0
x-mm-latency
1 (0)
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg
Count
Cache-Control
no-cache
x-mm-host
zrh-router-x41, zrh-bidder-x148
Connection
close
Content-Type
application/x-javascript; charset=UTF-8
Expires
Tue, 22 Mar 2022 04:06:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 099C
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3089
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:14:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 099C
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36708
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647862282720048"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Mar 2022 04:06:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 099C
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:31:03 GMT
l
www.google.com/ads/measurement/ Frame 099C
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSRpbO_Glgji2n8aMp0RLHQBkSsc0BTL7a1nVUkaGgwxJDVO37Av8IlS-C9nbbh5uW6ecSFNXT3sKsQoETJ1_DXS-1RQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

adview
googleads.g.doubleclick.net/pagead/ Frame 099C
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CI-DEQks5YuqmMpuV3gOSzrjgCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMzc1NTY2MjE5NzM4NjI2OcgBCagDAaoE0gFP0HCnsHhPqdHcRd7-2zjRXDm7_wjDZiZmVwaPWxeSOzlZM7VfXjG_CcjJqLDB0_JyQMPoWVjMjND2pf4gMEaRVgK2FY-hs3wswLo-SVkNMiPawhldCSva4F9avb-rTBsuKYghiUlrmj5gQPm2xJPwvF39bkSVG03qwTTudFb5wl1V8vzJKZ3tObObQ_hjTeBh3krumXUawY_yMcuWmjhSY9OT_Tu5eV4oX5fLL6bsfTZ8iFLuG3nxr09DTYAYuVqRqoWbX0JjX8RqdIoDp92GzLGABp-jv7-I5MiHkAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zNzU1NjYyMTk3Mzg2MjY5GAA&sigh=W0D_-E22upg&uach_m=[UACH]&cid=CAQSOwCNIrLMVksixDeYhqWzNQMo9F-zol52QzA60lBENAIIzVR4l3Oybr3v5qUAjydllB0g7M1P8HOkLk1FGAE&tpd=AGWhJmtxSUWJLF6wtYx6fX8yX1oVTUjb6Bu8iSUJ-niMgylI1Dmvn_LWjwzI2UI55VY5Wt3hd9LQc8rUz_Z37MnMeVttse8M99HUtbBws_FN1CynQp1pFGcw_xvK_zxv_NQQ5FflbxHIwWO2qyPn0uDW5iEHDG3UL1kt80W7CvFVR29cPRhfI7t15YPyzvLb2MtOuFJr78czLObx_kikz99MOaAVN2CAUz0ijxfJUAb02b02F0Xv81fBYYZCn8Vq9RizH2mHPPeD1V6_oB9HkaK5GBlghNqq88vKiLhDrhP42fzc-DOsLZbEbFL3WlTXnzUgW4CImtWDDP1wH1bEpjFWp2uLjqwwK1sSup8unKFk4BrM7Js14puP88p06pYdFsiJZdfjT7BJfkvNzZHglZi7aOL_WCuPM7CSYZW_xopqcMWuMEWdFzVphaaDBoNjp99fq9wo9xVM8MJrR1nYC0La5npws1vyPl40rSK-tP78AYpx8O4_yiHblvyprnwP8OuU2sMDptbFtNEe5VzeHRBOTgVbADJrtVtCPI2yNhcvqg1-O99n4EbEPgP7-UuPM6kT8-q8Rgh709bBTMIPeHGWIcOrMR8B_S9R4Te-qmCIE-OO5dMdmitP8GF56KZ0q1u3gv3qFL2nRboSoljg8uwXXOS0UCJEtPzzqApU63zhRRJaNGsydqluF0LF37k_5s-nejt-XDfP9PMgfpArC6qjotCifiFLGJa-KcfnUYBv8yAQoY7n5b_BQWFrg0gC1oxwuJ03jhcwkxebfkGNQCzOGobRTfsNSDsWEKrQGMRgA1UPwOmAyX_5PRQKx34rRX7cCl9KFbdCdMw4RcLmJcdxPPmiE11G4hoD3ekyROO8O6oQ_HFgxo4p1kr3kzkw3O1z0tdxBOLj0Qa8gUA9lALcgqp6HdZWjNcq2mGBsYuWSpl245fE4APOTXqhOThdnh-RPZnk3cWvqBHKzJGv0lJL668-pO25HVEJ7SLfQFbRCFiIkR5KNXIMkwrEoT0pNfa2jSU9D3UlvpNZQN0Ro0e50GNMjSsK1i2s2KUvIPiaCdlhRqlZ2b3BwuYzQBNBTm2on9nn4SRA1a_DMkyO
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 22 Mar 2022 04:06:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
prebid.1.2.aspx
inv-nets.admixer.net/
42 B
498 B
XHR
General
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Mar 2022 04:06:27 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://ivona.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
prebid.1.2.aspx
inv-nets.admixer.net/
42 B
498 B
XHR
General
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 22 Mar 2022 04:06:27 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://ivona.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ivona.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ivona.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
444 B
266 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=773249475289896&correlator=3908641114439664&eid=31065723&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_ivona.ua_banner_300x600_WW&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=2&adks=1876284847&sfv=1-0-38&ecs=20220322&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&abxe=1&dt=1647921987468&lmt=1647921987&dlt=1647921984854&idt=2534&biw=1600&bih=1200&adxs=2330&adys=714&oid=2&ucis=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=175811496.1647921986&ga_sid=1647921986&ga_hid=1165159230&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
a146b134bba34a5ae7be0d95e28a480d41fe75df3d9f4c30d64ef8ce01ecc270
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
18 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=773249475289896&correlator=3908641114439664&eid=31065723&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.bigmir.net%2C300x600_ww&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=3&adks=1667366112&sfv=1-0-38&ecs=20220322&fsapi=false&sc=1&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&abxe=1&dt=1647921987475&lmt=1647921987&dlt=1647921984854&idt=2534&biw=1600&bih=1200&adxs=3830&adys=714&oid=2&ucis=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=175811496.1647921986&ga_sid=1647921986&ga_hid=1165159230&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
011b3ae80023242fbd15b0f8b01e2c5a429892a2392e56769bbb935ee0e2e748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10079
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
17 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=773249475289896&correlator=3908641114439664&eid=31065723&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_ivona.ua_banner_300x600_WW&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=72111099&sfv=1-0-38&ecs=20220322&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&abxe=1&dt=1647921987478&lmt=1647921987&dlt=1647921984854&idt=2534&biw=1600&bih=1200&adxs=5330&adys=714&oid=2&ucis=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=175811496.1647921986&ga_sid=1647921986&ga_hid=1165159230&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
36a97fa351a1aa35ceb940c07bd4d1beac0c9c65c493784cc7bee6ab7090a301
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9707
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
428 B
255 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=773249475289896&correlator=3908641114439664&eid=31065723&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.ua_300x600_WW_%2C300x600&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=2727019067&sfv=1-0-38&ecs=20220322&fsapi=false&sc=1&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&abxe=1&dt=1647921987482&lmt=1647921987&dlt=1647921984854&idt=2534&biw=1600&bih=1200&adxs=6830&adys=714&oid=2&ucis=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=175811496.1647921986&ga_sid=1647921986&ga_hid=1165159230&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
05a1d421a4edf1e1ae9bd3381c39262160a0601cf2b325acb6a737aa09ee8b2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
226
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
17 KB
9 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=773249475289896&correlator=3908641114439664&eid=31065723&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Civona.ua_300x600_WW&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x600%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x360%7C250x250%7C240x400%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x446%7C200x200%7C180x150%7C168x42%7C168x28%7C160x600%7C125x125%7C120x600%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=6&adks=3157671782&sfv=1-0-38&ecs=20220322&fsapi=false&sc=1&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&abxe=1&dt=1647921987485&lmt=1647921987&dlt=1647921984854&idt=2534&biw=1600&bih=1200&adxs=8330&adys=714&oid=2&ucis=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1500x-1&msz=1500x-1&fws=4&ohw=300&ga_vid=175811496.1647921986&ga_sid=1647921986&ga_hid=1165159230&ga_fc=true&btvi=0&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8caef9f4576121cda798090e8813bfa0e75b1e7aec2246f3ea9dfbcac547e7eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9655
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
439 B
271 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=773249475289896&correlator=3908641114439664&eid=31065723&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_ivona.ua_S_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=7&adks=1621425813&sfv=1-0-38&ecs=20220322&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&abxe=1&dt=1647921987487&lmt=1647921987&dlt=1647921984854&idt=2534&biw=1600&bih=1200&adxs=1050&adys=1208&oid=2&ucis=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=175811496.1647921986&ga_sid=1647921986&ga_hid=1165159230&ga_fc=true&btvi=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
d6a283ffecebdc045a35405495cbc07f8411c97339d4f916cc2b4959b132313e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
242
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
18 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=773249475289896&correlator=3908641114439664&eid=31065723&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_umh_ivona.ua_S_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=8&adks=2329263510&sfv=1-0-38&ecs=20220322&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&abxe=1&dt=1647921987491&lmt=1647921987&dlt=1647921984854&idt=2534&biw=1600&bih=1200&adxs=2250&adys=1208&oid=2&ucis=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=175811496.1647921986&ga_sid=1647921986&ga_hid=1165159230&ga_fc=true&btvi=2&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
1bd196d565563f0794da7029dbcb33017505af825740628890b240bf2068e41a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10057
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
21 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=773249475289896&correlator=3908641114439664&eid=31065723&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Civona.ua_S_ww_%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=9&adks=2128242484&sfv=1-0-38&ecs=20220322&fsapi=false&sc=1&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&abxe=1&dt=1647921987494&lmt=1647921987&dlt=1647921984854&idt=2534&biw=1600&bih=1200&adxs=3450&adys=1208&oid=2&ucis=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=175811496.1647921986&ga_sid=1647921986&ga_hid=1165159230&ga_fc=true&btvi=3&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
41d8b507e1f0f50da02267c292c88847b976530c43abf8c7b6ac099f68dad381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10178
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/
17 KB
10 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=773249475289896&correlator=3908641114439664&eid=31065723&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Civona.bigmir.net_S_WW_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=10&adks=189180291&sfv=1-0-38&ecs=20220322&fsapi=false&sc=1&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&abxe=1&dt=1647921987497&lmt=1647921987&dlt=1647921984854&idt=2534&biw=1600&bih=1200&adxs=4650&adys=1208&oid=2&ucis=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fivona.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=175811496.1647921986&ga_sid=1647921986&ga_hid=1165159230&ga_fc=true&btvi=4&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
75f5b9882e6aba60eda5382bba68a064001a689c074711510871c8d8ea26a2a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9766
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ivona.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5D95
6 KB
4 KB
Document
General
Full URL
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Tue, 22 Mar 2022 04:06:27 GMT
expires
Wed, 22 Mar 2023 04:06:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=b2d7dbba5e8345328475ef26e78e696e&zone=89CCBDFD-1266-46C2-A1DE-466D0D5C1F57&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=931aceb8-4184-4a10-b5cc-e42702adf4ff&hp=-370074540&page=ivona.ua%2F&segments=5%2C2%2C495&ts=637835187862889834&ap=OA%3D%3D&asign=-1701777254&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-7&pxl=0&pvid=b9919893-1840-4d8e-8e17-840011b01401&ip=82.199.130.39&item=08C00FAB-E6A6-4787-A1BA-A1848F9630CB&crid=08C00FAB-E6A6-4787-A1BA-A1848F9630CB&size=728x90&profile=C87AA202-A622-463B-98B8-FBABB05C7EEA&isopt=0&adv=N%2FA&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:27 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=b2d7dbba5e8345328475ef26e78e696e&zone=C15953FE-60CC-47F4-A7B2-8735F0B6C691&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=b84a8e95-4804-4f5a-8a10-736e12eac7d6&hp=-370074540&page=ivona.ua%2F&segments=5%2C2%2C495&ts=637835187862245994&ap=OA%3D%3D&asign=-2090210478&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-7&pxl=0&pvid=c573095d-86cc-4659-9aef-8bddbdf0dbed&ip=82.199.130.39&item=6F40F793-2197-419B-99FF-3A23ACB393CA&crid=6F40F793-2197-419B-99FF-3A23ACB393CA&size=300x600&profile=B774ED5B-868F-4830-AF4F-06A3722C07AE&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:27 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=89ccbdfd-1266-46c2-a1de-466d0d5c1f57
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 04:06:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=e7702231-2e98-4fd2-8c48-2b474cab0363
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 04:06:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=d9675bdf-cf85-4051-92db-9ca047f83379
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 04:06:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
logcz.aspx
inv-nets.admixer.net/
0
220 B
Image
General
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=c15953fe-60cc-47f4-a7b2-8735f0b6c691
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 22 Mar 2022 04:06:27 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 08FF
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220317&jk=891740072528335&rc=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame C2B8
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 22:49:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
191794
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 22:49:53 GMT
/
c.idealmedia.io/pv/
0
306 B
Script
General
Full URL
https://c.idealmedia.io/pv/?pv=5&cbuster=1647921987540809419974&uniqId=10880&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=62394b44-0e047&pageView=1&pvid=17fafcdffd5b1dafe2e&site=466737&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6efc0e06fd609a17-FRA
c1opvitr4rrd
hal9000.redintelligence.net/zone/ Frame 099C
10 KB
3 KB
Script
General
Full URL
https://hal9000.redintelligence.net/zone/c1opvitr4rrd?subid=&gdpr=1&gdpr_consent=li&rnd=3962059649465271817&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYjlLQgAOkk4Kd55EUgVliQ%26exch_seat%3D20035004448%26mt_aid%3D3962059649465271817%26mt_id%3D10406294%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3e646239-4b43-4501-95e1-b861985f0487%26mt_cid%3D3e646239-4b43-4501-95e1-b861985f0487%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVpv7Qks5YuqmMpuV3gOSzrjgCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMzc1NTY2MjE5NzM4NjI2OcgBCagDAaoE1QFP0HCnsHhPqdHcRd7-2zjRXDm7_wjDZiZmVwaPWxeSOzlZM7VfXjG_CcjJqLDB0_JyQMPoWVjMjND2pf4gMEaRVgK2FY-hs3wswLo-SVkNMiPawhldCSva4F9avb-rTBsuKYghiUlrmj5gQPm2xJPwvF39bkSVG03qwTTudFb5wl1V8vzJKZ3tObObQ_hjTeBh3krumXUawY_yMcuWmjhSY9OT_Tu5eV4oX5fLbaTN75rALFVjvzFadw_svZ0Ms-abhJ164oIj8D7LaqYbCUQ6yzzASOaABp-jv7-I5MiHkAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y0ilabHJzuV7lHr-MXAIdXkNeVQ%2526client%253Dca-pub-3755662197386269%2526adurl%253D%26redirect%3D
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
febb6c6919b74dfa0193deb85ac6be5838b29655dbc591e600fa07b3bd7dc0b5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3342
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame 099C
49 B
330 B
Image
General
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=3962059649465271817&node_id=2634&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdObU9URmpObUV0Tm1GbFl5MWpaRGsxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NjIwNTk2NDk0NjUyNzE4MTcvMTA0MDYyOTQvMTExNDI0ODEvNC9jSGRFdmg2M3BIVnJqNXRsQzhUanM4eHBlZk9iRl9DXzRTYngzcEhiYUZZLzEvNC8wLzAvMTg1MzkyMS8wLzIxNTU0My8xMTI5Mjc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzk2MjA1OTY0OTQ2NTI3MTgxNy96cmgvMC83ODYwLzEwLzk5OS8yNTgvMmEwMTo0YTA6MmM6Oi8wLjAwMC8xNjQ3OTIxOTg2LzE2NDc5MzQ1ODYvNC9wdWItMzc1NTY2MjE5NzM4NjI2OS8/DQ048fwzCGCkEW8z6H1Xy1ZItA0&nodeid=2634&group=zrh&auctionid=3962059649465271817&shardkey=3962059649465271817&sid=11142481&cid=10406294&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.169&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVpv7Qks5YuqmMpuV3gOSzrjgCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMzc1NTY2MjE5NzM4NjI2OcgBCagDAaoE1QFP0HCnsHhPqdHcRd7-2zjRXDm7_wjDZiZmVwaPWxeSOzlZM7VfXjG_CcjJqLDB0_JyQMPoWVjMjND2pf4gMEaRVgK2FY-hs3wswLo-SVkNMiPawhldCSva4F9avb-rTBsuKYghiUlrmj5gQPm2xJPwvF39bkSVG03qwTTudFb5wl1V8vzJKZ3tObObQ_hjTeBh3krumXUawY_yMcuWmjhSY9OT_Tu5eV4oX5fLbaTN75rALFVjvzFadw_svZ0Ms-abhJ164oIj8D7LaqYbCUQ6yzzASOaABp-jv7-I5MiHkAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y0ilabHJzuV7lHr-MXAIdXkNeVQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.305.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:27 GMT
Server
MMBD/3.305.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x74, zrh-bidder-x148
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 22 Mar 2022 04:06:26 GMT
img
pixel.mathtag.com/event/ Frame 099C
43 B
404 B
Image
General
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=3962059649465271817&v3=1129274&v4=11142481&v5=10406294&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdObU9URmpObUV0Tm1GbFl5MWpaRGsxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NjIwNTk2NDk0NjUyNzE4MTcvMTA0MDYyOTQvMTExNDI0ODEvNC9jSGRFdmg2M3BIVnJqNXRsQzhUanM4eHBlZk9iRl9DXzRTYngzcEhiYUZZLzEvNC8wLzAvMTg1MzkyMS8wLzIxNTU0My8xMTI5Mjc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzk2MjA1OTY0OTQ2NTI3MTgxNy96cmgvMC83ODYwLzEwLzk5OS8yNTgvMmEwMTo0YTA6MmM6Oi8wLjAwMC8xNjQ3OTIxOTg2LzE2NDc5MzQ1ODYvNC9wdWItMzc1NTY2MjE5NzM4NjI2OS8/DQ048fwzCGCkEW8z6H1Xy1ZItA0&nodeid=2634&group=zrh&auctionid=3962059649465271817&shardkey=3962059649465271817&sid=11142481&cid=10406294&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.169&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVpv7Qks5YuqmMpuV3gOSzrjgCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMzc1NTY2MjE5NzM4NjI2OcgBCagDAaoE1QFP0HCnsHhPqdHcRd7-2zjRXDm7_wjDZiZmVwaPWxeSOzlZM7VfXjG_CcjJqLDB0_JyQMPoWVjMjND2pf4gMEaRVgK2FY-hs3wswLo-SVkNMiPawhldCSva4F9avb-rTBsuKYghiUlrmj5gQPm2xJPwvF39bkSVG03qwTTudFb5wl1V8vzJKZ3tObObQ_hjTeBh3krumXUawY_yMcuWmjhSY9OT_Tu5eV4oX5fLbaTN75rALFVjvzFadw_svZ0Ms-abhJ164oIj8D7LaqYbCUQ6yzzASOaABp-jv7-I5MiHkAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y0ilabHJzuV7lHr-MXAIdXkNeVQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-201.deploy.static.akamaitechnologies.com
Software
MT3 4281 354de82 master zrh-pixel-x1 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:27 GMT
Server
MT3 4281 354de82 master zrh-pixel-x1 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 04:06:26 GMT
img
tags.mathtag.com/event/ Frame 099C
49 B
330 B
Image
General
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=3962059649465271817&st=11142481&time=1647921987&nodeid=2634
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWkdObU9URmpObUV0Tm1GbFl5MWpaRGsxTFRBd01EQXRNREF3TURBd01EQXdNREF3LzM5NjIwNTk2NDk0NjUyNzE4MTcvMTA0MDYyOTQvMTExNDI0ODEvNC9jSGRFdmg2M3BIVnJqNXRsQzhUanM4eHBlZk9iRl9DXzRTYngzcEhiYUZZLzEvNC8wLzAvMTg1MzkyMS8wLzIxNTU0My8xMTI5Mjc0LzEvMC8wL01EQXdNREF3TURBdE1EQXdNQzB3TURBd0xUQXdNREF0TURBd01EQXdNREF3TURBdy8wLzAvMC8wLzAvMzk2MjA1OTY0OTQ2NTI3MTgxNy96cmgvMC83ODYwLzEwLzk5OS8yNTgvMmEwMTo0YTA6MmM6Oi8wLjAwMC8xNjQ3OTIxOTg2LzE2NDc5MzQ1ODYvNC9wdWItMzc1NTY2MjE5NzM4NjI2OS8/DQ048fwzCGCkEW8z6H1Xy1ZItA0&nodeid=2634&group=zrh&auctionid=3962059649465271817&shardkey=3962059649465271817&sid=11142481&cid=10406294&bp=a_bjiibd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.135.169&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVpv7Qks5YuqmMpuV3gOSzrjgCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMzc1NTY2MjE5NzM4NjI2OcgBCagDAaoE1QFP0HCnsHhPqdHcRd7-2zjRXDm7_wjDZiZmVwaPWxeSOzlZM7VfXjG_CcjJqLDB0_JyQMPoWVjMjND2pf4gMEaRVgK2FY-hs3wswLo-SVkNMiPawhldCSva4F9avb-rTBsuKYghiUlrmj5gQPm2xJPwvF39bkSVG03qwTTudFb5wl1V8vzJKZ3tObObQ_hjTeBh3krumXUawY_yMcuWmjhSY9OT_Tu5eV4oX5fLbaTN75rALFVjvzFadw_svZ0Ms-abhJ164oIj8D7LaqYbCUQ6yzzASOaABp-jv7-I5MiHkAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0y0ilabHJzuV7lHr-MXAIdXkNeVQ%26client%3Dca-pub-3755662197386269%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.132.246 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.305.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:27 GMT
Server
MMBD/3.305.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
zrh-router-x33, zrh-bidder-x148
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 22 Mar 2022 04:06:26 GMT
im_logo_mini_43x20.svg
cdn.idealmedia.io/images/
1 KB
905 B
Image
General
Full URL
https://cdn.idealmedia.io/images/im_logo_mini_43x20.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 May 2020 12:16:51 GMT
server
cloudflare
age
2684
etag
W/"ff394e3a03921d25c2f03e03046bf506"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
cf-ray
6efc0e071d789a17-FRA
x-amz-request-id
RAYZ0R1ZC4YX1A09
x-amz-id-2
YfS+jVNZKA0qH7ngpfKKVWgK5q21dXde0xDFrqyYeOE5g0OxIDUGVhE0dMPfqpv3y6hxvGzlGBs=
expires
Tue, 22 Mar 2022 08:06:27 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v16/
46 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,400i,700,700i&display=swap&subset=cyrillic
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 16 Mar 2022 19:33:58 GMT
x-content-type-options
nosniff
age
462749
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47048
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:57:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 16 Mar 2023 19:33:58 GMT
1
servicer.idealmedia.io/1211636/
3 KB
2 KB
Script
General
Full URL
https://servicer.idealmedia.io/1211636/1?pv=5&cbuster=164792198763690158025&uniqId=10880&niet=4g&nisd=false&jsv=es6&w=300&h=202&wrongImageSize=1&cols=1&ref=&cxurl=https%3A%2F%2Fivona.ua%2F&lu=https%3A%2F%2Fivona.ua%2F&sessionId=62394b44-0e047&pageView=1&pvid=17fafcdffd5b1dafe2e&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f24df5d33ea47df9d057f818b666c0f44fd601108723168b9495fb8512f4a57a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/x-javascript; charset=utf-8
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
6efc0e072d899a17-FRA
cm.html
pa.tns-ua.com/viewability/ Frame F2A0
3 KB
1 KB
Document
General
Full URL
https://pa.tns-ua.com/viewability/cm.html
Requested by
Host: pa.tns-ua.com
URL: https://pa.tns-ua.com/viewability/cds.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

server
nginx/1.13.0
date
Tue, 22 Mar 2022 04:06:27 GMT
content-type
text/html; charset=utf-8
last-modified
Mon, 25 Jun 2018 15:00:23 GMT
etag
W/"5b310387-b5f"
content-encoding
gzip
generate_204
tpc.googlesyndication.com/ Frame C2B8
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?OFZizg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
request.php
hal90008.redintelligence.net/ Frame 099C
610 B
769 B
Script
General
Full URL
https://hal90008.redintelligence.net/request.php?zone=c1opvitr4rrd&nw=20&renderingType=javascript&namespace=025a789845&subid=&uid=f51a1b59fa4628d7&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYjlLQgAOkk4Kd55EUgVliQ%26exch_seat%3D20035004448%26mt_aid%3D3962059649465271817%26mt_id%3D10406294%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3e646239-4b43-4501-95e1-b861985f0487%26mt_cid%3D3e646239-4b43-4501-95e1-b861985f0487%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVpv7Qks5YuqmMpuV3gOSzrjgCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMzc1NTY2MjE5NzM4NjI2OcgBCagDAaoE1QFP0HCnsHhPqdHcRd7-2zjRXDm7_wjDZiZmVwaPWxeSOzlZM7VfXjG_CcjJqLDB0_JyQMPoWVjMjND2pf4gMEaRVgK2FY-hs3wswLo-SVkNMiPawhldCSva4F9avb-rTBsuKYghiUlrmj5gQPm2xJPwvF39bkSVG03qwTTudFb5wl1V8vzJKZ3tObObQ_hjTeBh3krumXUawY_yMcuWmjhSY9OT_Tu5eV4oX5fLbaTN75rALFVjvzFadw_svZ0Ms-abhJ164oIj8D7LaqYbCUQ6yzzASOaABp-jv7-I5MiHkAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y0ilabHJzuV7lHr-MXAIdXkNeVQ%2526client%253Dca-pub-3755662197386269%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3755662197386269%26output%3Dhtml%26h%3D90%26slotname%3D1162504554%26adk%3D739537396%26adf%3D2751417948%26pi%3Dt.ma~as.1162504554%26w%3D728%26psa%3D0%26format%3D728x90%26url%3Dhttps%253A%252F%252Fivona.ua%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1647921986607%26bpp%3D6%26bdt%3D128%26idt%3D160%26shv%3Dr20220317%26mjsv%3Dm202203160101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D16cf585529a6bea7-2259d42862cd0050%253AT%253D1647921986%253ART%253D1647921986%253AS%253DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA%26correlator%3D7054818411227%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D175811496.1647921986%26ga_sid%3D1647921987%26ga_hid%3D2137851971%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D5%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D4020834182%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44752536%26oid%3D2%26pvsid%3D891740072528335%26pem%3D468%26tmod%3D1953675164%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.8mk5k5e9xiwq%26fsb%3D1%26dtd%3D168&ancestorOrigins=null&random=6414425415380&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/c1opvitr4rrd?subid=&gdpr=1&gdpr_consent=li&rnd=3962059649465271817&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYjlLQgAOkk4Kd55EUgVliQ%26exch_seat%3D20035004448%26mt_aid%3D3962059649465271817%26mt_id%3D10406294%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3e646239-4b43-4501-95e1-b861985f0487%26mt_cid%3D3e646239-4b43-4501-95e1-b861985f0487%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVpv7Qks5YuqmMpuV3gOSzrjgCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMzc1NTY2MjE5NzM4NjI2OcgBCagDAaoE1QFP0HCnsHhPqdHcRd7-2zjRXDm7_wjDZiZmVwaPWxeSOzlZM7VfXjG_CcjJqLDB0_JyQMPoWVjMjND2pf4gMEaRVgK2FY-hs3wswLo-SVkNMiPawhldCSva4F9avb-rTBsuKYghiUlrmj5gQPm2xJPwvF39bkSVG03qwTTudFb5wl1V8vzJKZ3tObObQ_hjTeBh3krumXUawY_yMcuWmjhSY9OT_Tu5eV4oX5fLbaTN75rALFVjvzFadw_svZ0Ms-abhJ164oIj8D7LaqYbCUQ6yzzASOaABp-jv7-I5MiHkAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y0ilabHJzuV7lHr-MXAIdXkNeVQ%2526client%253Dca-pub-3755662197386269%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
78cbaa220a3f11c867474ddadf63a4393b21d74ad464f7f79ad1d124664166ec

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:27 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
60439800014014004380380011906008
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
326
Expires
Tue, 22 Mar 2022 04:06:27 +0100
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/
36 B
130 B
XHR
General
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 22 Mar 2022 04:06:28 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/
36 B
130 B
XHR
General
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=9006AC80F20142D0A7689A37858C3FB8&time=1647921987095&location=https%3A%2F%2Fivona.ua%2F&referrer=&is_flash=0&session_id=711762606&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=holder&param1=~cm_timer~&param2=0&param3=1200&param5=3&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Mar 2022 04:06:28 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
pic.gif
pa.tns-ua.com/bug/
56 B
229 B
Image
General
Full URL
https://pa.tns-ua.com/bug/pic.gif?uid=9006AC80F20142D0A7689A37858C3FB8&time=1647921987781
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
cache-control
no-cache
server
nginx/1.13.0
expires
Thu, 01 Jan 1970 00:00:00 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTUyMDAxL2NmN2M1OGU3NWY0OWU5ZTYxNjYxNDg1ZTYzYjE2MWRiLnBuZw.webp
s-img.idealmedia.io/n/10063931/492x328/0x0x541x360/
17 KB
17 KB
Image
General
Full URL
https://s-img.idealmedia.io/n/10063931/492x328/0x0x541x360/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTUyMDAxL2NmN2M1OGU3NWY0OWU5ZTYxNjYxNDg1ZTYzYjE2MWRiLnBuZw.webp?v=1647921987-W0ypKFcEGqsyyA1AKzITQo9J1TE8OFLo3cVzqZKCuLk
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f84b4437d0e326f099259177645ade546748ffc9d1401f786a1a196d8bfdfe0

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
cf-cache-status
HIT
last-modified
Fri, 18 Mar 2022 15:40:30 GMT
x-mg-request-uuid
ed55c368-a128-45de-a7a9-720c705e8e58
age
42051
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6efc0e08ba9e9130-FRA
content-length
17326
server
cloudflare
expires
Tue, 22 Mar 2022 16:25:36 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNTk3Ny9hOTcyYmI3ZmNkMDQwMDViYjM3ZGI5MWE0YmE0ODg2My5qcGVn.webp
s-img.idealmedia.io/n/10064078/492x328/187x0x1118x745/
9 KB
10 KB
Image
General
Full URL
https://s-img.idealmedia.io/n/10064078/492x328/187x0x1118x745/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzQyNTk3Ny9hOTcyYmI3ZmNkMDQwMDViYjM3ZGI5MWE0YmE0ODg2My5qcGVn.webp?v=1647921987-iUawNnEHpmAajgr65DYaykGcgTVjf2p40xmw4R8iwmE
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72f3e79de2c309bf00c759747335460c1e0c7100fc1ff8446a475b4584a7efcb

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
cf-cache-status
HIT
last-modified
Sat, 19 Mar 2022 15:05:23 GMT
x-mg-request-uuid
02885977-f1b1-48c8-be3e-552f7ce96b30
age
85658
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6efc0e08ba9f9130-FRA
content-length
9398
server
cloudflare
expires
Tue, 22 Mar 2022 04:18:49 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTUyMDAxLzQwMGEyMDc0NGU2N2UzMmM4Mzk5ZTZlZWQyMWZhNTE4LmpwZWc.webp
s-img.idealmedia.io/n/10064285/492x328/0x11x640x426/
18 KB
18 KB
Image
General
Full URL
https://s-img.idealmedia.io/n/10064285/492x328/0x11x640x426/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDMvNTUyMDAxLzQwMGEyMDc0NGU2N2UzMmM4Mzk5ZTZlZWQyMWZhNTE4LmpwZWc.webp?v=1647921987-DksW8c4QGu_w3VX1oDGFLlodmBLtQYj--PZ-IbctYrk
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
659caa9f3d3c4d5386d561a68317c8343949b2300c74c432fd0f4e65a3335116

Request headers

Referer
https://ivona.ua/
Origin
https://ivona.ua
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
cf-cache-status
HIT
last-modified
Sat, 19 Mar 2022 15:09:01 GMT
x-mg-request-uuid
1ad36413-6c39-4285-ab80-b996bb9c7da4
age
30472
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
6efc0e08baa09130-FRA
content-length
17936
server
cloudflare
expires
Tue, 22 Mar 2022 19:38:35 GMT
i.js
cm.idealmedia.io/
0
158 B
Script
General
Full URL
https://cm.idealmedia.io/i.js?&cbuster=1647921987815919398447
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 22 Mar 2022 04:06:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6efc0e082e5a9a17-FRA
i-noref.js
cm.idealmedia.io/ Frame AA69
0
78 B
Script
General
Full URL
https://cm.idealmedia.io/i-noref.js?cbuster=1647921987833596528816
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/i/v/ivona.bigmir.net.1211636.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 22 Mar 2022 04:06:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
6efc0e082e5c9a17-FRA
counter.php
autocounter.idealmedia.io/autocreative/
0
73 B
Image
General
Full URL
https://autocounter.idealmedia.io/autocreative/counter.php?id=466737&pid=49813&referer=&cxurl=https://ivona.ua/&undefinedh2=vlJ0RdnMYFlD0pCQy6adPu73hKDooSLVV-ufeLqBWUw*&cbuster=1647921987862432207479
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
6efc0e086e8c9a17-FRA
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
container.html
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 60B5
6 KB
3 KB
Document
General
Full URL
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Mar 2022 04:06:27 GMT
expires
Wed, 22 Mar 2023 04:06:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking
ad.mox.tv/delivery/
51 B
51 B
Image
General
Full URL
https://ad.mox.tv/delivery/tracking?hash=UFBBazlydzgvVWlMNEhiQU1BbzlUUnhrYzdYbFRQQ0Y4MUQyU3BsVStONk1HdmZmSnlVYTZQOXFGL2hCcTU2T28rcjI4T0YzUTQ1eFNHNnVhS1JaK2MxVVJlZGQ2L2xSYmwxTDlZSnlGbHY5WFRhVXRSMWJKdi8wU3dhZGtiekNJUmJWZnRIV3VrTmMrd3J2ZUJXRFRaem1JejBWSjhOcDR2b21PUnU2b2NMZWExTG41NUhKRExYN1NWalFrUDYrZW5LWTBQelZPSk9sdXVOdTVNdVJTSndydjhFQTE2Ny9FWCt3NDJiWDhTb2JYR2ZNRFd3T3A4SnM1NjJGY01xc2s5T25PVXQzLzIvQXVpSmtvUE1IU2c9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ABE6
0
0

tracking
ad.mox.tv/delivery/
51 B
51 B
Image
General
Full URL
https://ad.mox.tv/delivery/tracking?hash=cGtvZEh6WXVaOEtzeDh2TmRVK0g2SnJvQ2pRTTdSbmNVZmQxTk9SZ2VCTDgySkVJQUdaSUZtOWRIMy9qODhnVlh6aWxDQ0pzbEcyWUdCaTZLeHlFVEs2d01iR3hYd2NncHBRYjJQeW9MeVcvNnFPRVJmdi84NEhqajFldjZlQ3BhNzhzajc2VWZtcEQ5eGFwU1p5UkJlcDdSdi9tTzBXaDAyT1IrdEwrMXJiRG1LcE00bFRxWEJBWUlsWFgxSEhYMGNUbkZFcXVFdjFrRThicVZBaVlBQ01GWW1SL2JORk5QM0ZwYzVNWjFnMDFQanh1TFlyZEZleWhTVjZFb0xqNFMyYTVCOTZpSk9xc2Fjd28xN1lZZEE9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Mar 2022 04:06:27 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 09D2
624 B
297 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARjr_cTDATAB&v=APEucNVp15_jou08-SusmwFGRvQNIUKzErEyiaoymeJNrVZIf9PXUBMv1NVeusjnzYh1E6rSOul_TxUbFX9ptxwz9StBPC4NZDio25iFnAAmIrrRcdBs31oLMidqfJWCh179Zw92ui0nzd4a9b2zA6B0Dp0hp5anw8ZM85OLWTFakp8JqzyO45kChklIMLPP9EaY12UJHhLd
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 22 Mar 2022 04:06:28 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 60B5
77 KB
32 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfCi-wP37dgeoEtfUJKZ7XzGv5j41cSEnh67eBz5fxIdzhF_9W0-KEYjPmIW4TyGHUDYrM47uQa6YQmx7A-Fh60d0Q1O9ltW-fNXd5DsCpcnxeeXDPnHXJi29dkAH5SKQFvnqgCboTOj7Jh3_b0GOB4SIHV6xvrheReaMIceHgEfCleBp65FzWCq7pm7r9l8cvYpZz&cry=1&dbm_d=AKAmf-Bkh5uQm6-B3ChOCjfaqwP-dQ_9vicK7GqaWl_P1o61PTCekiuHqSfQSLdWLX4XK_9amJ4BPoZ2Toi80BrG9VPbpMs3hCJnKAi81SvwuSqbZYxjnF45Fw6dSqYX07Y7cYpuiJo-xmJaSX_wbxazMmD_nbIP71gLqAK_E-ozSP0MwX_o1s7V33h44sdMSQ3nZyVZ4UmdqjVsKYWs36LyodZcoL5hfeT4gxbTe0Ds2yWUQwKQJpUBDGxGBBlFhoxz-adHhxkmb_kcI_rZlw_loZYMnK37zMkjpw--1ehTN89S1WdAzTlgYoXf6lpamh2ym3lKRvpxdboOOHbX4gz74Z2DIOD2UPpy3xlaM8VnWpg0gcKY8Ufph-Km2iO8hsKnMlZYzWj_F1mHaVf9_yuEF7LdBRJoCwqG_rvLPegot5z9oaingqXiGaponkgWj8j168Stvl3J3YY76w_FqHy11L0qtGCqIMBeOFDspLdQSOjImw8TGSk39sbDeoeJxQ3PKfeQ5xm54aBvparE16-bXPmHRH2lMODoZrUzpE61vrTwLoOND_XPcxlam4-GoSRlRbOWf5TYFlv1z6ruuztxpL9oC6vJvaIB4wtDyvaxD0LgulHW1OOcA4njZMFM_7I2O2dyTZ2TTCg0t3M0woKHxoBzWrBs5-3wiZb0qzpY2HUlUYQb2onDgI3GRfhLZ0UiONbo5XK5DroEmR74wPKKt7DVq9mJQCvp0tG-ScXq6QXXvzTdLvtOqnSQkUoFoXXxpVoDViX9wIN6LKGNIH0xpR5Q8tInbHXi0ThAyNSfJkXYruDJ_6eFAdIJU7WBs2_o5qOxP6tB7_u0MWHF2aYiV9irQ-fzKrWewUY1-mc3Ns2tUEeFYVPQAHYq3WkSPf9Zx2TKaEr24oQmQms64faBbabInvGWJRodEh1pRpwznJeQ7XCKMqLCCWudAVIDwwnn0-7vtW6G33bGMyF_sFkO1Csmz1rLm7C605EGo19HB-zIDjhfPVJCUDEX2NZqRyRsPGhsJ9M5VEvPsJ7izZ3wfUXJ7ZNidaNkQ4OPTVXzDoPjSOYxYE6ycu77r9Ojs6b7h2hK0CehKnQ8JP3mUIIQdOEgSwERU4J26SJsPmFcOpDEjbYFTEKjHoxGYaQVcE9lPncLZkGKge5wqOngZPyU_7GUyd84_Yicsp0SMf5eYZMINr60R2dngebe-fvmv7RgH8RT_v9VIpXzctmDcmRONPg9UWcMqAYXpd3l5bxzNBPwWXIyF_Xq_B4In3y2F6w6dzi6aNltZjSMmgAdO13FaFrZtkkw2vkOLtNE8JDIp_aBe0mmtNfREP691Whu0yiLBzp01izoYPPkv8spKoL9wSih2HDAj17_pL7XSiKuIwg1w6STGGKGMyjEZtYXcJ3_K3bbYfiQV0o263FAWjjlRbJh1e1Qgsv4Gy9AL-4dhSSKMJQ9k3J6HJTXqm249wDYfddgd3AffosL8qCZ8U4SbPb10uew26bOhyP8AWTVxtYPS8eeZ1u341PfZpDRiNUyvk2x9-vD1WImEVk5PNvXtu3HEXXvW92Xo556lCScnz1gXschv9nPAvDsbxCTtXw1nqQdtacxfnoY7UOpnkFLXIs9KNr7rAei3ki04bzkb2fK5cqOMV3ysUDxhcFP53H7fikfHvc7aWa505bVEiOTXcYWu12b0t-1Hb7FLDV1vhqTOV2Ij0hRTOd_Hu_w3IguzixDL3AZwg_zPFaa_Z2RtrZdiplTcuUU9pT63L-tK9E5ffPP_ApoyAFcZYAQb8cxG9HiNvpDvxtrpBOVOERZtDFv-_cwY3eypVTP0rb_h1I70GnuwKpNgx7e0unY8LbBP4VyjDpJobYVG5giKUKB5_oHrvrptKVla3RvuFBmeGmMVvAxQyKZHkMAjua9pZT9v1vD1rDfvcF6fclkHwthh276Bol9-WcTyBH_Jf8mPWjPfPa94k6usT5aKOi6epU1hI1EZSpPor3E1JZf0mfmDqQrf_3O83QrLRx1jf5C85cW3wg_i66IR_qrcNNFVhpTZhWPaWerytwNf1r_mzGMAjw1d01FIQbWdYRTWDenW0F4jl7hSsY0MoPDuwNIIfYSKX97ljilTPlTjlxySCKqsHNajjeNYKBeKcb55BvIgdO9Am4vIgXL3ndGTxmgDHHh62_y6GOj0_DOrhLVO__ynR-jqRAeuhBLiTlhe5ODgZGUer1SQVVbdcCSkqQIuY4gNEMKEYPEIh1jFdv1u4p_t-W3VlngU8eKEzZAg6wqRzolwTPER2LUsUtGtiYCsrxa1_T_Fm30_uNTO07edvmM3eOQLteDzwNuqQe95-DDrZfWX4hYLilOx0539bMXtYXw_iEr7RoqlAHZE6F33iV-cVPFGQCxV8gF33H6mDFlnzEYh-yaMkSrllTdqpsN7VIb2StPUvf7wsfl6mEXC0qmrCznmymMR7D4yRnZZwcIRJ-LhKoW9fYwZMJ2WZPmNUpLNlkmKfaf5S4cioJqKpWNZhS89G-H-KnKBuOl40PipjlrOYnf8xzyZ27KNR7K-qX3-NoQNfZeCyHOMLuUsrl4v9KlUz0yZ80OKWpIVh_QqwLXphk4FdXkiScuecC5jtqDrQh87FLftRKiiQCsaQiMal1Y3-x57IMe37-eD-yJQRJMy4ZvgH-LS4nq1aVuXAiXrUG9C_wVyqSvRUmFBdAA3mleS4pPZhMi717K2qnYxxziHJrnq9HtU4mYhp9w0n-MzkGPzNTvown4WGGQ_P5wMtdXHnlelwm6o4g13lB1M6mm5QbwM0uyU_sZZG2cQMHTwbgaFlC5N5ClkR_6BjOMo7k0hxJBJKOvK6WfwM5ROn0udT5RlZ_dwdezlCYALE9G-K6FaL9ow3xBShReIcC_2EXe4GkKULqMHTfPnnxn084H184amET5FA-ozYw1r3zDjrRb83sCC9-xZNQJVShk27tFNbvsj3BeLiuopIkKmluAvfJOx1PlVapNTXMuKe6BtGteJ1GJtHejpqcpgAoFvZmboRHo3WaWK65Th7I_bEE-vYyFdkoROqEt6-UyzA5x6cCU2cN1u6EDw0RAtZi63wFfDaYu2H6J0jmg6DjTuTs8daptCKA4h6sDg-DIqasHFWSJyemMmOX6CWcU7TnhFCDsp1ulaELctK0-KJKyIviHUSsNBLlYejGxUva-bivqS9O3gIDWhfRWQIHvHcj0Bl7XWwT129MemAOu4hpR3GQY-Oe9STJZbf6d9I7G8v0SZA517-r7v6HWsD7GZQptayjCsAxiFN_Qx0K6VykJCa9wrIoWJQboDQrM77ncyLkbXFSdpOWfajl2aPkH9OAyy324UZUQTeW1NQaZK9a022veg4uzTUZVFhI4mqVNXag0_ep9JrXRKqoRlOJxJvDIyFFLT7RY4SGxjanS43M7Aj3MXI0vkjn-RmcXLHy1xjBZjS7Y9rJBPpXlKhPn9CiL3EkEUBx1Bad1zJA02Eh-y-Ul1wlZUuwrOXnwVe9pLPaLUg0YnTAERwjEgud2r0MV0S-kZonQkA&cid=CAASJORoW6E86dghjacaMGFLX7q7s9pZ-x1kEqYV8qKF72e0BIVKoA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f8880b7cc78fbe5f56ef008bb1961905036f577293c77a34b07e507c005f403d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33116
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 60B5
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BaTJvflN75ndmnULSAfRyN6fLMjEJYvcYX4R0vEgdSbs_0VX78RowQe6o6lwfgyXG07CSr3ulaIX1nwG2L6xBtBwizUdQzpftYnvQfjI2o_-IpZs8
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 60B5
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:14:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 60B5
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36708
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647862282720048"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Mar 2022 04:06:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 60B5
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:31:03 GMT
l
www.google.com/ads/measurement/ Frame 60B5
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQAp5y0JrNHdwA_sJIwnPt6jryhIRrjwOh3WDDQnVhT_zD4_DevGDsHjxidci55B7aQdgaXxAzL46rcN5rV_TbEzRGnvA
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

request_content.php
hal90008.redintelligence.net/ Frame 0414
7 KB
3 KB
Document
General
Full URL
https://hal90008.redintelligence.net/request_content.php?s=60439800014014004380380011906008&a=72c628c7
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=c1opvitr4rrd&nw=20&renderingType=javascript&namespace=025a789845&subid=&uid=f51a1b59fa4628d7&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYjlLQgAOkk4Kd55EUgVliQ%26exch_seat%3D20035004448%26mt_aid%3D3962059649465271817%26mt_id%3D10406294%26mt_adid%3D215543%26mt_sid%3D11142481%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3e646239-4b43-4501-95e1-b861985f0487%26mt_cid%3D3e646239-4b43-4501-95e1-b861985f0487%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCVpv7Qks5YuqmMpuV3gOSzrjgCM-HjptcwIbZgsYCwI23ARABIABglQKCARdjYS1wdWItMzc1NTY2MjE5NzM4NjI2OcgBCagDAaoE1QFP0HCnsHhPqdHcRd7-2zjRXDm7_wjDZiZmVwaPWxeSOzlZM7VfXjG_CcjJqLDB0_JyQMPoWVjMjND2pf4gMEaRVgK2FY-hs3wswLo-SVkNMiPawhldCSva4F9avb-rTBsuKYghiUlrmj5gQPm2xJPwvF39bkSVG03qwTTudFb5wl1V8vzJKZ3tObObQ_hjTeBh3krumXUawY_yMcuWmjhSY9OT_Tu5eV4oX5fLbaTN75rALFVjvzFadw_svZ0Ms-abhJ164oIj8D7LaqYbCUQ6yzzASOaABp-jv7-I5MiHkAGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_0y0ilabHJzuV7lHr-MXAIdXkNeVQ%2526client%253Dca-pub-3755662197386269%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3755662197386269%26output%3Dhtml%26h%3D90%26slotname%3D1162504554%26adk%3D739537396%26adf%3D2751417948%26pi%3Dt.ma~as.1162504554%26w%3D728%26psa%3D0%26format%3D728x90%26url%3Dhttps%253A%252F%252Fivona.ua%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1647921986607%26bpp%3D6%26bdt%3D128%26idt%3D160%26shv%3Dr20220317%26mjsv%3Dm202203160101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D16cf585529a6bea7-2259d42862cd0050%253AT%253D1647921986%253ART%253D1647921986%253AS%253DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA%26correlator%3D7054818411227%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D175811496.1647921986%26ga_sid%3D1647921987%26ga_hid%3D2137851971%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D5%26biw%3D1600%26bih%3D1200%26isw%3D728%26ish%3D90%26ifk%3D4020834182%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759837%252C44752536%26oid%3D2%26pvsid%3D891740072528335%26pem%3D468%26tmod%3D1953675164%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C728%252C90%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.8mk5k5e9xiwq%26fsb%3D1%26dtd%3D168&ancestorOrigins=null&random=6414425415380&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f680b3e02ad880ed3077dda37fe4b5009db17a91a95404a742c67a2c5de7bbd4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Tue, 22 Mar 2022 04:06:28 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Tue, 22 Mar 2022 04:06:28 +0100
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2294
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1DED
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 21 Mar 2022 13:26:12 GMT
expires
Tue, 22 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
52816
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
container.html
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 66C7
6 KB
3 KB
Document
General
Full URL
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Mar 2022 04:06:27 GMT
expires
Wed, 22 Mar 2023 04:06:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking
ad.mox.tv/delivery/
51 B
51 B
Image
General
Full URL
https://ad.mox.tv/delivery/tracking?hash=ZlFqRzc0T1lKdCtQTjd4Z2p6WXZxekNud3J4V0t2dnpjOWdWVFI5UlJrem16Z3pYYmJxeEllRVRNLzRjd205T1N4RHo5KzRHQmVPTkRhK01MR3hadkJmQnh1VzRDSlVkK2VoalVQV09jQ3VIZytOUjVrOUtxZ0V5SEwzdDNybTRTT0MrV08zQ2tRbjJrcHFyN2pkSHkxZTlGQTRKRmk3ckxEdmNocUhZem1GOTd4eWlmMkRLMVBVZmh2Y0R1QU9vbEpVZ1RSNUtJeFF3OHppdmV4bDBJd045b2h3anNzWW1YN1J6N1BLZ0M0b2ZvU00wT0w3SXcxalZ1U0VNR2FMTg%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
truncated
/ Frame 099C
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30092b46eb1f26a95ff624f4f2a6e33b8765c8e9c2d3b43112d1c1aa6316b470

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 09D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_oMS3z9u-PYk-xSzCEVJY&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_oMS3z9u-PYk-xSzCEVJY&google_cver=1&C=1
43 B
1013 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_oMS3z9u-PYk-xSzCEVJY&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARjr_cTDATAB&v=APEucNVp15_jou08-SusmwFGRvQNIUKzErEyiaoymeJNrVZIf9PXUBMv1NVeusjnzYh1E6rSOul_TxUbFX9ptxwz9StBPC4NZDio25iFnAAmIrrRcdBs31oLMidqfJWCh179Zw92ui0nzd4a9b2zA6B0Dp0hp5anw8ZM85OLWTFakp8JqzyO45kChklIMLPP9EaY12UJHhLd
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 04:06:28 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_oMS3z9u-PYk-xSzCEVJY&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Tue, 22 Mar 2022 04:06:28 GMT
rum
dsum-sec.casalemedia.com/ Frame 09D2
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjlLRKp8whwlHmFQz0T4ugAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_oMS3z9u-PYk-xSzCEVJY&google_cver=1
43 B
893 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_oMS3z9u-PYk-xSzCEVJY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARjr_cTDATAB&v=APEucNVp15_jou08-SusmwFGRvQNIUKzErEyiaoymeJNrVZIf9PXUBMv1NVeusjnzYh1E6rSOul_TxUbFX9ptxwz9StBPC4NZDio25iFnAAmIrrRcdBs31oLMidqfJWCh179Zw92ui0nzd4a9b2zA6B0Dp0hp5anw8ZM85OLWTFakp8JqzyO45kChklIMLPP9EaY12UJHhLd
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Tue, 22 Mar 2022 04:06:28 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJ_oMS3z9u-PYk-xSzCEVJY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 09D2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDebqmO7-dZ1Jg92B7J0HQA&google_cver=1
43 B
1016 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDebqmO7-dZ1Jg92B7J0HQA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARjr_cTDATAB&v=APEucNVp15_jou08-SusmwFGRvQNIUKzErEyiaoymeJNrVZIf9PXUBMv1NVeusjnzYh1E6rSOul_TxUbFX9ptxwz9StBPC4NZDio25iFnAAmIrrRcdBs31oLMidqfJWCh179Zw92ui0nzd4a9b2zA6B0Dp0hp5anw8ZM85OLWTFakp8JqzyO45kChklIMLPP9EaY12UJHhLd
Protocol
HTTP/1.1
Server
37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:28 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a0815d69-5bf5-4188-a36f-103f66766da2
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDebqmO7-dZ1Jg92B7J0HQA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 09D2
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1MjM4MzIwMDcyMjA4ODk4MQ%3D%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1MjM4MzIwMDcyMjA4ODk4MQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARjr_cTDATAB&v=APEucNVp15_jou08-SusmwFGRvQNIUKzErEyiaoymeJNrVZIf9PXUBMv1NVeusjnzYh1E6rSOul_TxUbFX9ptxwz9StBPC4NZDio25iFnAAmIrrRcdBs31oLMidqfJWCh179Zw92ui0nzd4a9b2zA6B0Dp0hp5anw8ZM85OLWTFakp8JqzyO45kChklIMLPP9EaY12UJHhLd
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:28 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a24fa4f3-e6f7-4af2-8ed5-ef1cf265685d
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU1MjM4MzIwMDcyMjA4ODk4MQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 60B5
169 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
Origin
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 09:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 09:59:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/elements/html/ Frame 60B5
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfCi-wP37dgeoEtfUJKZ7XzGv5j41cSEnh67eBz5fxIdzhF_9W0-KEYjPmIW4TyGHUDYrM47uQa6YQmx7A-Fh60d0Q1O9ltW-fNXd5DsCpcnxeeXDPnHXJi29dkAH5SKQFvnqgCboTOj7Jh3_b0GOB4SIHV6xvrheReaMIceHgEfCleBp65FzWCq7pm7r9l8cvYpZz&cry=1&dbm_d=AKAmf-Bkh5uQm6-B3ChOCjfaqwP-dQ_9vicK7GqaWl_P1o61PTCekiuHqSfQSLdWLX4XK_9amJ4BPoZ2Toi80BrG9VPbpMs3hCJnKAi81SvwuSqbZYxjnF45Fw6dSqYX07Y7cYpuiJo-xmJaSX_wbxazMmD_nbIP71gLqAK_E-ozSP0MwX_o1s7V33h44sdMSQ3nZyVZ4UmdqjVsKYWs36LyodZcoL5hfeT4gxbTe0Ds2yWUQwKQJpUBDGxGBBlFhoxz-adHhxkmb_kcI_rZlw_loZYMnK37zMkjpw--1ehTN89S1WdAzTlgYoXf6lpamh2ym3lKRvpxdboOOHbX4gz74Z2DIOD2UPpy3xlaM8VnWpg0gcKY8Ufph-Km2iO8hsKnMlZYzWj_F1mHaVf9_yuEF7LdBRJoCwqG_rvLPegot5z9oaingqXiGaponkgWj8j168Stvl3J3YY76w_FqHy11L0qtGCqIMBeOFDspLdQSOjImw8TGSk39sbDeoeJxQ3PKfeQ5xm54aBvparE16-bXPmHRH2lMODoZrUzpE61vrTwLoOND_XPcxlam4-GoSRlRbOWf5TYFlv1z6ruuztxpL9oC6vJvaIB4wtDyvaxD0LgulHW1OOcA4njZMFM_7I2O2dyTZ2TTCg0t3M0woKHxoBzWrBs5-3wiZb0qzpY2HUlUYQb2onDgI3GRfhLZ0UiONbo5XK5DroEmR74wPKKt7DVq9mJQCvp0tG-ScXq6QXXvzTdLvtOqnSQkUoFoXXxpVoDViX9wIN6LKGNIH0xpR5Q8tInbHXi0ThAyNSfJkXYruDJ_6eFAdIJU7WBs2_o5qOxP6tB7_u0MWHF2aYiV9irQ-fzKrWewUY1-mc3Ns2tUEeFYVPQAHYq3WkSPf9Zx2TKaEr24oQmQms64faBbabInvGWJRodEh1pRpwznJeQ7XCKMqLCCWudAVIDwwnn0-7vtW6G33bGMyF_sFkO1Csmz1rLm7C605EGo19HB-zIDjhfPVJCUDEX2NZqRyRsPGhsJ9M5VEvPsJ7izZ3wfUXJ7ZNidaNkQ4OPTVXzDoPjSOYxYE6ycu77r9Ojs6b7h2hK0CehKnQ8JP3mUIIQdOEgSwERU4J26SJsPmFcOpDEjbYFTEKjHoxGYaQVcE9lPncLZkGKge5wqOngZPyU_7GUyd84_Yicsp0SMf5eYZMINr60R2dngebe-fvmv7RgH8RT_v9VIpXzctmDcmRONPg9UWcMqAYXpd3l5bxzNBPwWXIyF_Xq_B4In3y2F6w6dzi6aNltZjSMmgAdO13FaFrZtkkw2vkOLtNE8JDIp_aBe0mmtNfREP691Whu0yiLBzp01izoYPPkv8spKoL9wSih2HDAj17_pL7XSiKuIwg1w6STGGKGMyjEZtYXcJ3_K3bbYfiQV0o263FAWjjlRbJh1e1Qgsv4Gy9AL-4dhSSKMJQ9k3J6HJTXqm249wDYfddgd3AffosL8qCZ8U4SbPb10uew26bOhyP8AWTVxtYPS8eeZ1u341PfZpDRiNUyvk2x9-vD1WImEVk5PNvXtu3HEXXvW92Xo556lCScnz1gXschv9nPAvDsbxCTtXw1nqQdtacxfnoY7UOpnkFLXIs9KNr7rAei3ki04bzkb2fK5cqOMV3ysUDxhcFP53H7fikfHvc7aWa505bVEiOTXcYWu12b0t-1Hb7FLDV1vhqTOV2Ij0hRTOd_Hu_w3IguzixDL3AZwg_zPFaa_Z2RtrZdiplTcuUU9pT63L-tK9E5ffPP_ApoyAFcZYAQb8cxG9HiNvpDvxtrpBOVOERZtDFv-_cwY3eypVTP0rb_h1I70GnuwKpNgx7e0unY8LbBP4VyjDpJobYVG5giKUKB5_oHrvrptKVla3RvuFBmeGmMVvAxQyKZHkMAjua9pZT9v1vD1rDfvcF6fclkHwthh276Bol9-WcTyBH_Jf8mPWjPfPa94k6usT5aKOi6epU1hI1EZSpPor3E1JZf0mfmDqQrf_3O83QrLRx1jf5C85cW3wg_i66IR_qrcNNFVhpTZhWPaWerytwNf1r_mzGMAjw1d01FIQbWdYRTWDenW0F4jl7hSsY0MoPDuwNIIfYSKX97ljilTPlTjlxySCKqsHNajjeNYKBeKcb55BvIgdO9Am4vIgXL3ndGTxmgDHHh62_y6GOj0_DOrhLVO__ynR-jqRAeuhBLiTlhe5ODgZGUer1SQVVbdcCSkqQIuY4gNEMKEYPEIh1jFdv1u4p_t-W3VlngU8eKEzZAg6wqRzolwTPER2LUsUtGtiYCsrxa1_T_Fm30_uNTO07edvmM3eOQLteDzwNuqQe95-DDrZfWX4hYLilOx0539bMXtYXw_iEr7RoqlAHZE6F33iV-cVPFGQCxV8gF33H6mDFlnzEYh-yaMkSrllTdqpsN7VIb2StPUvf7wsfl6mEXC0qmrCznmymMR7D4yRnZZwcIRJ-LhKoW9fYwZMJ2WZPmNUpLNlkmKfaf5S4cioJqKpWNZhS89G-H-KnKBuOl40PipjlrOYnf8xzyZ27KNR7K-qX3-NoQNfZeCyHOMLuUsrl4v9KlUz0yZ80OKWpIVh_QqwLXphk4FdXkiScuecC5jtqDrQh87FLftRKiiQCsaQiMal1Y3-x57IMe37-eD-yJQRJMy4ZvgH-LS4nq1aVuXAiXrUG9C_wVyqSvRUmFBdAA3mleS4pPZhMi717K2qnYxxziHJrnq9HtU4mYhp9w0n-MzkGPzNTvown4WGGQ_P5wMtdXHnlelwm6o4g13lB1M6mm5QbwM0uyU_sZZG2cQMHTwbgaFlC5N5ClkR_6BjOMo7k0hxJBJKOvK6WfwM5ROn0udT5RlZ_dwdezlCYALE9G-K6FaL9ow3xBShReIcC_2EXe4GkKULqMHTfPnnxn084H184amET5FA-ozYw1r3zDjrRb83sCC9-xZNQJVShk27tFNbvsj3BeLiuopIkKmluAvfJOx1PlVapNTXMuKe6BtGteJ1GJtHejpqcpgAoFvZmboRHo3WaWK65Th7I_bEE-vYyFdkoROqEt6-UyzA5x6cCU2cN1u6EDw0RAtZi63wFfDaYu2H6J0jmg6DjTuTs8daptCKA4h6sDg-DIqasHFWSJyemMmOX6CWcU7TnhFCDsp1ulaELctK0-KJKyIviHUSsNBLlYejGxUva-bivqS9O3gIDWhfRWQIHvHcj0Bl7XWwT129MemAOu4hpR3GQY-Oe9STJZbf6d9I7G8v0SZA517-r7v6HWsD7GZQptayjCsAxiFN_Qx0K6VykJCa9wrIoWJQboDQrM77ncyLkbXFSdpOWfajl2aPkH9OAyy324UZUQTeW1NQaZK9a022veg4uzTUZVFhI4mqVNXag0_ep9JrXRKqoRlOJxJvDIyFFLT7RY4SGxjanS43M7Aj3MXI0vkjn-RmcXLHy1xjBZjS7Y9rJBPpXlKhPn9CiL3EkEUBx1Bad1zJA02Eh-y-Ul1wlZUuwrOXnwVe9pLPaLUg0YnTAERwjEgud2r0MV0S-kZonQkA&cid=CAASJORoW6E86dghjacaMGFLX7q7s9pZ-x1kEqYV8qKF72e0BIVKoA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:53:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/ Frame 60B5
25 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CfCi-wP37dgeoEtfUJKZ7XzGv5j41cSEnh67eBz5fxIdzhF_9W0-KEYjPmIW4TyGHUDYrM47uQa6YQmx7A-Fh60d0Q1O9ltW-fNXd5DsCpcnxeeXDPnHXJi29dkAH5SKQFvnqgCboTOj7Jh3_b0GOB4SIHV6xvrheReaMIceHgEfCleBp65FzWCq7pm7r9l8cvYpZz&cry=1&dbm_d=AKAmf-Bkh5uQm6-B3ChOCjfaqwP-dQ_9vicK7GqaWl_P1o61PTCekiuHqSfQSLdWLX4XK_9amJ4BPoZ2Toi80BrG9VPbpMs3hCJnKAi81SvwuSqbZYxjnF45Fw6dSqYX07Y7cYpuiJo-xmJaSX_wbxazMmD_nbIP71gLqAK_E-ozSP0MwX_o1s7V33h44sdMSQ3nZyVZ4UmdqjVsKYWs36LyodZcoL5hfeT4gxbTe0Ds2yWUQwKQJpUBDGxGBBlFhoxz-adHhxkmb_kcI_rZlw_loZYMnK37zMkjpw--1ehTN89S1WdAzTlgYoXf6lpamh2ym3lKRvpxdboOOHbX4gz74Z2DIOD2UPpy3xlaM8VnWpg0gcKY8Ufph-Km2iO8hsKnMlZYzWj_F1mHaVf9_yuEF7LdBRJoCwqG_rvLPegot5z9oaingqXiGaponkgWj8j168Stvl3J3YY76w_FqHy11L0qtGCqIMBeOFDspLdQSOjImw8TGSk39sbDeoeJxQ3PKfeQ5xm54aBvparE16-bXPmHRH2lMODoZrUzpE61vrTwLoOND_XPcxlam4-GoSRlRbOWf5TYFlv1z6ruuztxpL9oC6vJvaIB4wtDyvaxD0LgulHW1OOcA4njZMFM_7I2O2dyTZ2TTCg0t3M0woKHxoBzWrBs5-3wiZb0qzpY2HUlUYQb2onDgI3GRfhLZ0UiONbo5XK5DroEmR74wPKKt7DVq9mJQCvp0tG-ScXq6QXXvzTdLvtOqnSQkUoFoXXxpVoDViX9wIN6LKGNIH0xpR5Q8tInbHXi0ThAyNSfJkXYruDJ_6eFAdIJU7WBs2_o5qOxP6tB7_u0MWHF2aYiV9irQ-fzKrWewUY1-mc3Ns2tUEeFYVPQAHYq3WkSPf9Zx2TKaEr24oQmQms64faBbabInvGWJRodEh1pRpwznJeQ7XCKMqLCCWudAVIDwwnn0-7vtW6G33bGMyF_sFkO1Csmz1rLm7C605EGo19HB-zIDjhfPVJCUDEX2NZqRyRsPGhsJ9M5VEvPsJ7izZ3wfUXJ7ZNidaNkQ4OPTVXzDoPjSOYxYE6ycu77r9Ojs6b7h2hK0CehKnQ8JP3mUIIQdOEgSwERU4J26SJsPmFcOpDEjbYFTEKjHoxGYaQVcE9lPncLZkGKge5wqOngZPyU_7GUyd84_Yicsp0SMf5eYZMINr60R2dngebe-fvmv7RgH8RT_v9VIpXzctmDcmRONPg9UWcMqAYXpd3l5bxzNBPwWXIyF_Xq_B4In3y2F6w6dzi6aNltZjSMmgAdO13FaFrZtkkw2vkOLtNE8JDIp_aBe0mmtNfREP691Whu0yiLBzp01izoYPPkv8spKoL9wSih2HDAj17_pL7XSiKuIwg1w6STGGKGMyjEZtYXcJ3_K3bbYfiQV0o263FAWjjlRbJh1e1Qgsv4Gy9AL-4dhSSKMJQ9k3J6HJTXqm249wDYfddgd3AffosL8qCZ8U4SbPb10uew26bOhyP8AWTVxtYPS8eeZ1u341PfZpDRiNUyvk2x9-vD1WImEVk5PNvXtu3HEXXvW92Xo556lCScnz1gXschv9nPAvDsbxCTtXw1nqQdtacxfnoY7UOpnkFLXIs9KNr7rAei3ki04bzkb2fK5cqOMV3ysUDxhcFP53H7fikfHvc7aWa505bVEiOTXcYWu12b0t-1Hb7FLDV1vhqTOV2Ij0hRTOd_Hu_w3IguzixDL3AZwg_zPFaa_Z2RtrZdiplTcuUU9pT63L-tK9E5ffPP_ApoyAFcZYAQb8cxG9HiNvpDvxtrpBOVOERZtDFv-_cwY3eypVTP0rb_h1I70GnuwKpNgx7e0unY8LbBP4VyjDpJobYVG5giKUKB5_oHrvrptKVla3RvuFBmeGmMVvAxQyKZHkMAjua9pZT9v1vD1rDfvcF6fclkHwthh276Bol9-WcTyBH_Jf8mPWjPfPa94k6usT5aKOi6epU1hI1EZSpPor3E1JZf0mfmDqQrf_3O83QrLRx1jf5C85cW3wg_i66IR_qrcNNFVhpTZhWPaWerytwNf1r_mzGMAjw1d01FIQbWdYRTWDenW0F4jl7hSsY0MoPDuwNIIfYSKX97ljilTPlTjlxySCKqsHNajjeNYKBeKcb55BvIgdO9Am4vIgXL3ndGTxmgDHHh62_y6GOj0_DOrhLVO__ynR-jqRAeuhBLiTlhe5ODgZGUer1SQVVbdcCSkqQIuY4gNEMKEYPEIh1jFdv1u4p_t-W3VlngU8eKEzZAg6wqRzolwTPER2LUsUtGtiYCsrxa1_T_Fm30_uNTO07edvmM3eOQLteDzwNuqQe95-DDrZfWX4hYLilOx0539bMXtYXw_iEr7RoqlAHZE6F33iV-cVPFGQCxV8gF33H6mDFlnzEYh-yaMkSrllTdqpsN7VIb2StPUvf7wsfl6mEXC0qmrCznmymMR7D4yRnZZwcIRJ-LhKoW9fYwZMJ2WZPmNUpLNlkmKfaf5S4cioJqKpWNZhS89G-H-KnKBuOl40PipjlrOYnf8xzyZ27KNR7K-qX3-NoQNfZeCyHOMLuUsrl4v9KlUz0yZ80OKWpIVh_QqwLXphk4FdXkiScuecC5jtqDrQh87FLftRKiiQCsaQiMal1Y3-x57IMe37-eD-yJQRJMy4ZvgH-LS4nq1aVuXAiXrUG9C_wVyqSvRUmFBdAA3mleS4pPZhMi717K2qnYxxziHJrnq9HtU4mYhp9w0n-MzkGPzNTvown4WGGQ_P5wMtdXHnlelwm6o4g13lB1M6mm5QbwM0uyU_sZZG2cQMHTwbgaFlC5N5ClkR_6BjOMo7k0hxJBJKOvK6WfwM5ROn0udT5RlZ_dwdezlCYALE9G-K6FaL9ow3xBShReIcC_2EXe4GkKULqMHTfPnnxn084H184amET5FA-ozYw1r3zDjrRb83sCC9-xZNQJVShk27tFNbvsj3BeLiuopIkKmluAvfJOx1PlVapNTXMuKe6BtGteJ1GJtHejpqcpgAoFvZmboRHo3WaWK65Th7I_bEE-vYyFdkoROqEt6-UyzA5x6cCU2cN1u6EDw0RAtZi63wFfDaYu2H6J0jmg6DjTuTs8daptCKA4h6sDg-DIqasHFWSJyemMmOX6CWcU7TnhFCDsp1ulaELctK0-KJKyIviHUSsNBLlYejGxUva-bivqS9O3gIDWhfRWQIHvHcj0Bl7XWwT129MemAOu4hpR3GQY-Oe9STJZbf6d9I7G8v0SZA517-r7v6HWsD7GZQptayjCsAxiFN_Qx0K6VykJCa9wrIoWJQboDQrM77ncyLkbXFSdpOWfajl2aPkH9OAyy324UZUQTeW1NQaZK9a022veg4uzTUZVFhI4mqVNXag0_ep9JrXRKqoRlOJxJvDIyFFLT7RY4SGxjanS43M7Aj3MXI0vkjn-RmcXLHy1xjBZjS7Y9rJBPpXlKhPn9CiL3EkEUBx1Bad1zJA02Eh-y-Ul1wlZUuwrOXnwVe9pLPaLUg0YnTAERwjEgud2r0MV0S-kZonQkA&cid=CAASJORoW6E86dghjacaMGFLX7q7s9pZ-x1kEqYV8qKF72e0BIVKoA&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 04:03:26 GMT
container.html
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2BFE
6 KB
3 KB
Document
General
Full URL
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Mar 2022 04:06:27 GMT
expires
Wed, 22 Mar 2023 04:06:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking
ad.mox.tv/delivery/
51 B
51 B
Image
General
Full URL
https://ad.mox.tv/delivery/tracking?hash=NDRTa1FZZkJnTnRXb0VFMEFEeXFMSVJjUmt4R3YxTE9va0FaVGxiTVRlS1A0eUE5WUN3d2VzdlB5TFhGU0U5SnJzSW52K1laUTJhaXJDbXJ2aUlwZnFYNXM1NmxNN0RiN28vR2JCVXc1RzV5VG1PTXhOb1IzemMwUE50VmNMRzNPdDZaTEhRLzRpVWsvWDNLeWt0M3RlZjF6YmpYRndSbjc5QzE0QkFUUEU5MnB0STAvUnF3bi9iamFJdGNHQ0lxU3dIMGFiQmdXR20rdWJWanhWNE9Db1N5dnFqQWl0dDBGQk02RmY2NlhDMDVjMExDNlR2cU9nQUV5TDlpMkpFOA%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4B5A
6 KB
3 KB
Document
General
Full URL
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Mar 2022 04:06:27 GMT
expires
Wed, 22 Mar 2023 04:06:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking
ad.mox.tv/delivery/
51 B
51 B
Image
General
Full URL
https://ad.mox.tv/delivery/tracking?hash=T2ZMSlJaS01rUTFOT3JVZlBrQWd1WGRDTnlvdlE1RjliaTdVS3hBU0xmYmxCSURwcjRlYkVSeXYyQnZoaXFPUTZNYmtRU3FzcVFrWWQ3KzZVYTRlRDEvMGxRWlVyb1ZlVHhYc1VvdkZHTHJWSit3cGhScVMxaHNTcFJaakllc2hGek5xbnc2dVdNVDFTODR4OG9IOXdpMG9lRytmZTF2TnV2U21aaFRXNUg3SEl1SlhsYVlLWnNHb1dsMHgxUkJybnFpZXI1TzZCNVdZelJpaUx6Q05BbU04QzlSdnRCQm1yYVRpS2FXRndnOWlIVHU3eWZaZUxnT2U3RDM4aHpvTDNyYVRWaTNEaVVuRkVsVXEwWEVyZ2c9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FA33
6 KB
3 KB
Document
General
Full URL
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Mar 2022 04:06:27 GMT
expires
Wed, 22 Mar 2023 04:06:27 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
tracking
ad.mox.tv/delivery/
51 B
51 B
Image
General
Full URL
https://ad.mox.tv/delivery/tracking?hash=a01jL21pazZXaHZXMHAvaDR3YmVEVzA4cWQrcmdvOUFDL3RVR1E5NUFmd1B3bVEvSXNENW1sZEgxcmo4TWp4ei8veGFEOFkxMmRxdDFPSW9Qd3dXTS9tSmxCLzRaaXpuNjI3NTU3U2YxRDIrTDMvZFpTTnpuTmlHbDRrSXFlM01TRzRjak5pV2VkOUJpWVgvV3daN0ZmRW5TSzVSbGxuTzR6YVFwbkRuSTlvTkJrQURwUys4NGZQdTZndFRrbjN5TVBIbnNSZVBHOGhnZFk0WnVwdnVIRDIyS09VMEpVRDlQeEhmdGFxY1ZnRGZuWFpCOTJuaVl3TFRxYS92WHMrVGI1YWova3VGTmhmeVhHZ1N0c0ZYdHc9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame 81CE
640 B
316 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiC_aO-ATAB&v=APEucNWbvfbLAvHz8-EhdSFB12xTf8BxPlZ62G8slvBHU_ETu2XvXvkLpYxV3gUeicZtFERqfBifXB4d2RhTfA6yvCuKlgkAPpSePeaOOjUuarjx6N0PKst451v2kKYe2oQdhdjbcaWFXBahSEA5DSgNE4GD31CG9khMigfrURep9Ija1yvElg0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 22 Mar 2022 04:06:28 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 2200
82 KB
33 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2jdQ9C7nLMxVgJBEK1ayFtwDYli4PX1hpf119zIetcy53AbRgP2NX_m41f2yPq44kDrgVwJz0dOFDnPUa1gyjDY02_44SGsGh7ZZO9PCZl1ejv_LyXnJYbFr86hFDv7CTwSklLUo-ppIWosyRAfoaQlAtHQ&dbm_d=AKAmf-BLze5-IlhwUrHFkM6EEjbGh6q2jKs_pYXbFmRNnkPPoEwIeUXELWCr7yc3MjMWFfIcxof1hTz49hHXCW1h_rakDV4BQmHJ0FPy6Ie9z99XmbzILvO2E4ANNr8K6OLIr5EZoLgYjZRARXavUD3w24BtVx9K43B4wIKGi0JzPn0St5Z-NsbbEe6tjkehqhs59DNtmLqmWo5-Dbj2AwosFv6XpHsW7eeHvD0Cr-UMPefScfoUdyTzfS6zMY1Zk4o1KsIDmIl-p0mGRsmm3YqA784vgNwuLsVOo8kw88vwmgUFZDlAeIut5J2iJjFTwTDJUTr5rm-WPOSkKxQ4V2zXdmdXyYsgVeUWosF5hwETJKFV3sTEHWOMvMJJllQ4P4W_YV36ucgdYuW853hJOy3s0cvV_wj7569TsGNFqRE0Xh639Thfiu4NqpLGphGPG54RCcjFJjK_9Mm1fZ0uFyPCe0plxRHP75xQKDF9sm38IewXhvzzHgZySCb2XcXLNWw3rr_ThvwWtZrtSy9U52mfEdFYNm9pYrynyzJFJ2-gvy68Zl1hxWlkC5bAVlsULB8mHJMA1sxpu6skVIo_KwxxzB02IXoVoDPzqLGx_8AtbEJnCNlRcHLqEy8RkavCSNNpwQ00EhUTpP_LAk1C5T9RfQFiYZHct8Tj7p-6rJHKPfz9_HUuyjA5EXgKcxzoyC-7pBwp4hNJFOCnjxhPBtoIB8lNFK9-rouWhZrLokGjQHNdwqszv0X7ewUsMtl8Av3KPfgjhY-ahaQmkSo3A9f62gHC2TZ8yN13KLASi-cp3Cso92OqftjVq9XvwIvobtc3dgt4_i_N-o_SZZi_GRv5_xSTxXSSy0yCXii2yrYRor6phitE-2wCVNAvmJf5EBsp4KeN5Eqfopu-CY9U3J4rsWUESRdiX4fMBnoVnk1z-1oW5baNgWcOMI7ur0dB-MGFrkLDeHp0yU9aBttc_46f0U_WgG5mGpK9HAsdO-osbry5ARuUIfiv3kNjlOLMyeWxZITxqAg9qfhqWz_mEl7y8p92fkM4sfaLatTSQTibwc49nmJma_CN9cTZNAngY9q7IP_WnBS2zclAexGYnDa0nWlq9E6MMCZf9XsId376teq18iPfcRYWen5N63ShLN6nsO1ccJUEaQJMOCxMZ4RrqtuezMt-4P0WMn8KACkp10RqhoQpO-i7Yb9v3nD0L7PnKAJieogKfEC6AS9aio2wESYZ1WnwsIi5qVc5NMfBuOTT-tbmsPXWrm91LWNAYVaK81hOgvvbkoodZBToMfgQQVRy8z_t3sZPIziV8rvmIfc7fsj-TWeFbtuqHjcHCSg79ck9RhEW5Y-qqF7thpGutWbwQ3lBhhyptNUpru6h4D5Z6FkiuPdil-FvLTh4JksgDnkfaGbAOmuka5GPRmxNXZx2izcHm10cj2m_hveLd4lPNl0oZ0BMywt_0gGm8idEEWQUKZ8ckJ6gMlsHBWRjx-prbyLoKQFQCSDFMLQUHfoDwwWQCSDfo3NY070R9TdZKErrtxy-zaOjhfUsJ2NnL--fnREqojGdhq79ks_t2dI1n8S9GwBy4z0-w-WJQ-UyKDtzGi0zhq_PSCIEX7THiLi8VpDqMOuz0mSNDP60nq8EeYKaky4zaDFosYqkzfVicWZY454qLGfD6apzGtLB8UAMjVOTPz52WDz-XSKHO-K0ep_RoconJoqQQoqXi2qdrtF8Vr7je7vQsrubSnJXAXxTaTqnElG84du-LO6B8kXYumqaH5wzfyazgz4CmoJ_FG2dDpozNQ9NQyRoM5AkZJ5l8opYf1SOiRI96M8bVcmRFDgPK3hFZa7QUbFRKlp_de-ApsOg84ZSxXEnybJyOcmQrk8OWO7OuCtN9918QDpRQKZxUg7lFy_cI0z1X2a48nahUAMtVyCqi-0HxvnR_qwc-1sZMKFef18XwUiDH-lKRv6IoXcWJF-t-1WvJvkn5NVUFPQhFSk2AMzqv0Bvgv2Um6l--ASJXctLKDiFBsKBQTIfYf6-9i4atS3IEYas8tkfW4hWlyI14UMKbqmQdoNlEyqCHBuuPd8ZCnGss1phVZK8wULKY60gADfk140uBoQT-PHJIzcNdExg_S9kE89Jb3TJA7xYgh3IJ4qalKXVZ-TU0mFVVqG0KTUxHeIz29xDbHX5I5EWUrcaPOGr62d-LC4cVlyPebnMyv0STM7OjFb721yaBPFWzMRfB8LpQUug4qR05Te70XF1J9Z-Jll2G0ioLofZzpPxLuvfyIZZSmxqKiV-PLbbc6asQmvpXBZ2crjC-1cf3c7_4n6PuZwvs1ahCdDKW7wzFq63KiYGZuGs7X44RCXwSonDyVuaatvftOUarmCagFUZH6L_aG4iXWJLMj0UHALibBtVbRfCen9o7affYdMSRn-U_WxJlhMP260-EZMBicn2RAk2PxZw9UA3ttddSEHh_0nr_NCfbyRxbDfYVKFPMJUsT5HEtOpFZIW4wjNRFnNYscFnEqQdR_gSdYBqRXOo7Xd9a3fEzj7kK5AfOjTOjeIpLA47IQtcbkHkhB9uQ5xKv9U0pbZLTvRKzeCA8ZLCPp2ZzD5KPp3cNOdaHaq-UoTYgKgFbHe8SBVAuOnmHaAZDyEnKQ3BYNy0EGcjHpKzkw1BCnNkiLw0-FRQL4WOAfvDi-HagQb1hV25PS4skSc0qR5y5F0CEHVqpOdchstLBXboQS4eAOE3nVWRbprSk3wP4IOMy5K9n7XlVWEr985g2oHFdifo3KyzJbYIgt6FgKnJNCuGHQBtjdXhAmiC_zg2xmlr5sfCAGehCZgvUUSZyRNYw18D0Ti2jHDLQ4v-sxl3EIVL9168Gt-RmvpIzor0PnmM-BaAcXm-sHjmzC7bRvo2D4cZ-lbQLPYlsWCRhVstG8d2ZL9ceE4NZydcIFHs1tUVftWv8m2r5rtf2p50gm5JZPfVSHaMYXg3Z7xzfs3ekFaytTl7BFQMWUzF2WytZfAOulD9NR_7dpQ2ej1k1lVfBUKLP89Hs0b5DqD7Njoky30RrBaOoKIPI755w0bqe5KfEDeSGnMVin_H-4V5_ED6Lc4TIYJt0_vhpi46ns0VMpl46VFvCvAUA5y6Iz0Ye1tPgozmolZ5S0uWNw4Su7d8KTcuBES08VYDYURP-N-wGfQS__rvQGJvBBPuclEil6NNDkVYkWk2&cid=CAASJORoJlsYyto8i8qlwO1WGiZWl0ND09KpWk9jRZUzxpLh-lTQLw&rfl=2%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a1ad6b15b75f1ac130c6779e0b891943298db212b158a4a6f92e4e8ae9fd328
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33789
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 2200
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:14:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2200
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36708
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647862282720048"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Mar 2022 04:06:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 2200
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:31:03 GMT
l
www.google.com/ads/measurement/ Frame 2200
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS16ySr1lGGP2PvG5jZMN3AoSRN5O7Uv6iha0Ag99ymed3a3hME2WueFIjVG_fSgHPlzBQ5mIrrXuHXabIuieJI-aUEeg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 2200
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkRZMMt1YFaqnNFjtCfgUrt5THlYPQ6wNprBieYmB02m5XyKZ3AA7U38FHxYojde-VFU6A8k-XJJ6gVtnsQjaHv07tGDYHllCdPRSKKNFUWv1a-n4
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dpixel
cms.quantserve.com/ Frame 1DED
35 B
362 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBdTekdK8l6JZQVHAfBH0iE&google_cver=1&google_push=AYg5qPIc_75nDrz0llp2r65Cx_oo8F7HGvI83upAEepY8coXtd-zxdPGa1n1HCT5GcKl--PFOMAuxQJo5fiAN71FOkTreEy4vmQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1DED
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEI__Fdqp2eVrYCEVROGsqgY&google_cver=1&google_push=AYg5qPLlewzpf9TGEIRmQTJu3lGErYC75i-UR-wYhRiGOeGpuU485UVW5ZnKCcV8wQq3juyRGkVODvGfsuLRl3udRNx__pShNcc
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLlewzpf9TGEIRmQTJu3lGErYC75i-UR-wYhRiGOeGpuU485UVW5ZnKCcV8wQq3juyRGkVODvGfsuLRl3udRNx__pShNcc&google_hm=Q0FFU0VJX19GZHFwMmVWcl...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLlewzpf9TGEIRmQTJu3lGErYC75i-UR-wYhRiGOeGpuU485UVW5ZnKCcV8wQq3juyRGkVODvGfsuLRl3udRNx__pShNcc&google_hm=Q0FFU0VJX19GZHFwMmVWcllDRVZST0dzcWdZ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:27 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLlewzpf9TGEIRmQTJu3lGErYC75i-UR-wYhRiGOeGpuU485UVW5ZnKCcV8wQq3juyRGkVODvGfsuLRl3udRNx__pShNcc&google_hm=Q0FFU0VJX19GZHFwMmVWcllDRVZST0dzcWdZ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1DED
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL7W116...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPL7W116...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjIwNDA2MjgwMDA4Njk1Mjc3NTQyMg%3D%3D&google_push=AYg5qPL7W116xMAJ1Gp_h-VeRTDYfDwZYWnnqlSmsOeufsRqO4mA25NMIW-VOmgGeXqe4U...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjIwNDA2MjgwMDA4Njk1Mjc3NTQyMg%3D%3D&google_push=AYg5qPL7W116xMAJ1Gp_h-VeRTDYfDwZYWnnqlSmsOeufsRqO4mA25NMIW-VOmgGeXqe4U28Wtl-UNfBPgsPfW8FaB2zf5Bn7f4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjIwNDA2MjgwMDA4Njk1Mjc3NTQyMg%3D%3D&google_push=AYg5qPL7W116xMAJ1Gp_h-VeRTDYfDwZYWnnqlSmsOeufsRqO4mA25NMIW-VOmgGeXqe4U28Wtl-UNfBPgsPfW8FaB2zf5Bn7f4
pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Tue, 22 Mar 2022 04:06:28 GMT
dds
rtb.openx.net/sync/ Frame 1DED
43 B
350 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEEtPReGdd2Cf2W8TeLowwfo&google_cver=1&google_push=AYg5qPK4oPO-xNGMcF0gLVzMMVB_eoMSxXmdC_yiqHppC89XysG_yTr4g3KB-PQIjMPF0flTKmh9rPvmKv7nyMfGO6CnKf-dTA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
qor9fcf83dllmo3gi7dldl23i5osk0e0
pixel
cm.g.doubleclick.net/ Frame 1DED
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=21q0qmKdQpyoNWXYUWvrhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=21q0qmKdQpyoNWXYUWvrhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJwbrIUG1kWZRyMm3gN-sMaKIdeIp7d5PpQuCf6lD15IjW7NY9EQ8hZUIPGssTGyP3TQ9_M8_bKrmp5BgabmTzo0qN_i5g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=21q0qmKdQpyoNWXYUWvrhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJwbrIUG1kWZRyMm3gN-sMaKIdeIp7d5PpQuCf6lD15IjW7NY9EQ8hZUIPGssTGyP3TQ9_M8_bKrmp5BgabmTzo0qN_i5g
date
Tue, 22 Mar 2022 04:06:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 1DED
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFWOM8Map7onvD8A7PKR04s&google_cver=1&google_push=AYg5qPKKfKuh10HmsTfyDB-KYucQxCT2zIh9IM-7tdMvgtN-XtNFaBfFLvmh1CNROYbYsFuyf8S...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDExTTdDNjQtMVYtTUE0MQ==&google_push=AYg5qPKKfKuh10HmsTfyDB-KYucQxCT2zIh9IM-7tdMvgtN-XtNFaBfFLvmh1CNROYbYsFuyf8Sm_q1F3A8uLcH5PT7mssxCeD8
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDExTTdDNjQtMVYtTUE0MQ==&google_push=AYg5qPKKfKuh10HmsTfyDB-KYucQxCT2zIh9IM-7tdMvgtN-XtNFaBfFLvmh1CNROYbYsFuyf8Sm_q1F3A8uLcH5PT7mssxCeD8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDExTTdDNjQtMVYtTUE0MQ==&google_push=AYg5qPKKfKuh10HmsTfyDB-KYucQxCT2zIh9IM-7tdMvgtN-XtNFaBfFLvmh1CNROYbYsFuyf8Sm_q1F3A8uLcH5PT7mssxCeD8
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 1DED
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AY...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf...
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 1DED
0
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LuKmPFN2yeKACVXNODLmJ3gsjM94Qrx7wm8pgoUU_3kvPr5mBic5zZQf1U0gJcMDxZnVIj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1162504554&adk=739537396&adf=2751417948&pi=t.ma~as.1162504554&w=728&psa=0&format=728x90&url=https%3A%2F%2Fivona.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1647921986607&bpp=6&bdt=128&idt=160&shv=r20220317&mjsv=m202203160101&ptt=9&saldr=aa&cookie=ID%3D16cf585529a6bea7-2259d42862cd0050%3AT%3D1647921986%3ART%3D1647921986%3AS%3DALNI_Mbkk8lyCxM4Hx5gOW92TbZjIJewtA&correlator=7054818411227&frm=23&ife=5&pv=1&ga_vid=175811496.1647921986&ga_sid=1647921987&ga_hid=2137851971&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=5&biw=1600&bih=1200&isw=728&ish=90&ifk=4020834182&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44752536&oid=2&pvsid=891740072528335&pem=468&tmod=1953675164&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.8mk5k5e9xiwq&fsb=1&dtd=168
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 60B5
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 07:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 07:28:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7B1D
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 21 Mar 2022 13:26:12 GMT
expires
Tue, 22 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
52816
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 60B5
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1e4449092ab5426ac4550055ab12d71e7bd435c52be8d3d9af192435a4c6b10

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 0414
89 KB
32 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=60439800014014004380380011906008&a=72c628c7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 07:35:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Mar 2023 07:35:02 GMT
/
track.adform.net/adfscript/ Frame 0414
745 B
942 B
Script
General
Full URL
https://track.adform.net/adfscript/?bn=53795657;click=https%3A%2F%2Fhal90008.redintelligence.net%2Fc%2Fpk29uozkvkorfqf%3Ftprde%3D
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=60439800014014004380380011906008&a=72c628c7
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
5eae2c0778d946f9d71d3da5657f33c7c19c4fbd5a62ec0b447c643636dbd0c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
549
expires
-1
pixel
googleads.g.doubleclick.net/xbbe/ Frame 481B
499 B
335 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDOx8HMAhjyx9fAATAB&v=APEucNW3gKpBlDuuN4Kee4mCfTFYVjWlXoI5btovmsFYnbBlnIEk9ChNQoTbos2CF1sG8qDxopqIgERzKav1nZIN5-26rPpTQoYPRiU6Alv8vEec77myPNFjoD4Csk2BRVCqLj9ToHkJvdm0rBXALdozRoSVlyvoYkvwKasgKqjcC1QeKsK5Vh7KI6RfT9dUxIjlkgPoIKVM
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 22 Mar 2022 04:06:28 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 2BFE
77 KB
32 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAmtlmYcN6npF4z_F2O0pxmeGRZsG0CMG7_LrO1fjPgMWDr1No3S4fnZQIfO08gKcFC_Z0Fqf1v7opKL3NqOPVOlfg4NvfPctxdieNgwngrfU8pZAOWNKDxoJ8dtxFhJG8G1UOTZxA-Z1Mvhdmsy1DBIHjMA&dbm_d=AKAmf-At27LCQBoR7bw_S2jFBGg95AMt3QaUWMhlPwM5ioa6Ttb1qz3Zma8qnOOWW0NFh2EsFoaKgYSJstAF_KkzunAupxOIQ8frPQOCdY7WHv2z8-PFWOXmKy_7PQzSYlCaTFBlxOSNX1gJb3AMV3dR7pfptPRRnKiT1PJRllzPAt38L9YZwDUXgZACOVyzsgeStArzE-HWyDEsDXy5xtdMHVRp4e7Gy7a3zoIL0m-jaRK4tVWKlry9T5Wdpdim6OOSXqz6O5KPHiDiGnZ_pctQ1_4vSOyyEe7yaeFd_iEDPGHTbe4vBhNDiZmnKU72z21dMtOio_xTHilFwF2vFTERQJekT8atMMXdDnrOwuVPMzIcidC59qBKeudo7getssIqRZ00v7UkLXFuRceNBNz8EUQVjLAxPOJsFsqXtBOCwCH4BKhdxzFLqEg6JAWzcuSF_MBotpgf2zHhYT3VoO0numMcsPU6dAnM2r9-J1FTcFJ7klQQ7_20tBefndAnM44f45EIefAIE4892Jei4vnRuQNIHb5y7CpjjGCKWPl3mEOqJMmKLJM7UNHedkTh06Hiy5yJj0DfO4Ki82O_GqcgVMD1Zzf2I9iH1ZBi3-h97gYHAy24vVg2_3vgNY2O7gbqQbg6wrQoZTeFvbuKTqgK-bcKfoJF9W4FoqmW1OcvO1mj_Zeum7cuHIrDhARAOmXOjQ3sbCSNEHsbabCpTdt7iOWekQyHa5lNFKFztHrq-WDy2qQxy2Ho3H6YddZlnToD6SpXtT7K2iU-jfqIeIx6DkOTbWQUZc4XOwG8wNkr30darf_31hm7GF84sIJaocnkLqwxOwOzCJBbunNdIzwMKWnqmKz16XhPSMkVg2qhorCIR_Rj_sYhHaQ5QgRNckAX5y0z3Jj0Yp_4mvFuc0BroOg8lcvxa4yAC9t82QztkG2cusBMduag_DBbBz97OcbS9MblsduAqMcd6S4HyiMCnW0SUOQhp5JFQUZCSTFbt8CsJc8mjYYqdqQiR3O3ioH8l69n3csscVAIthrfozB7g_ruJDtgbbIxoqy75TLSDP65PVjNCkhWzIcC6nvJ0DUTctfZpSKDn9DC1Pikm3e6DkOocaZjC4dg7PRxjg65BRpV0yCi4IGghOxgiWoyGF9dG2fNkCm6x3wNJ4qd3E216jTpwgCkAvcYmLFZWSz5xM_7Mry-_qVDRKWRe_PQYxcB_iqLujhlmyXjQmqjXpUqHd2KARlb0MCf-PQFYtdjlvSNM94DP0kH_ge_zD54TOiAvyi9l2hDPiOiReDTJ7rC4-I25gdna03Eq_wkcLn5UVbFW0Nzp3oV39jQvqTUeZqIevizk68LzZNtfnATLEc7OCtqCL6bdCEXyIsjQi6Lt9Dx6r9Kg6vWygortDf4aomrxwnLU6reGeCz2UTnu9Yoo-M6yijKJbN4sHDu7VFhtUW-JElKh0uuWEJBAI24apiMBrZcywR4KkwbrjfknvyrwttNimMJf8V-t-448t__XDFRzwzinj82ZePfdzSSehZTnzeji1aIc2YY5WQOwWIl6XqIV7TZ3FYqMX4OCHMjsxUxPY1vaUEJhws9-gsq69qwUmkUo6ie4QGJ-bWzeNDBv7E3wmppYaWwTKRKyrTAiFt06yDqJuDH6d8rfefA6j8D76770wnRYK6Wjjt3xk4Frq74cR3r-lApXq0aFIqqd7gm8HoYAqcoVqSoT-hw-v9ifdG6ZIN0rAGXLLHgfeNIGRU4IN5PBLAGg30DloOaqTATvwWsmVP9mjGqBerPcdzFZG_gw3k9Ej8lWtzqzILU6kOER9osGOb6owE8un9qvYQWVLZla6H1V7cgxn9Eif_6f-7ZtmSnI8060-e3IMmI3Q0ZDYr9VB3kbCeZwE6oMTSo75kivu_Tiv8EyBc_dZti_0p4CuNilBk61oF5QaEQ1MG5vtHD896Akmk0KBU96EeY9rNTfi1jjJmCxFNve0jhMkmGk0PSPZ6THFmSJ0vPLhh9wvd35v8VaJJbRh_Xaef9mSn4iy6q7UJk9kK13e1aZ3ayuV8DT7cHemvIsDMpVhoj2OJgBBGcK1kFggwsFwSYB6lyza7sulLkQ2EewwhJMlu_P-kkln1p2uKGRqV1LcjkzJnDfc7vTR4bwb_RHRRKWOyDwdAQI_t_fZl-Kw_ob95ErcxHyOMCpkrJgfA39vMlw6s3MfMRqeuCV0OdyvWFgRrKeKw7yCs7jdNQvHW-vxLZmqAUg1sBG17If5Xh6296N8udD6yHOfqVm2YHJ4t01ReJgqeZtmdMudZl2pMa-LcE4VQqz9y4whQBf27_Mqz0n37Ne_1heQ0kiWIBZ4URl7XtCz6oybNIMRKiQwarV1oKSwSrVL0gRM5fcSzBzQHWJ4DHoJ442go4Ist4AoJTy-BxX5t9IWmj0ksZiaOvCq6qGdFRgRh70o9aApP_0-v5S4gPKO8kyf1ZXrXfDH1rQy2dd7wma62plslDvE4rk_EILzkbu-TJnpDp1In3K3sacDjauKVypkb9beew1jPYCE7M8UDIqPGfCBgtojn_t5B1L-SN_PJUifdhp__K3OPpCKtKaIkXnyGW5y6KekPTe6xPbvSrpOzUOD6inXGMPZrnCkOQ7XAeoi_j33RWUp0waVowmnpW1nhyt1MByRsAd6WxIbMHi0ytPG64fLYA8jVHbg061U21uRXHzaJhin0cfbwlt3wgPYekZ3ZWVKWOYV2Sv18nhWsS4iCJC0TTAWTSy6MrTZgiORS9lO-OeRxb2szGJLfCsOQHboiX8axytYG-XalrehOSBVE_ns1OIgZJNPSknHffQQx-RJmjpJ1xCxjCAomcqF7Jn4G9Uh2D_HSP--xxMknCU3-MgFgJHO9eZbtY4zKQovPnSXaUG6VxwR_EBVSAfDLQoiWO0MOxih6LGUZv7L94p65YnLt4GVUvyUu09NMEDSNmXCa18qBYQS05C3uZxA8apGmaUyofE-vQubOFVss6nul90upfoHdmdSgN51ILMsFOXihQtkpBNxiDcLwvbIQ2tDvsKP_Z156GUkhWNIfwsPCSatvrT4ZIR4yKDgU4H9FlLewpW3ln3hmrpbN2-p_angVO3Hx1b8IZS4cbH-ITL5WfpCaTv2LNQ2rQ3sUgFjP2evEu1ZL8U3wkm4to3UecFtqw08mAxT_IcXhZ6K_YYDMS3F_YUavXW-lZaxLnHzxyKWwiaGoOo9Yml9Ci_7qbSCZbaAsVFbKngKa8fLE2uwUKb9Dhew_lUtjCyfodFXT9CDVHxqK9NptxKzaSLvrHjQBDNR0UzoWQmatH-wBE7lAQWMZ6EEHwSb5NTrQhOTFesZAX-fvBsk1sOMbY_hitpiMuMl1BRk4W9sI&cid=CAASJORopaCdt-gUekpk-4MSjjHwn5waYaEWiIH3NRwTs9Zy9jXohQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dea8281e09b0019fa007b09d3c83c4adcb3e19cf82c578611305a3bdb0cf548c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33096
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2BFE
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BBfOMAVvwFuwn4fJ49bbCbRV8PUEoXbuw2MyTWHTsUs9Q0JjgVy4iF3TAv7451VAx1z7zrd_aXuWTiv6ykDOeP8EfTo_00i_EauvYC1ceudAb0GfQ
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 2BFE
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:14:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2BFE
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36708
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647862282720048"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Mar 2022 04:06:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 2BFE
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:31:03 GMT
l
www.google.com/ads/measurement/ Frame 2BFE
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS9OJm2BhCr_KtkAMA4QtG2K8udXobHYXNpPsrAzXHxVonxeq0IPVy480tDeOCgOSFN8gWqhLsrAlfvdPWRPcgmoevNRA
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pixel
googleads.g.doubleclick.net/xbbe/ Frame 0353
363 B
228 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARjr_cTDATAB&v=APEucNU94lF5ZvtPx9l0L215lAjyzCJxKhYgunVQDATyxE3tycTWduTVuf9qZQRIsXFWhRa29c9Ahv6STsWI4iBbjhgXTeC84n6LgwVpLr6ff67YCftuC_P5J7ddT-_Trxb9qcmSboygLi4vyRerHYA9yX4MlWzUEoaUbXZr1HfH6VFlvkgij1k
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 22 Mar 2022 04:06:28 GMT
server
cafe
cache-control
private
content-length
206
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 4B5A
77 KB
32 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-H8TOiGLID6dsCDhYcbCYjvuwvLxJInZDqZ559g9Mi6R9AklwfDffDw3rjG3E1IUPnBrDTsmvRD_IKMHEyzJ7LGDlmbXW5OyQETZ0vKGAHrm-v_ezNN4cqMH5zD9Y7th5ACD_aIMAmpDBh8vrPPlZDZ9z5YhNaM_Ulm3nBurpdXOYtk6JCzvkf0CJRj96Faw5KgJo&cry=1&dbm_d=AKAmf-AVz4VUcKGRfwCIpitaEUTsgjs1Q2Jn8sItfw8CXdXmAkPLCK2SormLq2g-boJnIY2RvInZMz1WdNdHJ_Rkc15Ko66RVmQsY5YnPwhSP_s8JP8sOp-B-yjj0pITRjGA6POFhYOEbTe0E16PIKww0_a9POW_M1ye6ABD82GfjHKGqJ6ctnK9XGPFdQ58PxCBUOCnG0yxblxMUKvr1WOCJol2t-AUdGT7-hL1CXD6w7u9KgToD-mFmmUB6xtB1O2TD1zSVBAGgS5-MdM-wun98v1M5Q_FeHcRgdAwS3b89OjpE_lss41mQiVOSyRDIUtUaiZfib8mm_ARtq6WzN6SY8uRZo-r5zHtYW0d3y98FYGXdcwiQmj1ZdUXd6QJGv9eSXHRLs_VBHFoQDPGgVmQOULWdDex4HW7n-tBI2708yMrAcOy_lGanoE87MhyBReJ5PKHDCXES-DQ8BWHQBN0-HWjaidKzYpfNTFDD9KRnXwl9I69gKmpYkgIK5YG9JCfQEHo_tFBBeyW7IHr27LFwq7fo2A_Vrbcow3sFYUrgM05goVHZbDjmVbU-F-_PyCP6_8avQieKR2dQzH061A_bXgwmWEtzzTcF9qc5JKD_pvb63QylV-8KRUqZAfk90hq0TYMMEmzyDARBOAfqjNPDcDFAG-9DusxZ3Kx82bfbRM3aOY022h4lnYM5kH3FAQU_x20iELSZUQ8_Ast6FhfumLHct1vtWZiqN96mT7MxeykXfxAiYIIpBKqdgecRnM3-XR3WQZnTW1lZz96IegKbWxdxLwKJWHWWMHzN4OqLlNgtSxGkCflwMihuqKSSpPDjnz6RbqNetWbOXkLe7TZvxZzR2zaeRoIsjiUmkR1PcA3jKA2PAfhFjNl53cbHbB9U53OlKcpIdbqm2ElsH-VzfMNNjSouc6pfmh9netcEHMy_o9obm_wPB_xvRF9056kxFHva7wKiWILyukJNtP-kzpWaCiZx5TqHqzVL49MhItDardTvzgy8AYlMa-cCkQFFeeMLGleHMNc4tfXiJb7DpMoOdXsJwAvprH0PdyeRxneE7UsKkDZIo0nJcgeGDlo28sZroIe1SMrFkwVLVi7pp9TZjDKVuqOE3Ozu0ZE9aq-9Raey0OS3yW1X6NEt-ou2rWNTHeKihTrIeaKPAd-q-tilJHKmX3C6cXsCGjfmzXbHZdrBYNmSES-OkHjv8YFcRHcJCn0Bw6fD5L2rixDb0BHhQiXcR1ueePOXLN_iRSw7aak2tHUbVS_f4YIXLaYO8kfHEOsat6ZaO_yv5gXi_GFQyg-kNIBoBNhf3kyeJODzwyPsUsj4htTJaxoF68h_g4O1v5okM32te3U5WO9FDatpq6vs_S52s-PzN9xPSWZHw8nJDjOO_tEuqqR6r7K9Z500qUP7W-4KUzrU33JPjy5-gxkQaYLRkSNpt3iSuuNGACrLHCbvPw1JD6dvkRluXiXYFQ36T1Qsoq-lCzXY_SGuLbzcQtm5KHFigHN_DeOrjJjxEOhIeZ0dpyq1FOy_SydQh5yZVZdMndUw8Sn_4r636wMeIYqTDwi0frxRrGOqwJ0OpP461RkIRghDjGqSZm40_kJ5LvlgwWZroWlpl2Mmw6P2GzBjoQdPvcaoUNfRs4qmkHE0U7bAoclacsGbO0us88_tlameIBFUIh_CTqTcd_PkEiCWpfd0kNLaX0bX1aCzE9oUAKwZhsgLzZWDkzX5KV52j554h1PTDr0AUCEmQLYLniYNnQOS2XAN2Q9SKlKtW6jYcjEmL18QCH90mwqK7DJSu_Cm4QF_V-hLCwdOzw25RWldP4wxZCf3udJFGik9cEvMKONkv-cn8yV0eNWjKmihyw5shPum85WteLJsPz_3VW7qRcx5qne7F3L9ps8wTlux7gSoH7kDVI8KwRVz-FKjvlppuSLALHys_4x2VYKbEvCrjs4NV3OJRI9o9DRnL-eyWFMQpzkAHtxEMFm4HwoXKW3LRva5MqVEpZtorGqtAIZdvhyplzRGIrheRn4pSrB9K9JMESQTOKMOhstO0d1Qa3O8MHztSenOUuxtneHMEJCB-Yb0d1NK1RbAV-ybBYy1qV_zF8MNZ9oGW_S0xt0LS2BB7QFWCvMIhIHaONfAgrYATVBnBIlhM_DfwD79-lRzYEJL0oGVMQl5T-m1nXmpIvybMHFhhLraBHlo17oDQrrjco-pkCKN88or1h00xu2sNpHWy50TG5ZUtRtM9c296N1xD2sLwyBA7_MLQyD2NRviYkwrKJN68OaZK9rXH040KSBpw1dAJPIzPdALeK_MnMxn5Qpbk9j05TQBxffu_CEl0scMz2S8VEI8Oa5yFoXXA0aMfbQQQXVE2zKwovbH4iIwTjwXwb5ltsoAoYxmK12JA15_0Pp9_bMeCM9ILRdaEhc3O-JYKYWUU45KJrJHqubWhaYmJ7Q9azrPwe5hsYplnTBanXcnfX0VWdhwLxNlrdrPJT8Mn9lkY4R0vmzAKNJDDAVPoiX6mpEmEYjwAmtFygh8mhMbZQpw60o2UBF5KurkmYcfuEbZEvMYfa3PmqinHV78Hbhu3SwjFtg9DaDjrsCjpdOFgcK2hRnBT-3AXO8CVMxgss2TK_VOuMqrk5ev4zk-1_GoS83SRghWoQQ9GWTn07uc-fkIIVZEfk9AnWf7XW9JvD1SdGM2rtnVjgE34T8ciKAQE4nWFpJ7n0iAGMXDGy5SOTyaXb6ROWub4uSk-5LXVvohdPBKj93cBaeZaYfJzCf5yoQJAcio1W4nX3KX_hCr4roxvZdxp0qQmR9rMC-uvD7FHRIJGpBq7KGNqk6rQBOfBOidm90jL8JNjnCrTp0dqbO_P00q_Uo8mROmRGUVn9MbOqQu53MD24bF0VeKzUPNEMCn0Yg-5tzE4T-mXbIuL_N7VUa5ey4P7ah7FKcxN_jhpkz-2QHqY18i48Bqq6DDQHHCTt4zTex5DWK_yHqzhoxgtT7a-zVqpFdxKxNFPtukqpJ4u-4UPq0ZPKjLebn6_BVw8y9Ri72UtpO_IAR4rkLiu9wjEerM5I_bz5S_liQib-8vaDL03i9uvgeVHpqzXyFNqhZ_vKw2VG6UqEq-S-3S2Ld8q6Z0jJNeZoH4QUPg28DMnW3Xg7SZaHdW_cWOGuCrJZum3owGCK9j-WUNnW_xpP0s7CjJ0u3aQYkrgHOTueWPzSQGKFVMtEhe8SBUB50lImlOcO3tA1xc-euzZSNDnQBzPt0yakzntkdja5Qvjp-5TPO7s5wKhvAbNN3ryFf1XAzHDmwvOxU01jbEz_XEVN-vllso5pPbL_tpmLPFuna-BMZq8c4L-pK6b3k0yJ8sWDGWLP3WFB5w84bx3_zRZ3pGJzGtybMkvSftmFtAiK_SJkS2KEJ5k9alTIrM7x6jpLYMESjuGCFtltxwIEn0J42Z7BlpxK1E9d6b0_deZaIGN6tpW9Ung9VoZ5kOOG-7p5u08LBvmxaXW_aktpg30_j9pM&cid=CAASJORoLau2mXOXfL_-8G6UnaYw5Q-SkkXinLArfqmrSHfnV2trBQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0737ba1f3e19945cfe2cedc4b9b06f815c85a61cfa879023cd084b80547b1d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33055
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B5A
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AgUuHM7s3xEnHoKRRpIMpwkU00cpeoSL4-WSUTLLbKI6bn9GM2zn0eV47ZXIIwfR-rFGDpZLiKAYpE2_-Au7Ctn1LjfaUwUBYsPAg48ICqdli5pl8
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 4B5A
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:14:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B5A
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36708
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647862282720048"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Mar 2022 04:06:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 4B5A
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:31:03 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 060E
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220317&jk=891740072528335&bg=!-Pul-7_NAAba2mK92to7ACkAdvg8Wu4VVciw8H9Vf_cndQD4Q_-p0AVSfNDhPLvcN2gsP-Zg2z-M2gIAAAByUgAAAAJoAQcKAGi-Dy_g6X_fta-57re5ujMi-9oop8pRyuEXMwhWz21CewrDW3am_SZuHWJSGDKTURcpgLOuABZKnyCOsJxg2bkUqJHw8wePmckmwsx6FqEh4bIQ6r1umq1qzmftzS6Hl3a6ZxTwtIAaKpkC4-K6Th30RaDrSrRLsj5nIsX90CRalHcY1fUEa_o5VCLCH_pshQRuaWQL6KuGMccSZLhgOFBn4hAZ-1QSe3PQIBUaeA5vXRaZq1B4KdOXk2wAab6-pN7RRXDVBw_q73UlNkTV0VeBt16z86JKCVnDivBTaaBhrFU_QPdNgXy85okDQVGOfOv1PLB1g19cVE2rUPzMOClVpfWw0Rixst7UTcjCcPfwz6oxJ4OdgPUZSzWPkW8SOpzebi5J_A2L_14PpyOQtgTsHPobszMFQpX0Ty9tUg3nLq3D9tUn7lIRhMmVeOgRCw0rbkTxFDARZvciVQ4FCD3-WeYtLRYjaalqV6zRwePcR39_GO_1tKmpYZAMka4YIvM1I5f98jOUIDjPzSNCVRkHgwlK5J6ADeaDSwOxXIDaqKIIHK5SAwvdFoLvF53GhUPGnRd94SjWoX7ZxV617julj0T6AWPzDCTxvJLVYhGMCzBhOmeqis-vS4hP9mNnM3M9RJiDljyEEvKzY7gqvCRb7DvLFDBsZFpyNAKJnSSXKylHcNBGy3oK5ElFtN2KkA9Dd785OWrGzy5VO6c_Ry-AszD4jodyr4JgxMjG4aKHVz-SRlAcqL4ddbFnX9XahXLhfuArSIIdsqGsBZ6PhESbjJEi564RnwplLzlFxP9qhMje9mPo53lqw8W-A9L6AxArvan38K5aYsDhVTUBiyKT-v2U1y3udkbNjaogvihjRPItbq9jDqDxI5tJn-crq7CwB_UmFJ_gyKXkInUTSbUQH0lGM4ZoEEzZMh1PeMbjmHixL4sCPuHDYvSwIWgEQwum8lfSMEWUFp2caZ6O6un5o7zovS_2pcU58CHLADqWpb23DSCVYG1-SBFMO9kfYACBLQn4YxaxkgHUtjJUcxx8-8o_34fpt88PXF8eBrHphVPSL8I5Oxlv1_f1_YZXr_ZfpovPkrvWne6Ebco2gRuwLkWzB7Ez7d8BoWtxeb8
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 81CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO03qDG0F0_LGbze2Bl52ro&google_cver=1
43 B
114 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO03qDG0F0_LGbze2Bl52ro&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiC_aO-ATAB&v=APEucNWbvfbLAvHz8-EhdSFB12xTf8BxPlZ62G8slvBHU_ETu2XvXvkLpYxV3gUeicZtFERqfBifXB4d2RhTfA6yvCuKlgkAPpSePeaOOjUuarjx6N0PKst451v2kKYe2oQdhdjbcaWFXBahSEA5DSgNE4GD31CG9khMigfrURep9Ija1yvElg0
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
via
1.1 google
server
OXGW/17.2.1
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEO03qDG0F0_LGbze2Bl52ro&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 81CE
43 B
305 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiC_aO-ATAB&v=APEucNWbvfbLAvHz8-EhdSFB12xTf8BxPlZ62G8slvBHU_ETu2XvXvkLpYxV3gUeicZtFERqfBifXB4d2RhTfA6yvCuKlgkAPpSePeaOOjUuarjx6N0PKst451v2kKYe2oQdhdjbcaWFXBahSEA5DSgNE4GD31CG9khMigfrURep9Ija1yvElg0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.2.1 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
server
OXGW/17.2.1
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 81CE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEKEen8mvFeHUqXSgWOlMKb0&google_cver=1
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEKEen8mvFeHUqXSgWOlMKb0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiC_aO-ATAB&v=APEucNWbvfbLAvHz8-EhdSFB12xTf8BxPlZ62G8slvBHU_ETu2XvXvkLpYxV3gUeicZtFERqfBifXB4d2RhTfA6yvCuKlgkAPpSePeaOOjUuarjx6N0PKst451v2kKYe2oQdhdjbcaWFXBahSEA5DSgNE4GD31CG9khMigfrURep9Ija1yvElg0
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 22 Mar 2022 04:06:28 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEKEen8mvFeHUqXSgWOlMKb0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 81CE
23 B
172 B
Image
General
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARiC_aO-ATAB&v=APEucNWbvfbLAvHz8-EhdSFB12xTf8BxPlZ62G8slvBHU_ETu2XvXvkLpYxV3gUeicZtFERqfBifXB4d2RhTfA6yvCuKlgkAPpSePeaOOjUuarjx6N0PKst451v2kKYe2oQdhdjbcaWFXBahSEA5DSgNE4GD31CG9khMigfrURep9Ija1yvElg0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 22 Mar 2022 04:06:28 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0047
398 B
280 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARiZ6sXDATAB&v=APEucNXQGuLcSOa9rcV1kMrV1EN5dgsXYlu0ovZAKG-xRTiilfamhjDT-meRkv2c7JM5h4pCZl5vKDvdSDTbOjsy_dK2iNNTIs37CPNp2YmzdY9OZHIEhN1-yVvp2i1BZ6IVZg_VvL42eBhCkkAq0nFA1-VaiCvqARxcijMjDMhWF069oswuuTs
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 22 Mar 2022 04:06:28 GMT
server
cafe
cache-control
private
content-length
258
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame FA33
77 KB
32 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGhn6XteN9RPefI2rIej-aAJPtC0qUqhUvnvOugUD92vT6NwNC5A_Md5Ps_Dw3CdfpaZZiNp1ht_wCGzv_IosB4q9uNi0rRMA-BTyEnyH1LXZCFEqwdh-jFfz3OG2Z3hDyITnDFycxNTPXxO8RrNe5YWkvtrZsJ522zz2hbHGPUxJCB64NRfNihx8ha8sBo8FVXzYg&cry=1&dbm_d=AKAmf-BvVPKxnewCNvrTEkfUSU4XCGe7L3SSJucSmUgEQFi_LANNT9tvWTtvJjRh0HGXaCncxOixNEPPKF-hzc51n8NHjBYwRaGFvhyAWHd55itlF20dqtFsGXBcjQ_qz0PI-ZeaRKNof1g-fGJEB0rAtgi9LTpB6wQVn6dVl4KKEgRkHE3pNrBRvlsvrzf7SvEMyX1iu_eZ7Zz4cPZz8i16A64chL8ISrA6DjS47X0wFDA_gy-vw_tOEYzGMqmy_Et9eQ1jxhlNjBvIQTU_rrOJOlzdamRJ_5euN2ZaFXYfA7U_ocJqw3xqgUyemaBKeFJDhKo7BzmCYcUQiUnabCBCbM17AD3IUqFuUhDRqZakkGOEfwQOji-mPWXZ2OqkP0_tMdzieeIfilSlhr4LxsT1ypmgZPnc152vPYxFj8PgsIy97KDe3ji4OcQkZEw_mgF6JdpsVmKK_WSqj4YScJfBR16Kbw4uwGSsQ99MEjAxGxoxCVH4QRn78SRwcFBvVTgD1mNPKlmrMgPn6bPKP8I-38Q-6BYklB80sMQz-Uh9TEMlx6WGG6sMmjcAGF-8953vCKusWo23eYaRfPGRD8T6CQRim1l5OBkofrblwIwiFPPGc4KzdqhFtQj-juG8TYh-YHexYRgpKvWvwPgG14cpJpoZrLqJUzMOKN2waMSyS6dFuABcqmwAhRqYszbM_fV2SECd4jH815wV3zwp_FO5kP3jvKo9d7TI6fNLq7JCLHRKBuq-Q41i8PLK0MSC_MJ4yYe7kZv42_CQhJj-KdY5KCMePM9uqfI29M9o5sUDrdJ1H-J_6RIabhIlYJcZJzuwF43uW9h2nyMXxoAuL14-q2SaFHWtJkEnn9k7utFtwcgZuW78nUwFxykfxeTwG-7nIA3gr3A_e9OmcQLYRnt8doSJUzhzl-pQElekRgG96I_xVWNHKHVwSpuATWVOxcsqMSvEY7nIpb0H1bRtGd9W2c4x-DJfDOruks4jganO8qNgWvHW12spX36ZBzdGpaAebchz3PCy2kv69n_BYrWnJ-7Fy7IJ66KwwOKuHHsRNpb8rPrbN5Za-nd2RJdjih4apWUk6yBHVGWkS4po9I1xyD-pckHteASkwJzR0tJEDWntMO0hocPxAkOiLbemIuGK-fxjt0vvhOtSLmsxW7Uv-FSClwT2VblHhe27QkuQ34C1skTlIXtsRqhdmfbLs3vevufV-ebMgAUxi_g8kx_KeJuwLFMWfxdQBMu6zg7PxlULOBCqhOvvQl2DnqIKnfwgtgNZp6viJJED3QQg4NZkNcMgXuZK_znCqRc9RoJgiWFz8No1WCQbI1uYqlvTh17wG4bnX2xO8VJNItg-qJ3ZraG2Cx4P7tdvGqSnIGIWnXvQF3Tt_r5A7T1pZ0NWOjeFshNvcMetMXYJAPYmKMMWsxpCL3g3e18wR1Qaw_vKLN8buuzw-rOecusMJFzDLpil2Eth4qEVX38oAIoG09vZ8Fp-hVUUWubGqpqdimlPYVXVipCWBRTJfRMtiz_jelcy4RYV534ifvFJ5NcQ_TQ2elUlzxT6Mg2FM5wgtFkjkCvDmfx3KYNmeR1Lc2R0OkR-ny5ZYYqeZHFhNC5Lym1L3cDGQAYpy70xbgBNQkUOKkT6-5s1yzEcKM0Q_l7BlvrqSuGCPrmmmNslpZIR_htFjTfShKa6607iWKuC2lHFXyC94ZDsNvVcK3S-7IgbY16I_oq1gJ-Z1qT7RYjFb39AGENCDMyPS3eIn-l-iv6ZQbjKlqYd4OkGgjKkpq6LgnmADYTCI9QUEJDnh9qpauM-xrsAF4KhAfdRNHJrJipFnQOj7Xe_D8UxuSb-fdKscE9kTE2ZzFUhr72bgI_I3QM1tV4Lhdo0LsrzvmHFhyxYfpZkoF2zG0gtquKi2ovcJF8SY0vJ4diwGG8Z8WJXOEntZGuEsXu4NgLdHRSSg_vlg4B4sgsYNumbhTkR_UnUuAgHeBMC_kDo_1XcRVbLz7WHGWNHGynsnw8oHEobNDnVgdLc3Z3CXTFtNFHNE3vPxY1Xl-D-Gee7rG2tM7f4Lc9rjdrBQOtLje_wS74YH92jDPEAcj_s1Rj55WhJVGT5bfxQ1m8tvhXA0tpij8zggJEXfIKFWvy4SrwKwq2lrTwtCdg4tgueG1SYy-MbmcWTOPc2BBndKEL9HK7WnfkcrNZJZpD9xi_kv0ei2IfoUchJg-D1aI94TA-NsDdFRan-dvB5WoWJVk0m7ZwY7ncSUj-EpkQSivDwQGwqV1xOYjPwoD_dzI5ktutbrl5S4J1VD0h6h-kEKYTX4jSVO56iZrM-ki6xtUh5cFtRVWUocCk2qbOk7NCg0zISzkBeCwX8tPZvrHbPf-fYtKcNRDpdtCGamm_e1JpazRKHIi95jN-nvvyQ2_nflLVWWqijj2O07BlCdrTXnguJ3E795PcQlWL6drlfxWZoQGjPXd-UF7MI_CR3IuLnq9zw2n5wo_pk9oNWrPAEPl1BrErRoyNKTjVd7fuqUdvSk4qTvTo_FjS4yiqrONbloAxiGDjci8jmzeHwVrlQPOu1Cjlx28ly6uJSbyGOXJhfluPBU7wq1zDsuqGhUftAylaaBpquc1rk3lej-h7yt3Qr2NCRBmUI-AlbLATuMBr-zDXqIKG4mkae7YlWQsz5iJ41ownRWY6B3I9zgpNl0lkLf-HwRxA9zrb1MkmsO4goljXT9whaehOb71W8daXatkXAiCErxceZMOO8VDpB90VWMlvwvtSZsmO4Ar0u3d4JgwRuWUTiYx64RplpuUtrdcckqNXgaaE3qW1x3v0hCWMwUDwZ9gyLIf7At9gP9D8X2rNe9i_Pg7B-gb2C0Wt5Jts44h366JTvH-deVWKY6hATvPyFgLFOvxJnzUINozg-p-s02iPRkJC4n-PXcf26phFqIYpU5zq0l3AlV0Q6y70twOUPkKv-YIY9hGExvyudfDpqMJrtbyzHuyLXJ80aCcU8KSaybNTzUdaAzzLuHA_FdenM8RKV8hW7exIJyyow1gnKNdlYxNVoleUV1RVfHp8G6gFqalcM3QDHMGX4N0QVokKaP-KSAkoRFDtOzyc8HSLY8-s3gb8xrfGq0imXKjt0dV3-KzPGkzbmxEb4YpbfzMyk7dmOuUwtiHF6-fgweNHnYEj1KULWUBwN4liPkmuCiQuh3P4GAyUH5xKSrmq3muD2UbcoenDFpceax3r0FzojTYXtVZUkyhyLZDNr_NPzYKMet4W0klWdER1yfdDocP5RRefGn7Hd7OasiLFgbaUtySFifyQwxWPz3aWYLnl85xhd-muwrsQOGfajusWlAav-rcmdkHh-L6StN5aecA6mwCSjVzJytlzHAnE3ntb_9VhWIn-0A_9acUMeuLYRtTRybAOqFU4rrulo1oI4V6p6X3VvjzfK2X5M02aMBIcqFWDKgct0oj777NhcbxzqkbEYyZ0E6PPzVVdCD8hf9hCzTHggicsGvx1NzfWoDlVwC_Nikyzg5oj590IesLLV&cid=CAASJORosiDvql-fuy0kpZr_RXWdl9dqg6M2FeEuS4Eb8nZAolafiQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5926909d5b2393897dacf20cc276aed0163eb4ed60cb79a6b5c5e892e53e4792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32999
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame FA33
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B_fykYBLdOu_vBlyt1n7F-6KG32yEeTFsYXqLIxgO-olgT7mVC3uh5Blh7aE4QqIpYCe179s0I6BWcQX1NPviPykM-btSzIrtFJHvrW1bhqQi9AsI
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame FA33
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:14:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3090
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:14:58 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame FA33
118 KB
36 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36708
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1647862282720048"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Mar 2022 04:06:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame FA33
15 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:31:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:31:03 GMT
l
www.google.com/ads/measurement/ Frame FA33
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTMbNLzjTPlWPhtoOprubCIdEcyTeCK3sqWJMaHvYIEPlnjB0dJ65zMp9Cr1P9Pgg2cib9U3cZJ3S9htueY1RyWIc4J-A
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8E9B
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 07:28:30 GMT
expires
Fri, 17 Mar 2023 07:28:30 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
419878
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 2200
169 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
Origin
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 09:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 09:59:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/elements/html/ Frame 2200
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2jdQ9C7nLMxVgJBEK1ayFtwDYli4PX1hpf119zIetcy53AbRgP2NX_m41f2yPq44kDrgVwJz0dOFDnPUa1gyjDY02_44SGsGh7ZZO9PCZl1ejv_LyXnJYbFr86hFDv7CTwSklLUo-ppIWosyRAfoaQlAtHQ&dbm_d=AKAmf-BLze5-IlhwUrHFkM6EEjbGh6q2jKs_pYXbFmRNnkPPoEwIeUXELWCr7yc3MjMWFfIcxof1hTz49hHXCW1h_rakDV4BQmHJ0FPy6Ie9z99XmbzILvO2E4ANNr8K6OLIr5EZoLgYjZRARXavUD3w24BtVx9K43B4wIKGi0JzPn0St5Z-NsbbEe6tjkehqhs59DNtmLqmWo5-Dbj2AwosFv6XpHsW7eeHvD0Cr-UMPefScfoUdyTzfS6zMY1Zk4o1KsIDmIl-p0mGRsmm3YqA784vgNwuLsVOo8kw88vwmgUFZDlAeIut5J2iJjFTwTDJUTr5rm-WPOSkKxQ4V2zXdmdXyYsgVeUWosF5hwETJKFV3sTEHWOMvMJJllQ4P4W_YV36ucgdYuW853hJOy3s0cvV_wj7569TsGNFqRE0Xh639Thfiu4NqpLGphGPG54RCcjFJjK_9Mm1fZ0uFyPCe0plxRHP75xQKDF9sm38IewXhvzzHgZySCb2XcXLNWw3rr_ThvwWtZrtSy9U52mfEdFYNm9pYrynyzJFJ2-gvy68Zl1hxWlkC5bAVlsULB8mHJMA1sxpu6skVIo_KwxxzB02IXoVoDPzqLGx_8AtbEJnCNlRcHLqEy8RkavCSNNpwQ00EhUTpP_LAk1C5T9RfQFiYZHct8Tj7p-6rJHKPfz9_HUuyjA5EXgKcxzoyC-7pBwp4hNJFOCnjxhPBtoIB8lNFK9-rouWhZrLokGjQHNdwqszv0X7ewUsMtl8Av3KPfgjhY-ahaQmkSo3A9f62gHC2TZ8yN13KLASi-cp3Cso92OqftjVq9XvwIvobtc3dgt4_i_N-o_SZZi_GRv5_xSTxXSSy0yCXii2yrYRor6phitE-2wCVNAvmJf5EBsp4KeN5Eqfopu-CY9U3J4rsWUESRdiX4fMBnoVnk1z-1oW5baNgWcOMI7ur0dB-MGFrkLDeHp0yU9aBttc_46f0U_WgG5mGpK9HAsdO-osbry5ARuUIfiv3kNjlOLMyeWxZITxqAg9qfhqWz_mEl7y8p92fkM4sfaLatTSQTibwc49nmJma_CN9cTZNAngY9q7IP_WnBS2zclAexGYnDa0nWlq9E6MMCZf9XsId376teq18iPfcRYWen5N63ShLN6nsO1ccJUEaQJMOCxMZ4RrqtuezMt-4P0WMn8KACkp10RqhoQpO-i7Yb9v3nD0L7PnKAJieogKfEC6AS9aio2wESYZ1WnwsIi5qVc5NMfBuOTT-tbmsPXWrm91LWNAYVaK81hOgvvbkoodZBToMfgQQVRy8z_t3sZPIziV8rvmIfc7fsj-TWeFbtuqHjcHCSg79ck9RhEW5Y-qqF7thpGutWbwQ3lBhhyptNUpru6h4D5Z6FkiuPdil-FvLTh4JksgDnkfaGbAOmuka5GPRmxNXZx2izcHm10cj2m_hveLd4lPNl0oZ0BMywt_0gGm8idEEWQUKZ8ckJ6gMlsHBWRjx-prbyLoKQFQCSDFMLQUHfoDwwWQCSDfo3NY070R9TdZKErrtxy-zaOjhfUsJ2NnL--fnREqojGdhq79ks_t2dI1n8S9GwBy4z0-w-WJQ-UyKDtzGi0zhq_PSCIEX7THiLi8VpDqMOuz0mSNDP60nq8EeYKaky4zaDFosYqkzfVicWZY454qLGfD6apzGtLB8UAMjVOTPz52WDz-XSKHO-K0ep_RoconJoqQQoqXi2qdrtF8Vr7je7vQsrubSnJXAXxTaTqnElG84du-LO6B8kXYumqaH5wzfyazgz4CmoJ_FG2dDpozNQ9NQyRoM5AkZJ5l8opYf1SOiRI96M8bVcmRFDgPK3hFZa7QUbFRKlp_de-ApsOg84ZSxXEnybJyOcmQrk8OWO7OuCtN9918QDpRQKZxUg7lFy_cI0z1X2a48nahUAMtVyCqi-0HxvnR_qwc-1sZMKFef18XwUiDH-lKRv6IoXcWJF-t-1WvJvkn5NVUFPQhFSk2AMzqv0Bvgv2Um6l--ASJXctLKDiFBsKBQTIfYf6-9i4atS3IEYas8tkfW4hWlyI14UMKbqmQdoNlEyqCHBuuPd8ZCnGss1phVZK8wULKY60gADfk140uBoQT-PHJIzcNdExg_S9kE89Jb3TJA7xYgh3IJ4qalKXVZ-TU0mFVVqG0KTUxHeIz29xDbHX5I5EWUrcaPOGr62d-LC4cVlyPebnMyv0STM7OjFb721yaBPFWzMRfB8LpQUug4qR05Te70XF1J9Z-Jll2G0ioLofZzpPxLuvfyIZZSmxqKiV-PLbbc6asQmvpXBZ2crjC-1cf3c7_4n6PuZwvs1ahCdDKW7wzFq63KiYGZuGs7X44RCXwSonDyVuaatvftOUarmCagFUZH6L_aG4iXWJLMj0UHALibBtVbRfCen9o7affYdMSRn-U_WxJlhMP260-EZMBicn2RAk2PxZw9UA3ttddSEHh_0nr_NCfbyRxbDfYVKFPMJUsT5HEtOpFZIW4wjNRFnNYscFnEqQdR_gSdYBqRXOo7Xd9a3fEzj7kK5AfOjTOjeIpLA47IQtcbkHkhB9uQ5xKv9U0pbZLTvRKzeCA8ZLCPp2ZzD5KPp3cNOdaHaq-UoTYgKgFbHe8SBVAuOnmHaAZDyEnKQ3BYNy0EGcjHpKzkw1BCnNkiLw0-FRQL4WOAfvDi-HagQb1hV25PS4skSc0qR5y5F0CEHVqpOdchstLBXboQS4eAOE3nVWRbprSk3wP4IOMy5K9n7XlVWEr985g2oHFdifo3KyzJbYIgt6FgKnJNCuGHQBtjdXhAmiC_zg2xmlr5sfCAGehCZgvUUSZyRNYw18D0Ti2jHDLQ4v-sxl3EIVL9168Gt-RmvpIzor0PnmM-BaAcXm-sHjmzC7bRvo2D4cZ-lbQLPYlsWCRhVstG8d2ZL9ceE4NZydcIFHs1tUVftWv8m2r5rtf2p50gm5JZPfVSHaMYXg3Z7xzfs3ekFaytTl7BFQMWUzF2WytZfAOulD9NR_7dpQ2ej1k1lVfBUKLP89Hs0b5DqD7Njoky30RrBaOoKIPI755w0bqe5KfEDeSGnMVin_H-4V5_ED6Lc4TIYJt0_vhpi46ns0VMpl46VFvCvAUA5y6Iz0Ye1tPgozmolZ5S0uWNw4Su7d8KTcuBES08VYDYURP-N-wGfQS__rvQGJvBBPuclEil6NNDkVYkWk2&cid=CAASJORoJlsYyto8i8qlwO1WGiZWl0ND09KpWk9jRZUzxpLh-lTQLw&rfl=2%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:53:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/ Frame 2200
25 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2jdQ9C7nLMxVgJBEK1ayFtwDYli4PX1hpf119zIetcy53AbRgP2NX_m41f2yPq44kDrgVwJz0dOFDnPUa1gyjDY02_44SGsGh7ZZO9PCZl1ejv_LyXnJYbFr86hFDv7CTwSklLUo-ppIWosyRAfoaQlAtHQ&dbm_d=AKAmf-BLze5-IlhwUrHFkM6EEjbGh6q2jKs_pYXbFmRNnkPPoEwIeUXELWCr7yc3MjMWFfIcxof1hTz49hHXCW1h_rakDV4BQmHJ0FPy6Ie9z99XmbzILvO2E4ANNr8K6OLIr5EZoLgYjZRARXavUD3w24BtVx9K43B4wIKGi0JzPn0St5Z-NsbbEe6tjkehqhs59DNtmLqmWo5-Dbj2AwosFv6XpHsW7eeHvD0Cr-UMPefScfoUdyTzfS6zMY1Zk4o1KsIDmIl-p0mGRsmm3YqA784vgNwuLsVOo8kw88vwmgUFZDlAeIut5J2iJjFTwTDJUTr5rm-WPOSkKxQ4V2zXdmdXyYsgVeUWosF5hwETJKFV3sTEHWOMvMJJllQ4P4W_YV36ucgdYuW853hJOy3s0cvV_wj7569TsGNFqRE0Xh639Thfiu4NqpLGphGPG54RCcjFJjK_9Mm1fZ0uFyPCe0plxRHP75xQKDF9sm38IewXhvzzHgZySCb2XcXLNWw3rr_ThvwWtZrtSy9U52mfEdFYNm9pYrynyzJFJ2-gvy68Zl1hxWlkC5bAVlsULB8mHJMA1sxpu6skVIo_KwxxzB02IXoVoDPzqLGx_8AtbEJnCNlRcHLqEy8RkavCSNNpwQ00EhUTpP_LAk1C5T9RfQFiYZHct8Tj7p-6rJHKPfz9_HUuyjA5EXgKcxzoyC-7pBwp4hNJFOCnjxhPBtoIB8lNFK9-rouWhZrLokGjQHNdwqszv0X7ewUsMtl8Av3KPfgjhY-ahaQmkSo3A9f62gHC2TZ8yN13KLASi-cp3Cso92OqftjVq9XvwIvobtc3dgt4_i_N-o_SZZi_GRv5_xSTxXSSy0yCXii2yrYRor6phitE-2wCVNAvmJf5EBsp4KeN5Eqfopu-CY9U3J4rsWUESRdiX4fMBnoVnk1z-1oW5baNgWcOMI7ur0dB-MGFrkLDeHp0yU9aBttc_46f0U_WgG5mGpK9HAsdO-osbry5ARuUIfiv3kNjlOLMyeWxZITxqAg9qfhqWz_mEl7y8p92fkM4sfaLatTSQTibwc49nmJma_CN9cTZNAngY9q7IP_WnBS2zclAexGYnDa0nWlq9E6MMCZf9XsId376teq18iPfcRYWen5N63ShLN6nsO1ccJUEaQJMOCxMZ4RrqtuezMt-4P0WMn8KACkp10RqhoQpO-i7Yb9v3nD0L7PnKAJieogKfEC6AS9aio2wESYZ1WnwsIi5qVc5NMfBuOTT-tbmsPXWrm91LWNAYVaK81hOgvvbkoodZBToMfgQQVRy8z_t3sZPIziV8rvmIfc7fsj-TWeFbtuqHjcHCSg79ck9RhEW5Y-qqF7thpGutWbwQ3lBhhyptNUpru6h4D5Z6FkiuPdil-FvLTh4JksgDnkfaGbAOmuka5GPRmxNXZx2izcHm10cj2m_hveLd4lPNl0oZ0BMywt_0gGm8idEEWQUKZ8ckJ6gMlsHBWRjx-prbyLoKQFQCSDFMLQUHfoDwwWQCSDfo3NY070R9TdZKErrtxy-zaOjhfUsJ2NnL--fnREqojGdhq79ks_t2dI1n8S9GwBy4z0-w-WJQ-UyKDtzGi0zhq_PSCIEX7THiLi8VpDqMOuz0mSNDP60nq8EeYKaky4zaDFosYqkzfVicWZY454qLGfD6apzGtLB8UAMjVOTPz52WDz-XSKHO-K0ep_RoconJoqQQoqXi2qdrtF8Vr7je7vQsrubSnJXAXxTaTqnElG84du-LO6B8kXYumqaH5wzfyazgz4CmoJ_FG2dDpozNQ9NQyRoM5AkZJ5l8opYf1SOiRI96M8bVcmRFDgPK3hFZa7QUbFRKlp_de-ApsOg84ZSxXEnybJyOcmQrk8OWO7OuCtN9918QDpRQKZxUg7lFy_cI0z1X2a48nahUAMtVyCqi-0HxvnR_qwc-1sZMKFef18XwUiDH-lKRv6IoXcWJF-t-1WvJvkn5NVUFPQhFSk2AMzqv0Bvgv2Um6l--ASJXctLKDiFBsKBQTIfYf6-9i4atS3IEYas8tkfW4hWlyI14UMKbqmQdoNlEyqCHBuuPd8ZCnGss1phVZK8wULKY60gADfk140uBoQT-PHJIzcNdExg_S9kE89Jb3TJA7xYgh3IJ4qalKXVZ-TU0mFVVqG0KTUxHeIz29xDbHX5I5EWUrcaPOGr62d-LC4cVlyPebnMyv0STM7OjFb721yaBPFWzMRfB8LpQUug4qR05Te70XF1J9Z-Jll2G0ioLofZzpPxLuvfyIZZSmxqKiV-PLbbc6asQmvpXBZ2crjC-1cf3c7_4n6PuZwvs1ahCdDKW7wzFq63KiYGZuGs7X44RCXwSonDyVuaatvftOUarmCagFUZH6L_aG4iXWJLMj0UHALibBtVbRfCen9o7affYdMSRn-U_WxJlhMP260-EZMBicn2RAk2PxZw9UA3ttddSEHh_0nr_NCfbyRxbDfYVKFPMJUsT5HEtOpFZIW4wjNRFnNYscFnEqQdR_gSdYBqRXOo7Xd9a3fEzj7kK5AfOjTOjeIpLA47IQtcbkHkhB9uQ5xKv9U0pbZLTvRKzeCA8ZLCPp2ZzD5KPp3cNOdaHaq-UoTYgKgFbHe8SBVAuOnmHaAZDyEnKQ3BYNy0EGcjHpKzkw1BCnNkiLw0-FRQL4WOAfvDi-HagQb1hV25PS4skSc0qR5y5F0CEHVqpOdchstLBXboQS4eAOE3nVWRbprSk3wP4IOMy5K9n7XlVWEr985g2oHFdifo3KyzJbYIgt6FgKnJNCuGHQBtjdXhAmiC_zg2xmlr5sfCAGehCZgvUUSZyRNYw18D0Ti2jHDLQ4v-sxl3EIVL9168Gt-RmvpIzor0PnmM-BaAcXm-sHjmzC7bRvo2D4cZ-lbQLPYlsWCRhVstG8d2ZL9ceE4NZydcIFHs1tUVftWv8m2r5rtf2p50gm5JZPfVSHaMYXg3Z7xzfs3ekFaytTl7BFQMWUzF2WytZfAOulD9NR_7dpQ2ej1k1lVfBUKLP89Hs0b5DqD7Njoky30RrBaOoKIPI755w0bqe5KfEDeSGnMVin_H-4V5_ED6Lc4TIYJt0_vhpi46ns0VMpl46VFvCvAUA5y6Iz0Ye1tPgozmolZ5S0uWNw4Su7d8KTcuBES08VYDYURP-N-wGfQS__rvQGJvBBPuclEil6NNDkVYkWk2&cid=CAASJORoJlsYyto8i8qlwO1WGiZWl0ND09KpWk9jRZUzxpLh-lTQLw&rfl=2%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 04:03:26 GMT
pixel
cm.g.doubleclick.net/ Frame 7B1D
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBdTekdK8l6JZQVHAfBH0iE&google_cver=1&google_push=AYg5qPLgwXm3TDYdAV3Ve2fonb09VahPg0Rn5KV7sjF6x0d9Hm5V7_TIzF...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLgwXm3TDYdAV3Ve2fonb09VahPg0Rn5KV7sjF6x0d9Hm5V7_TIzFT_OmYClu7i0ON49leoRGhfcRJdynsrncVM4zRreQk&google_hm=0Ud45bkYiwOBH...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLgwXm3TDYdAV3Ve2fonb09VahPg0Rn5KV7sjF6x0d9Hm5V7_TIzFT_OmYClu7i0ON49leoRGhfcRJdynsrncVM4zRreQk&google_hm=0Ud45bkYiwOBH6jV11gJcQ
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPLgwXm3TDYdAV3Ve2fonb09VahPg0Rn5KV7sjF6x0d9Hm5V7_TIzFT_OmYClu7i0ON49leoRGhfcRJdynsrncVM4zRreQk&google_hm=0Ud45bkYiwOBH6jV11gJcQ
pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7B1D
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEIPjcoMjwGx2KOBTC1-P7lg&google_cver=1&google_push=AYg5qPJL2ZGGS143n-Jw3T3B5LDsMO_OkUVXtu_3CcgxuZxJ1kJJ8FhO-BP37cQSF-nfRPF10JH64Sics936lxB8B33rUfNyUwE
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D749FB212B4044B7AAEBB4EBCFE1789E&google_push=AYg5qPJL2ZGGS143n-Jw3T3B5LDsMO_OkUVXtu_3CcgxuZxJ1kJJ8FhO-BP37cQSF-nfRPF10JH64Sics936lxB...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D749FB212B4044B7AAEBB4EBCFE1789E&google_push=AYg5qPJL2ZGGS143n-Jw3T3B5LDsMO_OkUVXtu_3CcgxuZxJ1kJJ8FhO-BP37cQSF-nfRPF10JH64Sics936lxB8B33rUfNyUwE
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 22 Mar 2022 04:06:28 GMT
x-content-type-options
nosniff
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D749FB212B4044B7AAEBB4EBCFE1789E&google_push=AYg5qPJL2ZGGS143n-Jw3T3B5LDsMO_OkUVXtu_3CcgxuZxJ1kJJ8FhO-BP37cQSF-nfRPF10JH64Sics936lxB8B33rUfNyUwE
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Mon, 21 Mar 2022 04:06:28 GMT
pixel
cm.g.doubleclick.net/ Frame 7B1D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEC0J6CloqozcTneeyVRUBBI&google_cver=1&google_push=AYg5qPL7wiYPH9VKbGQhsc1Q0HsZC0__DiSyTvwC1OmnwjlDO9FZFJXPqqlDAwpvb6kiTY4Yj99UzXU7mco4x-Jw1Qjb...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL7wiYPH9VKbGQhsc1Q0HsZC0__DiSyTvwC1OmnwjlDO9FZFJXPqqlDAwpvb6kiTY4Yj99UzXU7mco4x-Jw1QjbhpJ76u0&google_hm=1Gtrve0IQnmfzjtoYdJPJA==
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL7wiYPH9VKbGQhsc1Q0HsZC0__DiSyTvwC1OmnwjlDO9FZFJXPqqlDAwpvb6kiTY4Yj99UzXU7mco4x-Jw1QjbhpJ76u0&google_hm=1Gtrve0IQnmfzjtoYdJPJA==
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPL7wiYPH9VKbGQhsc1Q0HsZC0__DiSyTvwC1OmnwjlDO9FZFJXPqqlDAwpvb6kiTY4Yj99UzXU7mco4x-Jw1QjbhpJ76u0&google_hm=1Gtrve0IQnmfzjtoYdJPJA==
Date
Tue, 22 Mar 2022 04:06:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7B1D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHxMZPb0d5HAEExK9ORb6Pc&google_cver=1&google_push=AYg5qPLgB3h4lBtIjtM0e5XHXgezcWUuOvHm-IhvEmV9BpNydW-3OpHwdAjWgPcYgD7m70mbocokjAoTpAbndTYbBzWsl750JA
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLgB3h4lBtIjtM0e5XHXgezcWUuOvHm-IhvEmV9BpNydW-3OpHwdAjWgPcYgD7m70mbocokjAoTpAbndTYbBzWsl750JA&google_hm=MjQ1NTE5ODMxNDc4NzI1OTU5...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLgB3h4lBtIjtM0e5XHXgezcWUuOvHm-IhvEmV9BpNydW-3OpHwdAjWgPcYgD7m70mbocokjAoTpAbndTYbBzWsl750JA&google_hm=MjQ1NTE5ODMxNDc4NzI1OTU5Mg%3D%3D
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 22 Mar 2022 04:06:28 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLgB3h4lBtIjtM0e5XHXgezcWUuOvHm-IhvEmV9BpNydW-3OpHwdAjWgPcYgD7m70mbocokjAoTpAbndTYbBzWsl750JA&google_hm=MjQ1NTE5ODMxNDc4NzI1OTU5Mg%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame 7B1D
Redirect Chain
  • https://google-sync.rutarget.ru/sync?google_gid=CAESEO55-Bs_hqYCqQZV73odUec&google_cver=1&google_push=AYg5qPJzlBbAFTPoEnDXD3Y6ePfj-yqkyHcQKx_RWzC0ldCy58aAybyB-evy4uoKNF1K-Bh0f5JqpF8Cigi5qfHXmkQ3ryj...
  • https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=R3cxVDBKUWtyanZC&google_ula=2046794&google_push=AYg5qPJzlBbAFTPoEnDXD3Y6ePfj-yqkyHcQKx_RWzC0ldCy58aAybyB-evy4uoKNF1K-Bh0f5JqpF8Cig...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=R3cxVDBKUWtyanZC&google_ula=2046794&google_push=AYg5qPJzlBbAFTPoEnDXD3Y6ePfj-yqkyHcQKx_RWzC0ldCy58aAybyB-evy4uoKNF1K-Bh0f5JqpF8Cigi5qfHXmkQ3ryjE_xo
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=R3cxVDBKUWtyanZC&google_ula=2046794&google_push=AYg5qPJzlBbAFTPoEnDXD3Y6ePfj-yqkyHcQKx_RWzC0ldCy58aAybyB-evy4uoKNF1K-Bh0f5JqpF8Cigi5qfHXmkQ3ryjE_xo
date
Tue, 22 Mar 2022 04:06:28 GMT
server
nginx
content-length
0
p3p
CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."
pixel
cm.g.doubleclick.net/ Frame 7B1D
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEMqpy2xDiXRiihviBMcPeM&google_cver=1&google_push=AYg5qPKtCNTrbtl1KGVL527KrC9e16PlNIq4PdQ1b157aO5rJG7Hhj4TnPAwho-5MO8BwTL0xBTVWXSnxyJGvIF-...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKtCNTrbtl1KGVL527KrC9e16PlNIq4PdQ1b157aO5rJG7Hhj4TnPAwho-5MO8BwTL0xBTVWXSnxyJGvIF-_qdS54_IoPE
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKtCNTrbtl1KGVL527KrC9e16PlNIq4PdQ1b157aO5rJG7Hhj4TnPAwho-5MO8BwTL0xBTVWXSnxyJGvIF-_qdS54_IoPE
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 22 Mar 2022 04:06:28 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKtCNTrbtl1KGVL527KrC9e16PlNIq4PdQ1b157aO5rJG7Hhj4TnPAwho-5MO8BwTL0xBTVWXSnxyJGvIF-_qdS54_IoPE
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
QRfPLqP3UTrMDNulf04T_-RGyBbCBYcCdykczgjSKcaO1xWnC-b1Jg==
sync
ssbsync.smartadserver.com/api/ Frame 7B1D
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENtLk0wY3QdzIphjbmCFbY4&google_cver=1&google_push=AYg5qPID24wNjwgaP1lCXfLFnJqoldRM0Aj4vOLsNzN0YycqEMZUhyQGoTFlyPHj4EIqJWlIo3w735rU219fIqDIMCHxxkJAvHI
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 7B1D
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JjKHk32dJM2zm0-up__RAZOo6UBXlEZQMJWokjrzE0AjSEwhn3t4IQx-t2bLzF-IGyqBRs
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
partner
sync.search.spotxchange.com/ Frame 481B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMRwaThRnV-uuF_w2DhiaLU&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMRwaThRnV-uuF_w2DhiaLU&google_cver=1&__user_check__=1&sync_id=7306eb5c-a995-11ec-9a68-1ab0ad8d0306
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEMRwaThRnV-uuF_w2DhiaLU&google_cver=1&__user_check__=1&sync_id=7306eb5c-a995-11ec-9a68-1ab0ad8d0306
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDOx8HMAhjyx9fAATAB&v=APEucNW3gKpBlDuuN4Kee4mCfTFYVjWlXoI5btovmsFYnbBlnIEk9ChNQoTbos2CF1sG8qDxopqIgERzKav1nZIN5-26rPpTQoYPRiU6Alv8vEec77myPNFjoD4Csk2BRVCqLj9ToHkJvdm0rBXALdozRoSVlyvoYkvwKasgKqjcC1QeKsK5Vh7KI6RfT9dUxIjlkgPoIKVM
Protocol
HTTP/1.1
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:28 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
92
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 22 Mar 2022 04:06:28 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEMRwaThRnV-uuF_w2DhiaLU&google_cver=1&__user_check__=1&sync_id=7306eb5c-a995-11ec-9a68-1ab0ad8d0306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
105
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 481B
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzJmYjk1NzItYTk5NS0xMWVjLTkwZDMtMTlkYTg3YmYwMTA2
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzJmYjk1NzItYTk5NS0xMWVjLTkwZDMtMTlkYTg3YmYwMTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDOx8HMAhjyx9fAATAB&v=APEucNW3gKpBlDuuN4Kee4mCfTFYVjWlXoI5btovmsFYnbBlnIEk9ChNQoTbos2CF1sG8qDxopqIgERzKav1nZIN5-26rPpTQoYPRiU6Alv8vEec77myPNFjoD4Csk2BRVCqLj9ToHkJvdm0rBXALdozRoSVlyvoYkvwKasgKqjcC1QeKsK5Vh7KI6RfT9dUxIjlkgPoIKVM
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 22 Mar 2022 04:06:28 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NzJmYjk1NzItYTk5NS0xMWVjLTkwZDMtMTlkYTg3YmYwMTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
57
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame 481B
0
194 B
Image
General
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COD5IRDOx8HMAhjyx9fAATAB&v=APEucNW3gKpBlDuuN4Kee4mCfTFYVjWlXoI5btovmsFYnbBlnIEk9ChNQoTbos2CF1sG8qDxopqIgERzKav1nZIN5-26rPpTQoYPRiU6Alv8vEec77myPNFjoD4Csk2BRVCqLj9ToHkJvdm0rBXALdozRoSVlyvoYkvwKasgKqjcC1QeKsK5Vh7KI6RfT9dUxIjlkgPoIKVM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
sync
ups.analytics.yahoo.com/ups/55946/ Frame 0353
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEFVGszpqcoEQYwfdV1Xqm0w&_origin=1&google_cver=1
  • https://pixel.advertising.com/ups/55946/sync?uid=CAESEFVGszpqcoEQYwfdV1Xqm0w&_origin=1&google_cver=1&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEFVGszpqcoEQYwfdV1Xqm0w&_origin=1&google_cver=1&apid=UP72fbf976-a995-11ec-aeb6-0254fab0062e
0
133 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEFVGszpqcoEQYwfdV1Xqm0w&_origin=1&google_cver=1&apid=UP72fbf976-a995-11ec-aeb6-0254fab0062e
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARjr_cTDATAB&v=APEucNU94lF5ZvtPx9l0L215lAjyzCJxKhYgunVQDATyxE3tycTWduTVuf9qZQRIsXFWhRa29c9Ahv6STsWI4iBbjhgXTeC84n6LgwVpLr6ff67YCftuC_P5J7ddT-_Trxb9qcmSboygLi4vyRerHYA9yX4MlWzUEoaUbXZr1HfH6VFlvkgij1k
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55946/sync?uid=CAESEFVGszpqcoEQYwfdV1Xqm0w&_origin=1&google_cver=1&apid=UP72fbf976-a995-11ec-aeb6-0254fab0062e
date
Tue, 22 Mar 2022 04:06:28 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 0353
Redirect Chain
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
  • https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/55946/sync?_origin=1&redir=true&apid=UP72fbf976-a995-11ec-aeb6-0254fab0062e
  • https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA3MmZiZjk3Ni1hOTk1LTExZWMtYWViNi0wMjU0ZmFiMDA2MmU%3D
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA3MmZiZjk3Ni1hOTk1LTExZWMtYWViNi0wMjU0ZmFiMDA2MmU%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARjr_cTDATAB&v=APEucNU94lF5ZvtPx9l0L215lAjyzCJxKhYgunVQDATyxE3tycTWduTVuf9qZQRIsXFWhRa29c9Ahv6STsWI4iBbjhgXTeC84n6LgwVpLr6ff67YCftuC_P5J7ddT-_Trxb9qcmSboygLi4vyRerHYA9yX4MlWzUEoaUbXZr1HfH6VFlvkgij1k
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_hm=VVA3MmZiZjk3Ni1hOTk1LTExZWMtYWViNi0wMjU0ZmFiMDA2MmU%3D
date
Tue, 22 Mar 2022 04:06:28 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 0353
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
  • https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1sSHRJV3k1RTJ1SHhGWkhQRENIeWg5cHY0NXVkTWRFeH5B
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1sSHRJV3k1RTJ1SHhGWkhQRENIeWg5cHY0NXVkTWRFeH5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARjr_cTDATAB&v=APEucNU94lF5ZvtPx9l0L215lAjyzCJxKhYgunVQDATyxE3tycTWduTVuf9qZQRIsXFWhRa29c9Ahv6STsWI4iBbjhgXTeC84n6LgwVpLr6ff67YCftuC_P5J7ddT-_Trxb9qcmSboygLi4vyRerHYA9yX4MlWzUEoaUbXZr1HfH6VFlvkgij1k
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1sSHRJV3k1RTJ1SHhGWkhQRENIeWg5cHY0NXVkTWRFeH5B
date
Tue, 22 Mar 2022 04:06:28 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2200
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 07:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 07:28:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D404
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 21 Mar 2022 13:26:12 GMT
expires
Tue, 22 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
52816
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2200
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ec8edc24a0345085f6254993b33757f537d439f8cae8e0398a4640329cb97a21

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 2BFE
106 KB
37 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
Origin
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 14:28:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49055
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37892
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 14:28:53 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/elements/html/ Frame 2BFE
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAmtlmYcN6npF4z_F2O0pxmeGRZsG0CMG7_LrO1fjPgMWDr1No3S4fnZQIfO08gKcFC_Z0Fqf1v7opKL3NqOPVOlfg4NvfPctxdieNgwngrfU8pZAOWNKDxoJ8dtxFhJG8G1UOTZxA-Z1Mvhdmsy1DBIHjMA&dbm_d=AKAmf-At27LCQBoR7bw_S2jFBGg95AMt3QaUWMhlPwM5ioa6Ttb1qz3Zma8qnOOWW0NFh2EsFoaKgYSJstAF_KkzunAupxOIQ8frPQOCdY7WHv2z8-PFWOXmKy_7PQzSYlCaTFBlxOSNX1gJb3AMV3dR7pfptPRRnKiT1PJRllzPAt38L9YZwDUXgZACOVyzsgeStArzE-HWyDEsDXy5xtdMHVRp4e7Gy7a3zoIL0m-jaRK4tVWKlry9T5Wdpdim6OOSXqz6O5KPHiDiGnZ_pctQ1_4vSOyyEe7yaeFd_iEDPGHTbe4vBhNDiZmnKU72z21dMtOio_xTHilFwF2vFTERQJekT8atMMXdDnrOwuVPMzIcidC59qBKeudo7getssIqRZ00v7UkLXFuRceNBNz8EUQVjLAxPOJsFsqXtBOCwCH4BKhdxzFLqEg6JAWzcuSF_MBotpgf2zHhYT3VoO0numMcsPU6dAnM2r9-J1FTcFJ7klQQ7_20tBefndAnM44f45EIefAIE4892Jei4vnRuQNIHb5y7CpjjGCKWPl3mEOqJMmKLJM7UNHedkTh06Hiy5yJj0DfO4Ki82O_GqcgVMD1Zzf2I9iH1ZBi3-h97gYHAy24vVg2_3vgNY2O7gbqQbg6wrQoZTeFvbuKTqgK-bcKfoJF9W4FoqmW1OcvO1mj_Zeum7cuHIrDhARAOmXOjQ3sbCSNEHsbabCpTdt7iOWekQyHa5lNFKFztHrq-WDy2qQxy2Ho3H6YddZlnToD6SpXtT7K2iU-jfqIeIx6DkOTbWQUZc4XOwG8wNkr30darf_31hm7GF84sIJaocnkLqwxOwOzCJBbunNdIzwMKWnqmKz16XhPSMkVg2qhorCIR_Rj_sYhHaQ5QgRNckAX5y0z3Jj0Yp_4mvFuc0BroOg8lcvxa4yAC9t82QztkG2cusBMduag_DBbBz97OcbS9MblsduAqMcd6S4HyiMCnW0SUOQhp5JFQUZCSTFbt8CsJc8mjYYqdqQiR3O3ioH8l69n3csscVAIthrfozB7g_ruJDtgbbIxoqy75TLSDP65PVjNCkhWzIcC6nvJ0DUTctfZpSKDn9DC1Pikm3e6DkOocaZjC4dg7PRxjg65BRpV0yCi4IGghOxgiWoyGF9dG2fNkCm6x3wNJ4qd3E216jTpwgCkAvcYmLFZWSz5xM_7Mry-_qVDRKWRe_PQYxcB_iqLujhlmyXjQmqjXpUqHd2KARlb0MCf-PQFYtdjlvSNM94DP0kH_ge_zD54TOiAvyi9l2hDPiOiReDTJ7rC4-I25gdna03Eq_wkcLn5UVbFW0Nzp3oV39jQvqTUeZqIevizk68LzZNtfnATLEc7OCtqCL6bdCEXyIsjQi6Lt9Dx6r9Kg6vWygortDf4aomrxwnLU6reGeCz2UTnu9Yoo-M6yijKJbN4sHDu7VFhtUW-JElKh0uuWEJBAI24apiMBrZcywR4KkwbrjfknvyrwttNimMJf8V-t-448t__XDFRzwzinj82ZePfdzSSehZTnzeji1aIc2YY5WQOwWIl6XqIV7TZ3FYqMX4OCHMjsxUxPY1vaUEJhws9-gsq69qwUmkUo6ie4QGJ-bWzeNDBv7E3wmppYaWwTKRKyrTAiFt06yDqJuDH6d8rfefA6j8D76770wnRYK6Wjjt3xk4Frq74cR3r-lApXq0aFIqqd7gm8HoYAqcoVqSoT-hw-v9ifdG6ZIN0rAGXLLHgfeNIGRU4IN5PBLAGg30DloOaqTATvwWsmVP9mjGqBerPcdzFZG_gw3k9Ej8lWtzqzILU6kOER9osGOb6owE8un9qvYQWVLZla6H1V7cgxn9Eif_6f-7ZtmSnI8060-e3IMmI3Q0ZDYr9VB3kbCeZwE6oMTSo75kivu_Tiv8EyBc_dZti_0p4CuNilBk61oF5QaEQ1MG5vtHD896Akmk0KBU96EeY9rNTfi1jjJmCxFNve0jhMkmGk0PSPZ6THFmSJ0vPLhh9wvd35v8VaJJbRh_Xaef9mSn4iy6q7UJk9kK13e1aZ3ayuV8DT7cHemvIsDMpVhoj2OJgBBGcK1kFggwsFwSYB6lyza7sulLkQ2EewwhJMlu_P-kkln1p2uKGRqV1LcjkzJnDfc7vTR4bwb_RHRRKWOyDwdAQI_t_fZl-Kw_ob95ErcxHyOMCpkrJgfA39vMlw6s3MfMRqeuCV0OdyvWFgRrKeKw7yCs7jdNQvHW-vxLZmqAUg1sBG17If5Xh6296N8udD6yHOfqVm2YHJ4t01ReJgqeZtmdMudZl2pMa-LcE4VQqz9y4whQBf27_Mqz0n37Ne_1heQ0kiWIBZ4URl7XtCz6oybNIMRKiQwarV1oKSwSrVL0gRM5fcSzBzQHWJ4DHoJ442go4Ist4AoJTy-BxX5t9IWmj0ksZiaOvCq6qGdFRgRh70o9aApP_0-v5S4gPKO8kyf1ZXrXfDH1rQy2dd7wma62plslDvE4rk_EILzkbu-TJnpDp1In3K3sacDjauKVypkb9beew1jPYCE7M8UDIqPGfCBgtojn_t5B1L-SN_PJUifdhp__K3OPpCKtKaIkXnyGW5y6KekPTe6xPbvSrpOzUOD6inXGMPZrnCkOQ7XAeoi_j33RWUp0waVowmnpW1nhyt1MByRsAd6WxIbMHi0ytPG64fLYA8jVHbg061U21uRXHzaJhin0cfbwlt3wgPYekZ3ZWVKWOYV2Sv18nhWsS4iCJC0TTAWTSy6MrTZgiORS9lO-OeRxb2szGJLfCsOQHboiX8axytYG-XalrehOSBVE_ns1OIgZJNPSknHffQQx-RJmjpJ1xCxjCAomcqF7Jn4G9Uh2D_HSP--xxMknCU3-MgFgJHO9eZbtY4zKQovPnSXaUG6VxwR_EBVSAfDLQoiWO0MOxih6LGUZv7L94p65YnLt4GVUvyUu09NMEDSNmXCa18qBYQS05C3uZxA8apGmaUyofE-vQubOFVss6nul90upfoHdmdSgN51ILMsFOXihQtkpBNxiDcLwvbIQ2tDvsKP_Z156GUkhWNIfwsPCSatvrT4ZIR4yKDgU4H9FlLewpW3ln3hmrpbN2-p_angVO3Hx1b8IZS4cbH-ITL5WfpCaTv2LNQ2rQ3sUgFjP2evEu1ZL8U3wkm4to3UecFtqw08mAxT_IcXhZ6K_YYDMS3F_YUavXW-lZaxLnHzxyKWwiaGoOo9Yml9Ci_7qbSCZbaAsVFbKngKa8fLE2uwUKb9Dhew_lUtjCyfodFXT9CDVHxqK9NptxKzaSLvrHjQBDNR0UzoWQmatH-wBE7lAQWMZ6EEHwSb5NTrQhOTFesZAX-fvBsk1sOMbY_hitpiMuMl1BRk4W9sI&cid=CAASJORopaCdt-gUekpk-4MSjjHwn5waYaEWiIH3NRwTs9Zy9jXohQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:53:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/ Frame 2BFE
25 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CAmtlmYcN6npF4z_F2O0pxmeGRZsG0CMG7_LrO1fjPgMWDr1No3S4fnZQIfO08gKcFC_Z0Fqf1v7opKL3NqOPVOlfg4NvfPctxdieNgwngrfU8pZAOWNKDxoJ8dtxFhJG8G1UOTZxA-Z1Mvhdmsy1DBIHjMA&dbm_d=AKAmf-At27LCQBoR7bw_S2jFBGg95AMt3QaUWMhlPwM5ioa6Ttb1qz3Zma8qnOOWW0NFh2EsFoaKgYSJstAF_KkzunAupxOIQ8frPQOCdY7WHv2z8-PFWOXmKy_7PQzSYlCaTFBlxOSNX1gJb3AMV3dR7pfptPRRnKiT1PJRllzPAt38L9YZwDUXgZACOVyzsgeStArzE-HWyDEsDXy5xtdMHVRp4e7Gy7a3zoIL0m-jaRK4tVWKlry9T5Wdpdim6OOSXqz6O5KPHiDiGnZ_pctQ1_4vSOyyEe7yaeFd_iEDPGHTbe4vBhNDiZmnKU72z21dMtOio_xTHilFwF2vFTERQJekT8atMMXdDnrOwuVPMzIcidC59qBKeudo7getssIqRZ00v7UkLXFuRceNBNz8EUQVjLAxPOJsFsqXtBOCwCH4BKhdxzFLqEg6JAWzcuSF_MBotpgf2zHhYT3VoO0numMcsPU6dAnM2r9-J1FTcFJ7klQQ7_20tBefndAnM44f45EIefAIE4892Jei4vnRuQNIHb5y7CpjjGCKWPl3mEOqJMmKLJM7UNHedkTh06Hiy5yJj0DfO4Ki82O_GqcgVMD1Zzf2I9iH1ZBi3-h97gYHAy24vVg2_3vgNY2O7gbqQbg6wrQoZTeFvbuKTqgK-bcKfoJF9W4FoqmW1OcvO1mj_Zeum7cuHIrDhARAOmXOjQ3sbCSNEHsbabCpTdt7iOWekQyHa5lNFKFztHrq-WDy2qQxy2Ho3H6YddZlnToD6SpXtT7K2iU-jfqIeIx6DkOTbWQUZc4XOwG8wNkr30darf_31hm7GF84sIJaocnkLqwxOwOzCJBbunNdIzwMKWnqmKz16XhPSMkVg2qhorCIR_Rj_sYhHaQ5QgRNckAX5y0z3Jj0Yp_4mvFuc0BroOg8lcvxa4yAC9t82QztkG2cusBMduag_DBbBz97OcbS9MblsduAqMcd6S4HyiMCnW0SUOQhp5JFQUZCSTFbt8CsJc8mjYYqdqQiR3O3ioH8l69n3csscVAIthrfozB7g_ruJDtgbbIxoqy75TLSDP65PVjNCkhWzIcC6nvJ0DUTctfZpSKDn9DC1Pikm3e6DkOocaZjC4dg7PRxjg65BRpV0yCi4IGghOxgiWoyGF9dG2fNkCm6x3wNJ4qd3E216jTpwgCkAvcYmLFZWSz5xM_7Mry-_qVDRKWRe_PQYxcB_iqLujhlmyXjQmqjXpUqHd2KARlb0MCf-PQFYtdjlvSNM94DP0kH_ge_zD54TOiAvyi9l2hDPiOiReDTJ7rC4-I25gdna03Eq_wkcLn5UVbFW0Nzp3oV39jQvqTUeZqIevizk68LzZNtfnATLEc7OCtqCL6bdCEXyIsjQi6Lt9Dx6r9Kg6vWygortDf4aomrxwnLU6reGeCz2UTnu9Yoo-M6yijKJbN4sHDu7VFhtUW-JElKh0uuWEJBAI24apiMBrZcywR4KkwbrjfknvyrwttNimMJf8V-t-448t__XDFRzwzinj82ZePfdzSSehZTnzeji1aIc2YY5WQOwWIl6XqIV7TZ3FYqMX4OCHMjsxUxPY1vaUEJhws9-gsq69qwUmkUo6ie4QGJ-bWzeNDBv7E3wmppYaWwTKRKyrTAiFt06yDqJuDH6d8rfefA6j8D76770wnRYK6Wjjt3xk4Frq74cR3r-lApXq0aFIqqd7gm8HoYAqcoVqSoT-hw-v9ifdG6ZIN0rAGXLLHgfeNIGRU4IN5PBLAGg30DloOaqTATvwWsmVP9mjGqBerPcdzFZG_gw3k9Ej8lWtzqzILU6kOER9osGOb6owE8un9qvYQWVLZla6H1V7cgxn9Eif_6f-7ZtmSnI8060-e3IMmI3Q0ZDYr9VB3kbCeZwE6oMTSo75kivu_Tiv8EyBc_dZti_0p4CuNilBk61oF5QaEQ1MG5vtHD896Akmk0KBU96EeY9rNTfi1jjJmCxFNve0jhMkmGk0PSPZ6THFmSJ0vPLhh9wvd35v8VaJJbRh_Xaef9mSn4iy6q7UJk9kK13e1aZ3ayuV8DT7cHemvIsDMpVhoj2OJgBBGcK1kFggwsFwSYB6lyza7sulLkQ2EewwhJMlu_P-kkln1p2uKGRqV1LcjkzJnDfc7vTR4bwb_RHRRKWOyDwdAQI_t_fZl-Kw_ob95ErcxHyOMCpkrJgfA39vMlw6s3MfMRqeuCV0OdyvWFgRrKeKw7yCs7jdNQvHW-vxLZmqAUg1sBG17If5Xh6296N8udD6yHOfqVm2YHJ4t01ReJgqeZtmdMudZl2pMa-LcE4VQqz9y4whQBf27_Mqz0n37Ne_1heQ0kiWIBZ4URl7XtCz6oybNIMRKiQwarV1oKSwSrVL0gRM5fcSzBzQHWJ4DHoJ442go4Ist4AoJTy-BxX5t9IWmj0ksZiaOvCq6qGdFRgRh70o9aApP_0-v5S4gPKO8kyf1ZXrXfDH1rQy2dd7wma62plslDvE4rk_EILzkbu-TJnpDp1In3K3sacDjauKVypkb9beew1jPYCE7M8UDIqPGfCBgtojn_t5B1L-SN_PJUifdhp__K3OPpCKtKaIkXnyGW5y6KekPTe6xPbvSrpOzUOD6inXGMPZrnCkOQ7XAeoi_j33RWUp0waVowmnpW1nhyt1MByRsAd6WxIbMHi0ytPG64fLYA8jVHbg061U21uRXHzaJhin0cfbwlt3wgPYekZ3ZWVKWOYV2Sv18nhWsS4iCJC0TTAWTSy6MrTZgiORS9lO-OeRxb2szGJLfCsOQHboiX8axytYG-XalrehOSBVE_ns1OIgZJNPSknHffQQx-RJmjpJ1xCxjCAomcqF7Jn4G9Uh2D_HSP--xxMknCU3-MgFgJHO9eZbtY4zKQovPnSXaUG6VxwR_EBVSAfDLQoiWO0MOxih6LGUZv7L94p65YnLt4GVUvyUu09NMEDSNmXCa18qBYQS05C3uZxA8apGmaUyofE-vQubOFVss6nul90upfoHdmdSgN51ILMsFOXihQtkpBNxiDcLwvbIQ2tDvsKP_Z156GUkhWNIfwsPCSatvrT4ZIR4yKDgU4H9FlLewpW3ln3hmrpbN2-p_angVO3Hx1b8IZS4cbH-ITL5WfpCaTv2LNQ2rQ3sUgFjP2evEu1ZL8U3wkm4to3UecFtqw08mAxT_IcXhZ6K_YYDMS3F_YUavXW-lZaxLnHzxyKWwiaGoOo9Yml9Ci_7qbSCZbaAsVFbKngKa8fLE2uwUKb9Dhew_lUtjCyfodFXT9CDVHxqK9NptxKzaSLvrHjQBDNR0UzoWQmatH-wBE7lAQWMZ6EEHwSb5NTrQhOTFesZAX-fvBsk1sOMbY_hitpiMuMl1BRk4W9sI&cid=CAASJORopaCdt-gUekpk-4MSjjHwn5waYaEWiIH3NRwTs9Zy9jXohQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 04:03:26 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 0047
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_dbm
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEE_wqCeSxDZYkYrNn4zDLr8&google_cver=1
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEE_wqCeSxDZYkYrNn4zDLr8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARiZ6sXDATAB&v=APEucNXQGuLcSOa9rcV1kMrV1EN5dgsXYlu0ovZAKG-xRTiilfamhjDT-meRkv2c7JM5h4pCZl5vKDvdSDTbOjsy_dK2iNNTIs37CPNp2YmzdY9OZHIEhN1-yVvp2i1BZ6IVZg_VvL42eBhCkkAq0nFA1-VaiCvqARxcijMjDMhWF069oswuuTs
Protocol
HTTP/1.1
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
transfer-encoding
chunked
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEE_wqCeSxDZYkYrNn4zDLr8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
316
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 0047
43 B
163 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=GOOGLE_HOSTED_PI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_hm%3DSMART_USER_ID_B64
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxD8qIj9ARiZ6sXDATAB&v=APEucNXQGuLcSOa9rcV1kMrV1EN5dgsXYlu0ovZAKG-xRTiilfamhjDT-meRkv2c7JM5h4pCZl5vKDvdSDTbOjsy_dK2iNNTIs37CPNp2YmzdY9OZHIEhN1-yVvp2i1BZ6IVZg_VvL42eBhCkkAq0nFA1-VaiCvqARxcijMjDMhWF069oswuuTs
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.110 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:27 GMT
transfer-encoding
chunked
content-type
image/gif
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame 4B5A
169 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
Origin
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 09:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 09:59:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/elements/html/ Frame 4B5A
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-H8TOiGLID6dsCDhYcbCYjvuwvLxJInZDqZ559g9Mi6R9AklwfDffDw3rjG3E1IUPnBrDTsmvRD_IKMHEyzJ7LGDlmbXW5OyQETZ0vKGAHrm-v_ezNN4cqMH5zD9Y7th5ACD_aIMAmpDBh8vrPPlZDZ9z5YhNaM_Ulm3nBurpdXOYtk6JCzvkf0CJRj96Faw5KgJo&cry=1&dbm_d=AKAmf-AVz4VUcKGRfwCIpitaEUTsgjs1Q2Jn8sItfw8CXdXmAkPLCK2SormLq2g-boJnIY2RvInZMz1WdNdHJ_Rkc15Ko66RVmQsY5YnPwhSP_s8JP8sOp-B-yjj0pITRjGA6POFhYOEbTe0E16PIKww0_a9POW_M1ye6ABD82GfjHKGqJ6ctnK9XGPFdQ58PxCBUOCnG0yxblxMUKvr1WOCJol2t-AUdGT7-hL1CXD6w7u9KgToD-mFmmUB6xtB1O2TD1zSVBAGgS5-MdM-wun98v1M5Q_FeHcRgdAwS3b89OjpE_lss41mQiVOSyRDIUtUaiZfib8mm_ARtq6WzN6SY8uRZo-r5zHtYW0d3y98FYGXdcwiQmj1ZdUXd6QJGv9eSXHRLs_VBHFoQDPGgVmQOULWdDex4HW7n-tBI2708yMrAcOy_lGanoE87MhyBReJ5PKHDCXES-DQ8BWHQBN0-HWjaidKzYpfNTFDD9KRnXwl9I69gKmpYkgIK5YG9JCfQEHo_tFBBeyW7IHr27LFwq7fo2A_Vrbcow3sFYUrgM05goVHZbDjmVbU-F-_PyCP6_8avQieKR2dQzH061A_bXgwmWEtzzTcF9qc5JKD_pvb63QylV-8KRUqZAfk90hq0TYMMEmzyDARBOAfqjNPDcDFAG-9DusxZ3Kx82bfbRM3aOY022h4lnYM5kH3FAQU_x20iELSZUQ8_Ast6FhfumLHct1vtWZiqN96mT7MxeykXfxAiYIIpBKqdgecRnM3-XR3WQZnTW1lZz96IegKbWxdxLwKJWHWWMHzN4OqLlNgtSxGkCflwMihuqKSSpPDjnz6RbqNetWbOXkLe7TZvxZzR2zaeRoIsjiUmkR1PcA3jKA2PAfhFjNl53cbHbB9U53OlKcpIdbqm2ElsH-VzfMNNjSouc6pfmh9netcEHMy_o9obm_wPB_xvRF9056kxFHva7wKiWILyukJNtP-kzpWaCiZx5TqHqzVL49MhItDardTvzgy8AYlMa-cCkQFFeeMLGleHMNc4tfXiJb7DpMoOdXsJwAvprH0PdyeRxneE7UsKkDZIo0nJcgeGDlo28sZroIe1SMrFkwVLVi7pp9TZjDKVuqOE3Ozu0ZE9aq-9Raey0OS3yW1X6NEt-ou2rWNTHeKihTrIeaKPAd-q-tilJHKmX3C6cXsCGjfmzXbHZdrBYNmSES-OkHjv8YFcRHcJCn0Bw6fD5L2rixDb0BHhQiXcR1ueePOXLN_iRSw7aak2tHUbVS_f4YIXLaYO8kfHEOsat6ZaO_yv5gXi_GFQyg-kNIBoBNhf3kyeJODzwyPsUsj4htTJaxoF68h_g4O1v5okM32te3U5WO9FDatpq6vs_S52s-PzN9xPSWZHw8nJDjOO_tEuqqR6r7K9Z500qUP7W-4KUzrU33JPjy5-gxkQaYLRkSNpt3iSuuNGACrLHCbvPw1JD6dvkRluXiXYFQ36T1Qsoq-lCzXY_SGuLbzcQtm5KHFigHN_DeOrjJjxEOhIeZ0dpyq1FOy_SydQh5yZVZdMndUw8Sn_4r636wMeIYqTDwi0frxRrGOqwJ0OpP461RkIRghDjGqSZm40_kJ5LvlgwWZroWlpl2Mmw6P2GzBjoQdPvcaoUNfRs4qmkHE0U7bAoclacsGbO0us88_tlameIBFUIh_CTqTcd_PkEiCWpfd0kNLaX0bX1aCzE9oUAKwZhsgLzZWDkzX5KV52j554h1PTDr0AUCEmQLYLniYNnQOS2XAN2Q9SKlKtW6jYcjEmL18QCH90mwqK7DJSu_Cm4QF_V-hLCwdOzw25RWldP4wxZCf3udJFGik9cEvMKONkv-cn8yV0eNWjKmihyw5shPum85WteLJsPz_3VW7qRcx5qne7F3L9ps8wTlux7gSoH7kDVI8KwRVz-FKjvlppuSLALHys_4x2VYKbEvCrjs4NV3OJRI9o9DRnL-eyWFMQpzkAHtxEMFm4HwoXKW3LRva5MqVEpZtorGqtAIZdvhyplzRGIrheRn4pSrB9K9JMESQTOKMOhstO0d1Qa3O8MHztSenOUuxtneHMEJCB-Yb0d1NK1RbAV-ybBYy1qV_zF8MNZ9oGW_S0xt0LS2BB7QFWCvMIhIHaONfAgrYATVBnBIlhM_DfwD79-lRzYEJL0oGVMQl5T-m1nXmpIvybMHFhhLraBHlo17oDQrrjco-pkCKN88or1h00xu2sNpHWy50TG5ZUtRtM9c296N1xD2sLwyBA7_MLQyD2NRviYkwrKJN68OaZK9rXH040KSBpw1dAJPIzPdALeK_MnMxn5Qpbk9j05TQBxffu_CEl0scMz2S8VEI8Oa5yFoXXA0aMfbQQQXVE2zKwovbH4iIwTjwXwb5ltsoAoYxmK12JA15_0Pp9_bMeCM9ILRdaEhc3O-JYKYWUU45KJrJHqubWhaYmJ7Q9azrPwe5hsYplnTBanXcnfX0VWdhwLxNlrdrPJT8Mn9lkY4R0vmzAKNJDDAVPoiX6mpEmEYjwAmtFygh8mhMbZQpw60o2UBF5KurkmYcfuEbZEvMYfa3PmqinHV78Hbhu3SwjFtg9DaDjrsCjpdOFgcK2hRnBT-3AXO8CVMxgss2TK_VOuMqrk5ev4zk-1_GoS83SRghWoQQ9GWTn07uc-fkIIVZEfk9AnWf7XW9JvD1SdGM2rtnVjgE34T8ciKAQE4nWFpJ7n0iAGMXDGy5SOTyaXb6ROWub4uSk-5LXVvohdPBKj93cBaeZaYfJzCf5yoQJAcio1W4nX3KX_hCr4roxvZdxp0qQmR9rMC-uvD7FHRIJGpBq7KGNqk6rQBOfBOidm90jL8JNjnCrTp0dqbO_P00q_Uo8mROmRGUVn9MbOqQu53MD24bF0VeKzUPNEMCn0Yg-5tzE4T-mXbIuL_N7VUa5ey4P7ah7FKcxN_jhpkz-2QHqY18i48Bqq6DDQHHCTt4zTex5DWK_yHqzhoxgtT7a-zVqpFdxKxNFPtukqpJ4u-4UPq0ZPKjLebn6_BVw8y9Ri72UtpO_IAR4rkLiu9wjEerM5I_bz5S_liQib-8vaDL03i9uvgeVHpqzXyFNqhZ_vKw2VG6UqEq-S-3S2Ld8q6Z0jJNeZoH4QUPg28DMnW3Xg7SZaHdW_cWOGuCrJZum3owGCK9j-WUNnW_xpP0s7CjJ0u3aQYkrgHOTueWPzSQGKFVMtEhe8SBUB50lImlOcO3tA1xc-euzZSNDnQBzPt0yakzntkdja5Qvjp-5TPO7s5wKhvAbNN3ryFf1XAzHDmwvOxU01jbEz_XEVN-vllso5pPbL_tpmLPFuna-BMZq8c4L-pK6b3k0yJ8sWDGWLP3WFB5w84bx3_zRZ3pGJzGtybMkvSftmFtAiK_SJkS2KEJ5k9alTIrM7x6jpLYMESjuGCFtltxwIEn0J42Z7BlpxK1E9d6b0_deZaIGN6tpW9Ung9VoZ5kOOG-7p5u08LBvmxaXW_aktpg30_j9pM&cid=CAASJORoLau2mXOXfL_-8G6UnaYw5Q-SkkXinLArfqmrSHfnV2trBQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:53:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/ Frame 4B5A
25 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-H8TOiGLID6dsCDhYcbCYjvuwvLxJInZDqZ559g9Mi6R9AklwfDffDw3rjG3E1IUPnBrDTsmvRD_IKMHEyzJ7LGDlmbXW5OyQETZ0vKGAHrm-v_ezNN4cqMH5zD9Y7th5ACD_aIMAmpDBh8vrPPlZDZ9z5YhNaM_Ulm3nBurpdXOYtk6JCzvkf0CJRj96Faw5KgJo&cry=1&dbm_d=AKAmf-AVz4VUcKGRfwCIpitaEUTsgjs1Q2Jn8sItfw8CXdXmAkPLCK2SormLq2g-boJnIY2RvInZMz1WdNdHJ_Rkc15Ko66RVmQsY5YnPwhSP_s8JP8sOp-B-yjj0pITRjGA6POFhYOEbTe0E16PIKww0_a9POW_M1ye6ABD82GfjHKGqJ6ctnK9XGPFdQ58PxCBUOCnG0yxblxMUKvr1WOCJol2t-AUdGT7-hL1CXD6w7u9KgToD-mFmmUB6xtB1O2TD1zSVBAGgS5-MdM-wun98v1M5Q_FeHcRgdAwS3b89OjpE_lss41mQiVOSyRDIUtUaiZfib8mm_ARtq6WzN6SY8uRZo-r5zHtYW0d3y98FYGXdcwiQmj1ZdUXd6QJGv9eSXHRLs_VBHFoQDPGgVmQOULWdDex4HW7n-tBI2708yMrAcOy_lGanoE87MhyBReJ5PKHDCXES-DQ8BWHQBN0-HWjaidKzYpfNTFDD9KRnXwl9I69gKmpYkgIK5YG9JCfQEHo_tFBBeyW7IHr27LFwq7fo2A_Vrbcow3sFYUrgM05goVHZbDjmVbU-F-_PyCP6_8avQieKR2dQzH061A_bXgwmWEtzzTcF9qc5JKD_pvb63QylV-8KRUqZAfk90hq0TYMMEmzyDARBOAfqjNPDcDFAG-9DusxZ3Kx82bfbRM3aOY022h4lnYM5kH3FAQU_x20iELSZUQ8_Ast6FhfumLHct1vtWZiqN96mT7MxeykXfxAiYIIpBKqdgecRnM3-XR3WQZnTW1lZz96IegKbWxdxLwKJWHWWMHzN4OqLlNgtSxGkCflwMihuqKSSpPDjnz6RbqNetWbOXkLe7TZvxZzR2zaeRoIsjiUmkR1PcA3jKA2PAfhFjNl53cbHbB9U53OlKcpIdbqm2ElsH-VzfMNNjSouc6pfmh9netcEHMy_o9obm_wPB_xvRF9056kxFHva7wKiWILyukJNtP-kzpWaCiZx5TqHqzVL49MhItDardTvzgy8AYlMa-cCkQFFeeMLGleHMNc4tfXiJb7DpMoOdXsJwAvprH0PdyeRxneE7UsKkDZIo0nJcgeGDlo28sZroIe1SMrFkwVLVi7pp9TZjDKVuqOE3Ozu0ZE9aq-9Raey0OS3yW1X6NEt-ou2rWNTHeKihTrIeaKPAd-q-tilJHKmX3C6cXsCGjfmzXbHZdrBYNmSES-OkHjv8YFcRHcJCn0Bw6fD5L2rixDb0BHhQiXcR1ueePOXLN_iRSw7aak2tHUbVS_f4YIXLaYO8kfHEOsat6ZaO_yv5gXi_GFQyg-kNIBoBNhf3kyeJODzwyPsUsj4htTJaxoF68h_g4O1v5okM32te3U5WO9FDatpq6vs_S52s-PzN9xPSWZHw8nJDjOO_tEuqqR6r7K9Z500qUP7W-4KUzrU33JPjy5-gxkQaYLRkSNpt3iSuuNGACrLHCbvPw1JD6dvkRluXiXYFQ36T1Qsoq-lCzXY_SGuLbzcQtm5KHFigHN_DeOrjJjxEOhIeZ0dpyq1FOy_SydQh5yZVZdMndUw8Sn_4r636wMeIYqTDwi0frxRrGOqwJ0OpP461RkIRghDjGqSZm40_kJ5LvlgwWZroWlpl2Mmw6P2GzBjoQdPvcaoUNfRs4qmkHE0U7bAoclacsGbO0us88_tlameIBFUIh_CTqTcd_PkEiCWpfd0kNLaX0bX1aCzE9oUAKwZhsgLzZWDkzX5KV52j554h1PTDr0AUCEmQLYLniYNnQOS2XAN2Q9SKlKtW6jYcjEmL18QCH90mwqK7DJSu_Cm4QF_V-hLCwdOzw25RWldP4wxZCf3udJFGik9cEvMKONkv-cn8yV0eNWjKmihyw5shPum85WteLJsPz_3VW7qRcx5qne7F3L9ps8wTlux7gSoH7kDVI8KwRVz-FKjvlppuSLALHys_4x2VYKbEvCrjs4NV3OJRI9o9DRnL-eyWFMQpzkAHtxEMFm4HwoXKW3LRva5MqVEpZtorGqtAIZdvhyplzRGIrheRn4pSrB9K9JMESQTOKMOhstO0d1Qa3O8MHztSenOUuxtneHMEJCB-Yb0d1NK1RbAV-ybBYy1qV_zF8MNZ9oGW_S0xt0LS2BB7QFWCvMIhIHaONfAgrYATVBnBIlhM_DfwD79-lRzYEJL0oGVMQl5T-m1nXmpIvybMHFhhLraBHlo17oDQrrjco-pkCKN88or1h00xu2sNpHWy50TG5ZUtRtM9c296N1xD2sLwyBA7_MLQyD2NRviYkwrKJN68OaZK9rXH040KSBpw1dAJPIzPdALeK_MnMxn5Qpbk9j05TQBxffu_CEl0scMz2S8VEI8Oa5yFoXXA0aMfbQQQXVE2zKwovbH4iIwTjwXwb5ltsoAoYxmK12JA15_0Pp9_bMeCM9ILRdaEhc3O-JYKYWUU45KJrJHqubWhaYmJ7Q9azrPwe5hsYplnTBanXcnfX0VWdhwLxNlrdrPJT8Mn9lkY4R0vmzAKNJDDAVPoiX6mpEmEYjwAmtFygh8mhMbZQpw60o2UBF5KurkmYcfuEbZEvMYfa3PmqinHV78Hbhu3SwjFtg9DaDjrsCjpdOFgcK2hRnBT-3AXO8CVMxgss2TK_VOuMqrk5ev4zk-1_GoS83SRghWoQQ9GWTn07uc-fkIIVZEfk9AnWf7XW9JvD1SdGM2rtnVjgE34T8ciKAQE4nWFpJ7n0iAGMXDGy5SOTyaXb6ROWub4uSk-5LXVvohdPBKj93cBaeZaYfJzCf5yoQJAcio1W4nX3KX_hCr4roxvZdxp0qQmR9rMC-uvD7FHRIJGpBq7KGNqk6rQBOfBOidm90jL8JNjnCrTp0dqbO_P00q_Uo8mROmRGUVn9MbOqQu53MD24bF0VeKzUPNEMCn0Yg-5tzE4T-mXbIuL_N7VUa5ey4P7ah7FKcxN_jhpkz-2QHqY18i48Bqq6DDQHHCTt4zTex5DWK_yHqzhoxgtT7a-zVqpFdxKxNFPtukqpJ4u-4UPq0ZPKjLebn6_BVw8y9Ri72UtpO_IAR4rkLiu9wjEerM5I_bz5S_liQib-8vaDL03i9uvgeVHpqzXyFNqhZ_vKw2VG6UqEq-S-3S2Ld8q6Z0jJNeZoH4QUPg28DMnW3Xg7SZaHdW_cWOGuCrJZum3owGCK9j-WUNnW_xpP0s7CjJ0u3aQYkrgHOTueWPzSQGKFVMtEhe8SBUB50lImlOcO3tA1xc-euzZSNDnQBzPt0yakzntkdja5Qvjp-5TPO7s5wKhvAbNN3ryFf1XAzHDmwvOxU01jbEz_XEVN-vllso5pPbL_tpmLPFuna-BMZq8c4L-pK6b3k0yJ8sWDGWLP3WFB5w84bx3_zRZ3pGJzGtybMkvSftmFtAiK_SJkS2KEJ5k9alTIrM7x6jpLYMESjuGCFtltxwIEn0J42Z7BlpxK1E9d6b0_deZaIGN6tpW9Ung9VoZ5kOOG-7p5u08LBvmxaXW_aktpg30_j9pM&cid=CAASJORoLau2mXOXfL_-8G6UnaYw5Q-SkkXinLArfqmrSHfnV2trBQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 04:03:26 GMT
index.html
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/ Frame 1983
113 KB
28 KB
Document
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=4DCIR0Xjx2&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56bfc89aa9c7aa97db2e2d727b124c66255a19070cc324c9526ff3ff75de8d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-richmedia-studio-eng"
report-to
{"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
timing-allow-origin
*
content-length
28832
date
Tue, 22 Mar 2022 04:06:28 GMT
expires
Tue, 22 Mar 2022 04:56:28 GMT
cache-control
public, max-age=3000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 60B5
0
571 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTXduIyzTTuFVsSDz-Aiuv63rkDMdWH1hlMfrpN6BSB_MRGZuNrqFR1Rn_LW5rB9cUJqu4ZXzrpPZdaJe5hAf1Kvp66K9ekqTSZ9fOqgpaZ7a-wfhe22OkM81vNhhp8HqU3pU50idl_-ZN9MUdfxJPPlIIZL0g8h7DBcRs599bCQGNWWukBMElzGs8W-3ZnxFmaJTNASD6pkMotfaeA7sxEISg9CYN9d25Y4_8rVhoV8VRSoigzN6ch40APdfVU7vTklnVUIp-HolsKW6gd_brEx6R6QQtnJfWO-0TvNZfHJZWYdWdrQlsdNEC9HswAHTr1dJoJEqk2KmDQfhrqRBhVh8Rfly8kB4kJM_MnUDoidcLDDDqWFPvoTLxltn3aknAJwtxX_ZSRYyYolO_AvZ2aMVsRONXH7IMGjcn2h3xjt1L9_vvoSVQ38arPHXfmiMocEVrQWkw1PHeKYFz8L4iold8aBFCV69cETZZyAGiZKlRQ6LLqJtla0KRkIXFZquaSDO8bTSuPZ7W-_cNFgF9GTWswu6LV4Vbon2l3Eh0-fziLMkTsFpCYxTWukhqMpcl_3xHDzF9cdJHv0NZtoZ7ffPYochdacHdQm-Su1qxoj1ooyts-M1PDbn_5Y9WuVas0ZhuqVOFkM78CnUYCcV2x2bNOmWiPISQQE-C-i29CJKthRt9qhSfaoq5EBAo3OnIK_q6JK6JmnNtPqE3Wr7xe496sDJNktf-QUTQ0J-1sEqqyezwqCtoy_7nedFCVYTQb2zJfFNUIoIceo4GaZIRTVls3KlCHH8qlfT7GHAMEGQ3K42oa2VfTZkU_Qv2PZIgKmtXFUBN_C8wM-qajVoekJGN1QJPQStQRMRRvFL8mDgWIZWi9H6l-frM822Xf0GKgFBYtAUgES9JcNDjkxYl2DN0Xqe04no766nA_4OXwjrSwpad2CHlnGesCEUyHpT0HQFU-gKhD-uqqh0AbIGKfrejbAJlb6ooPRdo-GJ3AJrIhrP4Ow4RfbrYiIWkc_sKiJxhWcwnJpjixxQ6vugL6rH42TTlcsp8btn3_4NPO9Hd9bRzSeJWPjR1PWt-GDu1mYmGiSuoxlzlj2joNH-GNf_dxnLPlcxGhL1i2sS7-xXQ8i7AhXvBY3m0CRW1WYhUa8dAAukbiK2WVOUIEJDpkTsh9ioqMhr-OBcthlT2h2xRpgR8M1N-OfcZtYwNzuOwViUT5xRasVY4SFY-yXML5pWP4uh0owo2SfyTVvCSIjI7CAK5JMKPtQ&sai=AMfl-YTIySGdfhw5FbW2jD-csO8KHNCPb0kV4pbK39oCD5Np1gTMp0uhFbVaddiEgbKazM2MZqxjTI3JeS5Big9JAbjb8zjrVi18FmDDJRXGOlzxl_HUAGsI0QGd8gVRqVddZhhj8KsorT6g6haX5T4a1tDVgaMZ-jZKtCQmFQ23AqasDYHM5k_XLoFB47OLdyc0ALzPQ-vjc9r93Ra_WoSyEQ&sig=Cg0ArKJSzEcauVWUGZfOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=356&cbvp=1&cstd=351&cisv=r20220317.42238&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 22 Mar 2022 04:06:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
html_inpage_rendering_lib_200_275.js
s0.2mdn.net/879366/ Frame FA33
169 KB
59 KB
Script
General
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
Origin
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 09:59:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
65241
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
60173
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:44:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 09:59:07 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/elements/html/ Frame FA33
8 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGhn6XteN9RPefI2rIej-aAJPtC0qUqhUvnvOugUD92vT6NwNC5A_Md5Ps_Dw3CdfpaZZiNp1ht_wCGzv_IosB4q9uNi0rRMA-BTyEnyH1LXZCFEqwdh-jFfz3OG2Z3hDyITnDFycxNTPXxO8RrNe5YWkvtrZsJ522zz2hbHGPUxJCB64NRfNihx8ha8sBo8FVXzYg&cry=1&dbm_d=AKAmf-BvVPKxnewCNvrTEkfUSU4XCGe7L3SSJucSmUgEQFi_LANNT9tvWTtvJjRh0HGXaCncxOixNEPPKF-hzc51n8NHjBYwRaGFvhyAWHd55itlF20dqtFsGXBcjQ_qz0PI-ZeaRKNof1g-fGJEB0rAtgi9LTpB6wQVn6dVl4KKEgRkHE3pNrBRvlsvrzf7SvEMyX1iu_eZ7Zz4cPZz8i16A64chL8ISrA6DjS47X0wFDA_gy-vw_tOEYzGMqmy_Et9eQ1jxhlNjBvIQTU_rrOJOlzdamRJ_5euN2ZaFXYfA7U_ocJqw3xqgUyemaBKeFJDhKo7BzmCYcUQiUnabCBCbM17AD3IUqFuUhDRqZakkGOEfwQOji-mPWXZ2OqkP0_tMdzieeIfilSlhr4LxsT1ypmgZPnc152vPYxFj8PgsIy97KDe3ji4OcQkZEw_mgF6JdpsVmKK_WSqj4YScJfBR16Kbw4uwGSsQ99MEjAxGxoxCVH4QRn78SRwcFBvVTgD1mNPKlmrMgPn6bPKP8I-38Q-6BYklB80sMQz-Uh9TEMlx6WGG6sMmjcAGF-8953vCKusWo23eYaRfPGRD8T6CQRim1l5OBkofrblwIwiFPPGc4KzdqhFtQj-juG8TYh-YHexYRgpKvWvwPgG14cpJpoZrLqJUzMOKN2waMSyS6dFuABcqmwAhRqYszbM_fV2SECd4jH815wV3zwp_FO5kP3jvKo9d7TI6fNLq7JCLHRKBuq-Q41i8PLK0MSC_MJ4yYe7kZv42_CQhJj-KdY5KCMePM9uqfI29M9o5sUDrdJ1H-J_6RIabhIlYJcZJzuwF43uW9h2nyMXxoAuL14-q2SaFHWtJkEnn9k7utFtwcgZuW78nUwFxykfxeTwG-7nIA3gr3A_e9OmcQLYRnt8doSJUzhzl-pQElekRgG96I_xVWNHKHVwSpuATWVOxcsqMSvEY7nIpb0H1bRtGd9W2c4x-DJfDOruks4jganO8qNgWvHW12spX36ZBzdGpaAebchz3PCy2kv69n_BYrWnJ-7Fy7IJ66KwwOKuHHsRNpb8rPrbN5Za-nd2RJdjih4apWUk6yBHVGWkS4po9I1xyD-pckHteASkwJzR0tJEDWntMO0hocPxAkOiLbemIuGK-fxjt0vvhOtSLmsxW7Uv-FSClwT2VblHhe27QkuQ34C1skTlIXtsRqhdmfbLs3vevufV-ebMgAUxi_g8kx_KeJuwLFMWfxdQBMu6zg7PxlULOBCqhOvvQl2DnqIKnfwgtgNZp6viJJED3QQg4NZkNcMgXuZK_znCqRc9RoJgiWFz8No1WCQbI1uYqlvTh17wG4bnX2xO8VJNItg-qJ3ZraG2Cx4P7tdvGqSnIGIWnXvQF3Tt_r5A7T1pZ0NWOjeFshNvcMetMXYJAPYmKMMWsxpCL3g3e18wR1Qaw_vKLN8buuzw-rOecusMJFzDLpil2Eth4qEVX38oAIoG09vZ8Fp-hVUUWubGqpqdimlPYVXVipCWBRTJfRMtiz_jelcy4RYV534ifvFJ5NcQ_TQ2elUlzxT6Mg2FM5wgtFkjkCvDmfx3KYNmeR1Lc2R0OkR-ny5ZYYqeZHFhNC5Lym1L3cDGQAYpy70xbgBNQkUOKkT6-5s1yzEcKM0Q_l7BlvrqSuGCPrmmmNslpZIR_htFjTfShKa6607iWKuC2lHFXyC94ZDsNvVcK3S-7IgbY16I_oq1gJ-Z1qT7RYjFb39AGENCDMyPS3eIn-l-iv6ZQbjKlqYd4OkGgjKkpq6LgnmADYTCI9QUEJDnh9qpauM-xrsAF4KhAfdRNHJrJipFnQOj7Xe_D8UxuSb-fdKscE9kTE2ZzFUhr72bgI_I3QM1tV4Lhdo0LsrzvmHFhyxYfpZkoF2zG0gtquKi2ovcJF8SY0vJ4diwGG8Z8WJXOEntZGuEsXu4NgLdHRSSg_vlg4B4sgsYNumbhTkR_UnUuAgHeBMC_kDo_1XcRVbLz7WHGWNHGynsnw8oHEobNDnVgdLc3Z3CXTFtNFHNE3vPxY1Xl-D-Gee7rG2tM7f4Lc9rjdrBQOtLje_wS74YH92jDPEAcj_s1Rj55WhJVGT5bfxQ1m8tvhXA0tpij8zggJEXfIKFWvy4SrwKwq2lrTwtCdg4tgueG1SYy-MbmcWTOPc2BBndKEL9HK7WnfkcrNZJZpD9xi_kv0ei2IfoUchJg-D1aI94TA-NsDdFRan-dvB5WoWJVk0m7ZwY7ncSUj-EpkQSivDwQGwqV1xOYjPwoD_dzI5ktutbrl5S4J1VD0h6h-kEKYTX4jSVO56iZrM-ki6xtUh5cFtRVWUocCk2qbOk7NCg0zISzkBeCwX8tPZvrHbPf-fYtKcNRDpdtCGamm_e1JpazRKHIi95jN-nvvyQ2_nflLVWWqijj2O07BlCdrTXnguJ3E795PcQlWL6drlfxWZoQGjPXd-UF7MI_CR3IuLnq9zw2n5wo_pk9oNWrPAEPl1BrErRoyNKTjVd7fuqUdvSk4qTvTo_FjS4yiqrONbloAxiGDjci8jmzeHwVrlQPOu1Cjlx28ly6uJSbyGOXJhfluPBU7wq1zDsuqGhUftAylaaBpquc1rk3lej-h7yt3Qr2NCRBmUI-AlbLATuMBr-zDXqIKG4mkae7YlWQsz5iJ41ownRWY6B3I9zgpNl0lkLf-HwRxA9zrb1MkmsO4goljXT9whaehOb71W8daXatkXAiCErxceZMOO8VDpB90VWMlvwvtSZsmO4Ar0u3d4JgwRuWUTiYx64RplpuUtrdcckqNXgaaE3qW1x3v0hCWMwUDwZ9gyLIf7At9gP9D8X2rNe9i_Pg7B-gb2C0Wt5Jts44h366JTvH-deVWKY6hATvPyFgLFOvxJnzUINozg-p-s02iPRkJC4n-PXcf26phFqIYpU5zq0l3AlV0Q6y70twOUPkKv-YIY9hGExvyudfDpqMJrtbyzHuyLXJ80aCcU8KSaybNTzUdaAzzLuHA_FdenM8RKV8hW7exIJyyow1gnKNdlYxNVoleUV1RVfHp8G6gFqalcM3QDHMGX4N0QVokKaP-KSAkoRFDtOzyc8HSLY8-s3gb8xrfGq0imXKjt0dV3-KzPGkzbmxEb4YpbfzMyk7dmOuUwtiHF6-fgweNHnYEj1KULWUBwN4liPkmuCiQuh3P4GAyUH5xKSrmq3muD2UbcoenDFpceax3r0FzojTYXtVZUkyhyLZDNr_NPzYKMet4W0klWdER1yfdDocP5RRefGn7Hd7OasiLFgbaUtySFifyQwxWPz3aWYLnl85xhd-muwrsQOGfajusWlAav-rcmdkHh-L6StN5aecA6mwCSjVzJytlzHAnE3ntb_9VhWIn-0A_9acUMeuLYRtTRybAOqFU4rrulo1oI4V6p6X3VvjzfK2X5M02aMBIcqFWDKgct0oj777NhcbxzqkbEYyZ0E6PPzVVdCD8hf9hCzTHggicsGvx1NzfWoDlVwC_Nikyzg5oj590IesLLV&cid=CAASJORosiDvql-fuy0kpZr_RXWdl9dqg6M2FeEuS4Eb8nZAolafiQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:53:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
803
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 03:53:05 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/ Frame FA33
25 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220317/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AGhn6XteN9RPefI2rIej-aAJPtC0qUqhUvnvOugUD92vT6NwNC5A_Md5Ps_Dw3CdfpaZZiNp1ht_wCGzv_IosB4q9uNi0rRMA-BTyEnyH1LXZCFEqwdh-jFfz3OG2Z3hDyITnDFycxNTPXxO8RrNe5YWkvtrZsJ522zz2hbHGPUxJCB64NRfNihx8ha8sBo8FVXzYg&cry=1&dbm_d=AKAmf-BvVPKxnewCNvrTEkfUSU4XCGe7L3SSJucSmUgEQFi_LANNT9tvWTtvJjRh0HGXaCncxOixNEPPKF-hzc51n8NHjBYwRaGFvhyAWHd55itlF20dqtFsGXBcjQ_qz0PI-ZeaRKNof1g-fGJEB0rAtgi9LTpB6wQVn6dVl4KKEgRkHE3pNrBRvlsvrzf7SvEMyX1iu_eZ7Zz4cPZz8i16A64chL8ISrA6DjS47X0wFDA_gy-vw_tOEYzGMqmy_Et9eQ1jxhlNjBvIQTU_rrOJOlzdamRJ_5euN2ZaFXYfA7U_ocJqw3xqgUyemaBKeFJDhKo7BzmCYcUQiUnabCBCbM17AD3IUqFuUhDRqZakkGOEfwQOji-mPWXZ2OqkP0_tMdzieeIfilSlhr4LxsT1ypmgZPnc152vPYxFj8PgsIy97KDe3ji4OcQkZEw_mgF6JdpsVmKK_WSqj4YScJfBR16Kbw4uwGSsQ99MEjAxGxoxCVH4QRn78SRwcFBvVTgD1mNPKlmrMgPn6bPKP8I-38Q-6BYklB80sMQz-Uh9TEMlx6WGG6sMmjcAGF-8953vCKusWo23eYaRfPGRD8T6CQRim1l5OBkofrblwIwiFPPGc4KzdqhFtQj-juG8TYh-YHexYRgpKvWvwPgG14cpJpoZrLqJUzMOKN2waMSyS6dFuABcqmwAhRqYszbM_fV2SECd4jH815wV3zwp_FO5kP3jvKo9d7TI6fNLq7JCLHRKBuq-Q41i8PLK0MSC_MJ4yYe7kZv42_CQhJj-KdY5KCMePM9uqfI29M9o5sUDrdJ1H-J_6RIabhIlYJcZJzuwF43uW9h2nyMXxoAuL14-q2SaFHWtJkEnn9k7utFtwcgZuW78nUwFxykfxeTwG-7nIA3gr3A_e9OmcQLYRnt8doSJUzhzl-pQElekRgG96I_xVWNHKHVwSpuATWVOxcsqMSvEY7nIpb0H1bRtGd9W2c4x-DJfDOruks4jganO8qNgWvHW12spX36ZBzdGpaAebchz3PCy2kv69n_BYrWnJ-7Fy7IJ66KwwOKuHHsRNpb8rPrbN5Za-nd2RJdjih4apWUk6yBHVGWkS4po9I1xyD-pckHteASkwJzR0tJEDWntMO0hocPxAkOiLbemIuGK-fxjt0vvhOtSLmsxW7Uv-FSClwT2VblHhe27QkuQ34C1skTlIXtsRqhdmfbLs3vevufV-ebMgAUxi_g8kx_KeJuwLFMWfxdQBMu6zg7PxlULOBCqhOvvQl2DnqIKnfwgtgNZp6viJJED3QQg4NZkNcMgXuZK_znCqRc9RoJgiWFz8No1WCQbI1uYqlvTh17wG4bnX2xO8VJNItg-qJ3ZraG2Cx4P7tdvGqSnIGIWnXvQF3Tt_r5A7T1pZ0NWOjeFshNvcMetMXYJAPYmKMMWsxpCL3g3e18wR1Qaw_vKLN8buuzw-rOecusMJFzDLpil2Eth4qEVX38oAIoG09vZ8Fp-hVUUWubGqpqdimlPYVXVipCWBRTJfRMtiz_jelcy4RYV534ifvFJ5NcQ_TQ2elUlzxT6Mg2FM5wgtFkjkCvDmfx3KYNmeR1Lc2R0OkR-ny5ZYYqeZHFhNC5Lym1L3cDGQAYpy70xbgBNQkUOKkT6-5s1yzEcKM0Q_l7BlvrqSuGCPrmmmNslpZIR_htFjTfShKa6607iWKuC2lHFXyC94ZDsNvVcK3S-7IgbY16I_oq1gJ-Z1qT7RYjFb39AGENCDMyPS3eIn-l-iv6ZQbjKlqYd4OkGgjKkpq6LgnmADYTCI9QUEJDnh9qpauM-xrsAF4KhAfdRNHJrJipFnQOj7Xe_D8UxuSb-fdKscE9kTE2ZzFUhr72bgI_I3QM1tV4Lhdo0LsrzvmHFhyxYfpZkoF2zG0gtquKi2ovcJF8SY0vJ4diwGG8Z8WJXOEntZGuEsXu4NgLdHRSSg_vlg4B4sgsYNumbhTkR_UnUuAgHeBMC_kDo_1XcRVbLz7WHGWNHGynsnw8oHEobNDnVgdLc3Z3CXTFtNFHNE3vPxY1Xl-D-Gee7rG2tM7f4Lc9rjdrBQOtLje_wS74YH92jDPEAcj_s1Rj55WhJVGT5bfxQ1m8tvhXA0tpij8zggJEXfIKFWvy4SrwKwq2lrTwtCdg4tgueG1SYy-MbmcWTOPc2BBndKEL9HK7WnfkcrNZJZpD9xi_kv0ei2IfoUchJg-D1aI94TA-NsDdFRan-dvB5WoWJVk0m7ZwY7ncSUj-EpkQSivDwQGwqV1xOYjPwoD_dzI5ktutbrl5S4J1VD0h6h-kEKYTX4jSVO56iZrM-ki6xtUh5cFtRVWUocCk2qbOk7NCg0zISzkBeCwX8tPZvrHbPf-fYtKcNRDpdtCGamm_e1JpazRKHIi95jN-nvvyQ2_nflLVWWqijj2O07BlCdrTXnguJ3E795PcQlWL6drlfxWZoQGjPXd-UF7MI_CR3IuLnq9zw2n5wo_pk9oNWrPAEPl1BrErRoyNKTjVd7fuqUdvSk4qTvTo_FjS4yiqrONbloAxiGDjci8jmzeHwVrlQPOu1Cjlx28ly6uJSbyGOXJhfluPBU7wq1zDsuqGhUftAylaaBpquc1rk3lej-h7yt3Qr2NCRBmUI-AlbLATuMBr-zDXqIKG4mkae7YlWQsz5iJ41ownRWY6B3I9zgpNl0lkLf-HwRxA9zrb1MkmsO4goljXT9whaehOb71W8daXatkXAiCErxceZMOO8VDpB90VWMlvwvtSZsmO4Ar0u3d4JgwRuWUTiYx64RplpuUtrdcckqNXgaaE3qW1x3v0hCWMwUDwZ9gyLIf7At9gP9D8X2rNe9i_Pg7B-gb2C0Wt5Jts44h366JTvH-deVWKY6hATvPyFgLFOvxJnzUINozg-p-s02iPRkJC4n-PXcf26phFqIYpU5zq0l3AlV0Q6y70twOUPkKv-YIY9hGExvyudfDpqMJrtbyzHuyLXJ80aCcU8KSaybNTzUdaAzzLuHA_FdenM8RKV8hW7exIJyyow1gnKNdlYxNVoleUV1RVfHp8G6gFqalcM3QDHMGX4N0QVokKaP-KSAkoRFDtOzyc8HSLY8-s3gb8xrfGq0imXKjt0dV3-KzPGkzbmxEb4YpbfzMyk7dmOuUwtiHF6-fgweNHnYEj1KULWUBwN4liPkmuCiQuh3P4GAyUH5xKSrmq3muD2UbcoenDFpceax3r0FzojTYXtVZUkyhyLZDNr_NPzYKMet4W0klWdER1yfdDocP5RRefGn7Hd7OasiLFgbaUtySFifyQwxWPz3aWYLnl85xhd-muwrsQOGfajusWlAav-rcmdkHh-L6StN5aecA6mwCSjVzJytlzHAnE3ntb_9VhWIn-0A_9acUMeuLYRtTRybAOqFU4rrulo1oI4V6p6X3VvjzfK2X5M02aMBIcqFWDKgct0oj777NhcbxzqkbEYyZ0E6PPzVVdCD8hf9hCzTHggicsGvx1NzfWoDlVwC_Nikyzg5oj590IesLLV&cid=CAASJORosiDvql-fuy0kpZr_RXWdl9dqg6M2FeEuS4Eb8nZAolafiQ&rfl=1%2Chttps%253A%252F%252Fivona.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:03:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
cafe
etag
16576748017229546422
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Apr 2022 04:03:26 GMT
viewability
hal90008.redintelligence.net/ Frame 0414
0
150 B
Script
General
Full URL
https://hal90008.redintelligence.net/viewability?s=60439800014014004380380011906008&a=068228e9&vb=m
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=60439800014014004380380011906008&a=72c628c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=60439800014014004380380011906008&a=72c628c7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:28 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame 0414
33 KB
16 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=53795657;click=https%3A%2F%2Fhal90008.redintelligence.net%2Fc%2Fpk29uozkvkorfqf%3Ftprde%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 23 Mar 2022 06:58:21 GMT
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame 8E9B
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 22:49:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
191795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 22:49:53 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 051E
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 07:28:30 GMT
expires
Fri, 17 Mar 2023 07:28:30 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
419878
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 2BFE
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 07:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 07:28:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 148D
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 21 Mar 2022 13:26:12 GMT
expires
Tue, 22 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
52816
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 2BFE
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42c91ea11139092cfa357ee0b2c512ee0e0819f4140194372755f543f2ea10a0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame D404
35 B
210 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBdTekdK8l6JZQVHAfBH0iE&google_cver=1&google_push=AYg5qPK9oE-gZziJViU1uw5K2LFwQKLm7hkNyJE3aEI9Vk9Zrs9NMLgDRnS47daw0Od0tad1s-1FELC9Rcy_Z2IctBSjFBSWpgfy
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D404
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEI__Fdqp2eVrYCEVROGsqgY&google_cver=1&google_push=AYg5qPLch8HUw494_fumH8Rx2zsMcsh_2gmEOag1wWxLoplC-jJmNrodlEZKSvslAiHhhbQKrbEirEBaB477R4f0s2DY0ODgGaE
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLch8HUw494_fumH8Rx2zsMcsh_2gmEOag1wWxLoplC-jJmNrodlEZKSvslAiHhhbQKrbEirEBaB477R4f0s2DY0ODgGaE&google_hm=Q0FFU0VJX19GZHFwMmVWcl...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLch8HUw494_fumH8Rx2zsMcsh_2gmEOag1wWxLoplC-jJmNrodlEZKSvslAiHhhbQKrbEirEBaB477R4f0s2DY0ODgGaE&google_hm=Q0FFU0VJX19GZHFwMmVWcllDRVZST0dzcWdZ
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:28 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLch8HUw494_fumH8Rx2zsMcsh_2gmEOag1wWxLoplC-jJmNrodlEZKSvslAiHhhbQKrbEirEBaB477R4f0s2DY0ODgGaE&google_hm=Q0FFU0VJX19GZHFwMmVWcllDRVZST0dzcWdZ
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame D404
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPKY85T27CCcps_e0dGBJ2fb-zAjJzTDAbjiVNZecaELVHSRDRoGwD11Eg4E6-0mL8rlF9QVTExeLR47cWx4pGVhR2Lxyxfg&google_gid=CAESEEsM7xm2OcWqGeOb3fbVGIc&goo...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCMSW5ZEGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBLWTg1VDI3Q0NjcHNfZTBkR0JKMmZiLXpBakp6VERBYmppVk5aZWNhRUxWSFNSRFJvR3dEMTFFZzRFNi0wbUw4cmxGOVFWVEV4ZUxSNDdjV3...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM2JPSFRiTU15QmFfbFNJWE9UR1QtSEhhU0wwdFYzUlZ5OU5Pa1BEeU9DQQ==&google_push
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM2JPSFRiTU15QmFfbFNJWE9UR1QtSEhhU0wwdFYzUlZ5OU5Pa1BEeU9DQQ==&google_push
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 22 Mar 2022 04:06:28 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwM2JPSFRiTU15QmFfbFNJWE9UR1QtSEhhU0wwdFYzUlZ5OU5Pa1BEeU9DQQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
clear
content-length
0
dds
rtb.openx.net/sync/ Frame D404
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEEtPReGdd2Cf2W8TeLowwfo&google_cver=1&google_push=AYg5qPLkLt9310WdeYTbOrkiipBeGaQz6YHddgqxf1_ZZ65YJTECoAeX2hswfV1MGMTHGWGpJIYpSWbcUfSUkr3Hsbb9hqA5-eAX
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
8q8ff1f6jfhntc70f4n86qcfnef8d0m4
pixel
cm.g.doubleclick.net/ Frame D404
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=21q0qmKdQpyoNWXYUWvrhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=21q0qmKdQpyoNWXYUWvrhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI3qDc0R9uVNhv_NuHhXak6CiKG0H_lAweoq4rzPZzFOFxLvrNR-VL2MbcR7mtWj0u8UaIL-m2Sk0oGakJuImIaETDR8lOp
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=21q0qmKdQpyoNWXYUWvrhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPI3qDc0R9uVNhv_NuHhXak6CiKG0H_lAweoq4rzPZzFOFxLvrNR-VL2MbcR7mtWj0u8UaIL-m2Sk0oGakJuImIaETDR8lOp
date
Tue, 22 Mar 2022 04:06:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame D404
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFWOM8Map7onvD8A7PKR04s&google_cver=1&google_push=AYg5qPJ0eJIoconZcPTAmj960eb1Punw9kycVkEeO3FkZhJ2bSoHHE0LPuWXSN-9w01Bz8OqPmD...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDExTTdDQjEtVC00NDhI&google_push=AYg5qPJ0eJIoconZcPTAmj960eb1Punw9kycVkEeO3FkZhJ2bSoHHE0LPuWXSN-9w01Bz8OqPmDTnHnaqZ04MTANvlQEWYkwWYC6
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDExTTdDQjEtVC00NDhI&google_push=AYg5qPJ0eJIoconZcPTAmj960eb1Punw9kycVkEeO3FkZhJ2bSoHHE0LPuWXSN-9w01Bz8OqPmDTnHnaqZ04MTANvlQEWYkwWYC6
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDExTTdDQjEtVC00NDhI&google_push=AYg5qPJ0eJIoconZcPTAmj960eb1Punw9kycVkEeO3FkZhJ2bSoHHE0LPuWXSN-9w01Bz8OqPmDTnHnaqZ04MTANvlQEWYkwWYC6
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame D404
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoO...
0
0

attr
cm.g.doubleclick.net/pixel/ Frame D404
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6Q5Wdx9VZLhOphU4hv1tD53LrOX4-Gd_Q4Tt4FdZgqRK-X0G_g_7G0LzI2_ZA_hMzZhOD
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4B5A
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 07:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 07:28:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 12BC
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 21 Mar 2022 13:26:12 GMT
expires
Tue, 22 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
52816
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4B5A
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1dc99c08bed44a192198954efc8cbacc39cf81b488b84f1d3f064a9c6de8b85

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame FA33
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 07:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
419905
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Mar 2023 07:28:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9102
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
date
Mon, 21 Mar 2022 13:26:12 GMT
expires
Tue, 22 Mar 2022 13:26:12 GMT
cache-control
public, max-age=86400
age
52816
etag
48472445140208031
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame FA33
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7571b5eb29a982103da1278da9d91a7e7b55a194611dd5eaaf522444b7df496

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/10852055/1643292360957/ Frame AED5
206 KB
28 KB
Document
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53be90903ccdd4eb68ddbb8906ce7d84afa951cf3004fb95c19cbcfa11ae9381
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length
28435
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 22 Mar 2022 00:46:31 GMT
expires
Wed, 23 Mar 2022 00:46:31 GMT
cache-control
public, max-age=86400
age
11997
last-modified
Thu, 27 Jan 2022 14:06:00 GMT
content-type
text/html
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2BFE
0
61 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvucRVyCpyS2LeSFc-1ogz3hvi-WST6kxv78oHcJTQoibSd1SaZtu8HlHsbXQJTHp47TMynT_T06b3Dh8HYl8hm_UOnoYB1fzSybOPkT5T4vUUvsJaKOQ3jl3DTbFGfB3MiO4srcIzRegmR0fau8R6mKHa330f-F5g7wOpaHOvcDYWYnXOQCk-k1Y6q_LQZaRFO8qacBDicoiZhm0rsnAG2bzK9JiNPBGKCBotbZVirKYwKIIoecsUKA8WP5JI2jhrb5svGq6R6inhCwM8XjzvW02I9PAHXLkmWPiQD8PIzBA0WqkYMWZH_Tlt3fwkZiDIzjnCRnMdRmseVch127io-OBE5jEecQ_TWBfzay4HlWZza8opd-2l7a-wYvNE6L8JILyvEQpbo0sP6XwL8q3w4GHDAnPxneQ-L4BXZSxvHCignSPYUg_A5pS8udk25I1PAh2At3tA3Kdun0iOTRuGTEMfaathF3VmKYuEU84ZBxGTZ82yBltp0CMeDg76tklqu4SQbbc__mccTXvb3e_NnNhBjrxUBFNR-1Sa3bhdr0lPJ1mZx-Yq-6DVlcqNhRimPOYVosmxSq654mO7PwnqWZO5VBamVJQw-B-zydldKM-Pxh98b5cwNhteID6HrdS2gxDisjPInOAkB-clLNVBbQXnJhnPt9x8RvtlzzZWP5ETezbKefwgx0LAqXtd87VJLNsSHug1wo-8uNDyoN1bXRQM_Q7Yh-yvA-1mbz8N45pgeh-6cX_OJ9oZcMPe68A_SpmOp4JfOqdM__WcpyUHBM_Xt0z65TBGsCjCsNOhN4J0J0vWZfBJHvo8Wc2uIH2pQ3f8g9mWdP99Q8xSae0kbhm0gkp8w7Xc_zZ-bXtJZBn22a5ZVnKi0ekJB9f9uc7O1JY4qSywxHDPH4yY2GbLcqIoVkTYYd5wLQuQ5z2_4U29bSh_lpVD3ERiwcODU4VkReYw_HOchXI3y6yWjQw_v-Ge10kIBSaSNwRADjyjfpdAv6qrzvYaBrDcL__9M6YhlgbQySSfjifCN3jXmOUNWzT6uryz5Y7k1Vrn4_VK147li7V1kxlAaCyWziIwwE46YkwPQEGYBCR4aeEJdtMFzVnEznTmhYpLGYU74X-yFRDZFdYWCQCKigPZByC_yQqviyJ15w1XwjbhT97legzd9dFMju9UJb1SVwoK_WZtKv7uSsiEo9B6Pe0ns_rL7AlZpQuJhJOiefuWLf7pLjL1-z5P59Dy&sai=AMfl-YQxIF15PcB4NU7kO-qhsdu-Pi7p2U82dwwPtxJQLy9WFlPi1fmu6iqn-Vy4p73rIhP1Tw-U7pho4IE5hkuKmcpu8ST6C4kHLl_aUu5ah2MPmG6KX4cAkWe3zBIgW1aYQA7owgbg1XFyo8n0BpXzNUze8mLQgJIoYQQ7-5HbO_Czzptsky3IhRHrVShKiEYylMSFxeE6MM0JrOynQk6nug&sig=Cg0ArKJSzFfR1abBDJF7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=210&cbvp=1&cstd=204&cisv=r20220317.79202&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 22 Mar 2022 04:06:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
320x050.html
s0.2mdn.net/sadbundle/260227187032981504/ Frame 0A60
47 KB
11 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/260227187032981504/320x050.html?e=69&leftOffset=0&topOffset=0&c=meJY7ftQA1&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55ecff94787e130bec3a98142da5a6ff282e653f7481c8bf337eda24915d0e32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:28 GMT
expires
Wed, 22 Mar 2023 04:06:28 GMT
cache-control
public, max-age=31536000
last-modified
Fri, 11 Jun 2021 18:35:05 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 2200
0
61 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssh3tLE7sFO13s1SjL8GF-kS8TAiVKBG0ZkDhFKi299DaqHeZ9OiQDrnYtmuNqi5uowFKe9iBwwO-z6i4m395ehNoNw7mflPodI6sJC4K5P_c69JjaRO3iNIrarVVIlO9ix4o6RDbb19KYLWrVfjUEkzbrSGuw8VxhVTQ_so7z1h-uR9JNO3tkGa43lRoB2EHz77yzJE8wOTFfBeSEVbQKOvg7ib6kkLAE8gyDSzvuHOirytdIUckBBIwLvQbXohTLsKoXR3QS9gwASeOy8kPfI1UtoYl_AH0gHngN2qhmJb_MOlNludyyj5t8vx8CGohXeJtXOLwqovn5ZFMG8v0IkDBSP_gwbNH0MePGi1FMZmMM9e0HWVCJLltNEcFeN7CPjbAwHq2A1KlhCynLdniMcHJUNCMFdGWq_wyQ5PQbyk0EpT5DwZMoz6y1Xyp_-rOH94DKwxaRqjRcGjmKTi9O6x82Np0_dhS8l7x1Cx-zYS38lMuWD0uUICuPC1qfxOmga4o1mIDRAlGZ69tgwvU-XpQ6pTQ4sHl3zLGAedAcLbRYbgNk8UBpxfuTkx1AEvz-Ft5OZuLaUt42EGO8WUBTvih-gbe44V0H9gWrgw-sjAWjXzWBrIHKWxvuDeBrUWlwqBIL6JIReGodDemsiD2vgCpCDo7UFsi0fXmzuTAmG2Q5hLbH8yz5v5cQj7cW4IcqOOxqluwnru-Maf3hs9ytX_3LKuDb75D3XUe6Y7JxZ2mc2lTQwBoyjGptviGNGDNeAQ-dTYF_Y8ZKKhlUBBvycF-_2wTysBhcAy_9yxlpJ_N_sjqnbUwJRj_a4FKKNwlzTxax2eQmq9ubrBDtoeSQuifzvVg2SNOkGW-r-zW-S5QCcToxL1evBNrQcs9vKN7W_DbVgVuVXPq84NeD3flLEgSgR5Fca9ZVPqWBWO8zIpIgW9Sp372ZZiC1-NCypxIhlVyzo3l5abtDwRFhyF8rxAcWqHuNp5hoGq6C-wACeomdGbRTX8WMutoSCsJV9E0Q-fWpOnayeFGdd4HZcplfysfcHTJ8lQL9HzrLrh1nDKpEzpShrWJTVJRQXYnYFqiM8xpDyJIvlv3ffQKDSuuaDkZFlEIul028ko7W9UuChnyXV5fWhI3_MshYOdwgQ0m0dWE47Kqm4lC2yhfhxKiuhCC7kj5zN5Kqwjine1XNIhgnNIgWYpFLErtcyjCx_HhuV31sQih2_QBlaWPM5rIdUNHxl&sai=AMfl-YRtMXflEMQysUXhiYWlpvqMx-dNOx-mt0RW960HPrqpgHvNja7hydfE4SgISJuiiPw5KYKVadePm-19DZnjahShW7trLcY6g0BzSuc64OkV4sbjRN2KTJSEtB-tJfFs9laCn3u5tOlqmgm801BCOMtOL4NiFj6dyjwjJAOnrwYzWd0oTUFe85fiZzJPz4Dxbuv9hOgg_6rj8agGrsAQ8w&sig=Cg0ArKJSzD4Vrnr8AeGpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=322&cbvp=1&cstd=319&cisv=r20220317.28354&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 22 Mar 2022 04:06:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
css
fonts.googleapis.com/ Frame 1983
4 KB
659 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=4DCIR0Xjx2&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a6135b4fdc2e5aa7701bef24955e945ee9222144edd93e00a27fea47e7fca8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 03:46:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 22 Mar 2022 04:06:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Mar 2022 04:06:28 GMT
gwd_webcomponents_min.js
www.gstatic.com/external_hosted/gwd_webcomponents/ Frame 1983
17 KB
6 KB
Script
General
Full URL
https://www.gstatic.com/external_hosted/gwd_webcomponents/gwd_webcomponents_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=4DCIR0Xjx2&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5622
x-xss-protection
0
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 22 Mar 2022 04:06:28 GMT
Enabler_01_238.js
s0.2mdn.net/879366/ Frame 1983
106 KB
36 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_238.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=4DCIR0Xjx2&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=4DCIR0Xjx2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 10:03:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64954
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36751
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 21:21:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 10:03:54 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 97BD
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 07:28:30 GMT
expires
Fri, 17 Mar 2023 07:28:30 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
419878
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/ Frame 5667
113 KB
28 KB
Document
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56bfc89aa9c7aa97db2e2d727b124c66255a19070cc324c9526ff3ff75de8d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-richmedia-studio-eng"
report-to
{"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
timing-allow-origin
*
content-length
28832
date
Tue, 22 Mar 2022 04:06:28 GMT
expires
Tue, 22 Mar 2022 04:56:28 GMT
cache-control
public, max-age=3000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 4B5A
0
24 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-pgGbOLOWtU8_WB2PRvqNkjE4c2WjgunHCzmjO_VQgk3QkI8pJawU-GHmJNra7a2D0Z65L4JFbFALJkR3BM-TtMSxKKPtR_oxq_-TWt6N1uZvFcxIu9QtXmjJmGcObLpZSBRVB4IsVy3pY8kZ3GQBxzZ0b1ENq8Weqp48p2h72zLbpwshpF7D0Zr-NcDDyjsCeeKmDGkNnDhs6etPe_2ohroMt9zGjxocN4YkLyICXro09RVuW8-KyqSNeUWwu3SED-SP_f9srj9nDe1v0-gOuaZa6Y68NQPQ85MmqbYVaLqg17pbeL-CO5URiBbUCM2eqCiSm_CXXrAnfOn-kXty-nJh4D-7EzVs8W49gYZbEwD9udQAzI0A_lmkHSV_mhNSQkT4kkaIclgM7d-OM_j2DLmQo68toi_7oVzUugSil4NJnZcdP45zOvd_sqwQrkKmLepuLW68NBPYDRLARKrejEIFqhtVv_P-UQZo6D5b7n5mN6vfYnYgLllQ8yPahxSPuwIFSuP9ZSD8wYBphNLtgh_P0E6MOl3gkQYxSlEzIbrRUC9TQmAz_jZXxyP3K_pg3ePBT4v9ZUBh8OrvDgfPC3XvbZR49Z7f8JnNt0d37sieHa0jqrl46VVxOJzOyIB3hArFoP2avCiUoUCER350ymO-bWo45GJg4jZuGZRRp2l3OpHsW16lSjTFlREV1ujG5qHhMz-8tsNyYVtzYcxocxiTuEu-4l6LTBCV2_aRpYw7muUPFIJQkM3X8DmYHUf6g_p4XhgfJiNy7MeH2NsXCh_zT0wcxa0GyxYg8eiSpOl6we6Q3Eq7bzC7TJeKmmDU_P15o5Oxl3oBs_GXORPQghzPPf9FJtm25PxRPrNlWYwFgY3D5HnPwX_OLjKIS49I2W2q35kXcEDBbUMUMTlEztTLUW20ErF3kCgeNq7hn3yxtGb3LgeJI3ZYJeeAO2G9x9nqYgpmbEN1eTGSas4AbINPTxyrpeUmhSX9fvPH3btwPh1WkvNQGXJw5smyCqOsqgasCtyNZ0OiP2MSl2PujMLns0FMRYxo3oGlA4sEKzIzCplo26hYO1f6n9ZbU_hcv65ieWzsR6CAhRQmj6I2yofDeNJLasnHekYwplkmJlzlIgl7R1hgkp3uLo_-ML79moTVyPvAnGkKpOPQ9nYdjYB6NixHVeoPYZg99leybHrRT-_Q9YWBofVEqm_PlIOQOeLxHBmSYTB8KUech1dhrzLtAOOTuGVPa9Au&sai=AMfl-YR5_1MGil8aaWjU2evTifNTPS5TevUlZzUdKsIG4y3xkXH-ureP5Aa8Y2o_gvb2liEDzVgSNghEGCqaJdmrUkZbAdJCfsvVdIZqkOuDhE7UYZdYiPFKIvkFd-XIa4sb7cWfYs_-N_ozyi0v3EF6zXZ5cieHEpYhcpjp7zYiYfjIEV-Gaeo4Jae2SsnMoKNhv80qyuO88qQCJi33owKmGQ&sig=Cg0ArKJSzKgfjxR1BccbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=256&cbvp=1&cstd=253&cisv=r20220317.70956&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 22 Mar 2022 04:06:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
index.html
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/ Frame 5BB5
113 KB
28 KB
Document
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=xdjJ9XweGu&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56bfc89aa9c7aa97db2e2d727b124c66255a19070cc324c9526ff3ff75de8d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-richmedia-studio-eng"
report-to
{"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
timing-allow-origin
*
content-length
28832
date
Tue, 22 Mar 2022 04:06:28 GMT
expires
Tue, 22 Mar 2022 04:56:28 GMT
cache-control
public, max-age=3000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame FA33
0
24 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsve-7lzSH9DaAczyUtkFtSAZlaHg3Cr_geyWcbl7ICsRFNVUq32j4sXC2yteY8X5UJMzz1h2TP5KPyr5nN4JvOm2_-VDxb5Zi6l-nP3W3fdvI_EpGEslxQ--IiO4MafWEV4ltKmp56RtPbaEKHokbWUfXkqqsWUgxkgBVElY7_uQMsDHGD6p17Whxyk3vDOhKjlcltL8nF7yKB8gMQb15-lW5oF7EmpLeYYzdv6XMAbKfubaT4SAzUvTTkDzCf4uWaEM8dDF7gDq0BW7RI3138IyZa6Rfn_TSEh8qNQRFFkB9P5WMzB4Apv2Kw3fAikNs9SHHNiNCM6p1N0JxZjtnEjCVlZFp3_-NsFpwUa1CjLgDUTMDwYJu7IlfAtuKMO4YmE6WISyy4Sg9HpdA89enA_tjzklHlGTzi5o0k8uaWSZ6VgT8afELxUKGHr9QRb7pMojOquA79fhB3oUTRJu5En0kPfkGL0H8bxWvynUzc4M604kr_RFr8VctNsoEMt8up4YrZO6vR_5SjDP66gTXxjqU-XcDorP_HA2ov0Hk-D75IVwIs_W23j04ErJb3fzFstyOf8SpMEc1N_a2ouWWL0DEGtEAc9_pQ1go4hn-HhfRAPcPyPCg70zO0uWCqcNLnEYMPrDrb3fp3Tn1NVD4WGjeBT3MTn9-nqrNiTqsEybTx-0WsF9_uIkfkUhZpTUg5mAJmiCb9FueG2C9F_ehwr86_VFnUGEcH8prDZyrW96MRA7_y_YjBaYnkRovy__DRvQYeshXFDAGKwmccu2mk3RxdQfnnksHCEbWy-RMH1CjatDg0s-6SdazkVVa_nu8VW-geAyF_37XsnW8aonCmcfwThd0Tl-_oZqddxO6kob7ViJfEHfFzFKJGYWxtcONP8f81i_iwPVGbQwGhU2RTY8hj5nBa7_QhkeyA9jIxNf_I48UQR7p8865niAErKHlj60PYlg5mMQkQ9paG2nz_LJupiEyRnKoMNVUedyGzxEWiX0kIpUui7IWmxd7KMwh--zA7dmt4zCcQ2AwKaQbNjyr_iO3LGIXwWcY-6AGbuAmMxSOqPCdngmuCQxn2gS3r7GaINL3gOlSw718XNZ6m6Q1PUYEV58XQehahfMWc1jj97JaKMfBNS_Z7V2pFNgJ231LVXsQjdO_aCbmYCYP0Dv1wgRWq-awiafJFK-OHI7mGXNKunWftsrzVHIr9afMWHVcE1AfqbEtXqzM6FRiOb_aAKyHYn9d6AqTd8XMFuA9l-ke-0&sai=AMfl-YSyOzOh0Gk4ANOcpII-lc_HycCAxGHBAQgpjfnURgSNv6l8vpQMBiRNf4WKZzlBQs4giXbF9Dudc1X-XAzkwtlGkx72SJm6gXuUZfyhc2ClFxYTXa3GE5m33MfS1O3unUcRkhDDRmTnujQgPERSPNxIRsfK_UWo-_m0LWrUp5yUlq0Q8-oLgt3hxxe9-FFQaIzrO2RzFrKP82AeTexPeg&sig=Cg0ArKJSzG81JdmT5JHyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=236&cbvp=1&cstd=233&cisv=r20220317.18907&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Tue, 22 Mar 2022 04:06:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 148D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEH-DCmnsVAu4wkkc6kDi3kY&google_cver=1&google_push=AYg5qPJItSkNpJy0knjw2Y-CuppGYZXyIT0KGxzFTYAadDZAFqmT1aQnsuD_Y9Vix3o927ddmsGI2pe4w6OLM6PvMBq0M2TD4Be3
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzgwNjk0NjEzNDcyMjMyNzY4Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH-DCmnsVAu4wkkc6kDi3kY&google_cver=1
43 B
398 B
Image
General
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH-DCmnsVAu4wkkc6kDi3kY&google_cver=1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEH-DCmnsVAu4wkkc6kDi3kY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 148D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPK6dM6Sd9BvX2hEjtpJedo&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPK6dM6Sd9BvX2hEjtpJedo&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjFlY2ZJaWQxTnd2TVY1&google_gid=CAESEPK6dM6Sd9BvX2hEjtpJedo&google_cver=1&google_push=AYg5qPKn8HUUIIPSairA-mciVRqj2BeCOFunJ1aY2q7lZyd...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjFlY2ZJaWQxTnd2TVY1&google_gid=CAESEPK6dM6Sd9BvX2hEjtpJedo&google_cver=1&google_push=AYg5qPKn8HUUIIPSairA-mciVRqj2BeCOFunJ1aY2q7lZydDo6A0DXjfGt16RqSulOTG41HgEmg0aW-_47zYyxxvDVbVj8F7lyp1
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:28 GMT
Server
PingMatch/v2.0.30-713-gdae83a2#rel-ec2-master i-0ae965e2f8a6b4310@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MjFlY2ZJaWQxTnd2TVY1&google_gid=CAESEPK6dM6Sd9BvX2hEjtpJedo&google_cver=1&google_push=AYg5qPKn8HUUIIPSairA-mciVRqj2BeCOFunJ1aY2q7lZydDo6A0DXjfGt16RqSulOTG41HgEmg0aW-_47zYyxxvDVbVj8F7lyp1
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 148D
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEBgi2S9_02R0aUUu4kQ0qjk&google_cver=1&google_push=AYg5qPK06RZOmwyzmBBcKXv7W1xg0GXkNaoHy2HYocGzdTFDjlPqncQf7g403zJXltEdAZZ7LNJuB4GN1y7...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK06RZOmwyzmBBcKXv7W1xg0GXkNaoHy2HYocGzdTFDjlPqncQf7g403zJXltEdAZZ7LNJuB4GN1y7PE54wrr8BEJt0MDN3&google_hm=2s-oh2HJTka_lvDlf_Iptyc
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK06RZOmwyzmBBcKXv7W1xg0GXkNaoHy2HYocGzdTFDjlPqncQf7g403zJXltEdAZZ7LNJuB4GN1y7PE54wrr8BEJt0MDN3&google_hm=2s-oh2HJTka_lvDlf_Iptyc
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPK06RZOmwyzmBBcKXv7W1xg0GXkNaoHy2HYocGzdTFDjlPqncQf7g403zJXltEdAZZ7LNJuB4GN1y7PE54wrr8BEJt0MDN3&google_hm=2s-oh2HJTka_lvDlf_Iptyc
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 148D
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEEMqpy2xDiXRiihviBMcPeM&google_cver=1&google_push=AYg5qPKQQ9jTKP1IYLKtrQj1PcmtjQKiJlqzIZLzALY2yIuj8mYF1Q3dXFbyj8Be_9nCA22O1aAFXtwNHUEusb7b...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKQQ9jTKP1IYLKtrQj1PcmtjQKiJlqzIZLzALY2yIuj8mYF1Q3dXFbyj8Be_9nCA22O1aAFXtwNHUEusb7b9qHU1hw-xnw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKQQ9jTKP1IYLKtrQj1PcmtjQKiJlqzIZLzALY2yIuj8mYF1Q3dXFbyj8Be_9nCA22O1aAFXtwNHUEusb7b9qHU1hw-xnw
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 22 Mar 2022 04:06:28 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPKQQ9jTKP1IYLKtrQj1PcmtjQKiJlqzIZLzALY2yIuj8mYF1Q3dXFbyj8Be_9nCA22O1aAFXtwNHUEusb7b9qHU1hw-xnw
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
cvVgnqah1lkdZUx_PERU12nurzDZxepVZNcYTuQxjKHjb5IuRC7O9w==
pixel
cm.g.doubleclick.net/ Frame 148D
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDF63aMzvpnCYBWqZrZHluA&google_cver=1&google_push=AYg5qPIxitJyjy14O57LQZKW3vOBzoUklbZwgSsTkyck4uwl6J-BdMFvLTpLxue4A8tMDPXgYvJOXnhW2mgeK5ojG2HHZGMJKAoc
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkwOTIzNTg4MDY2OTU4NDAwMFYxMA%3d%3d&mn_hm=MjkwOTIzNTg4MDY2OTU4NDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIxitJyjy14O57LQZKW3vOBzoU...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkwOTIzNTg4MDY2OTU4NDAwMFYxMA%3d%3d&mn_hm=MjkwOTIzNTg4MDY2OTU4NDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIxitJyjy14O57LQZKW3vOBzoUklbZwgSsTkyck4uwl6J-BdMFvLTpLxue4A8tMDPXgYvJOXnhW2mgeK5ojG2HHZGMJKAoc&gdpr=&gdpr_consent=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 22 Mar 2022 04:06:28 GMT
Server
Apache
P3P
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MjkwOTIzNTg4MDY2OTU4NDAwMFYxMA%3d%3d&mn_hm=MjkwOTIzNTg4MDY2OTU4NDAwMFYxMA%3d%3d&google_sc=1&google_push=AYg5qPIxitJyjy14O57LQZKW3vOBzoUklbZwgSsTkyck4uwl6J-BdMFvLTpLxue4A8tMDPXgYvJOXnhW2mgeK5ojG2HHZGMJKAoc&gdpr=&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html
Content-Length
154
X-MNET-HL2
E
Expires
Tue, 22 Mar 2022 04:06:28 GMT
sync
ssbsync.smartadserver.com/api/ Frame 148D
0
75 B
Image
General
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENtLk0wY3QdzIphjbmCFbY4&google_cver=1&google_push=AYg5qPKlzDr7byo5xKcXhO9O-JsIgSkTO5--X4-FYQRsjfWedz4WYlCzq1Pag7HRQh-XyKefiSdyTKRGjf6SQ3md52k53ObgUIh4
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-length
0
um
cs.emxdgt.com/ Frame 148D
0
59 B
Image
General
Full URL
https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESEKFyjBe6VQv1o_3ZSHUNh2Q&google_cver=1&google_push=AYg5qPLaYs5znALN2Pgql4vtDIqNqch-m4H9qDBcqcO7_7FtqQYHAV0HJhkDBSE6cUYo-PW9nTpb43w3T4HJXHDm1N67E1deJBsgcw
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-length
0
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 148D
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQ9sa_gjpvo8sojgETKwH_B_40PseyeHn6V4MHZrb-NSEtHKO3Z0pxsuuMdKHRwIP5s6HviQ
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CCAC
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 07:28:30 GMT
expires
Fri, 17 Mar 2023 07:28:30 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
419878
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8496
22 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Thu, 17 Mar 2022 07:28:30 GMT
expires
Fri, 17 Mar 2023 07:28:30 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
419878
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame AED5
29 KB
10 KB
Script
General
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/10852055/1643292360957/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 12:47:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55126
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 12:47:42 GMT
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame 051E
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 22:49:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
191795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 22:49:53 GMT
pixel
cm.g.doubleclick.net/ Frame 12BC
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBdTekdK8l6JZQVHAfBH0iE&google_cver=1&google_push=AYg5qPJ2lV0FHfuj6myDmx2_HCXvtJeJ54JbqcE4itwR4d1iJcrZkB3Bls...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJ2lV0FHfuj6myDmx2_HCXvtJeJ54JbqcE4itwR4d1iJcrZkB3BlsWIYg5TdaIvMSULIi-bCo2Yky3CMFxoUWlexqgnOAL0&google_hm=0Ud45bkYiwOB...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJ2lV0FHfuj6myDmx2_HCXvtJeJ54JbqcE4itwR4d1iJcrZkB3BlsWIYg5TdaIvMSULIi-bCo2Yky3CMFxoUWlexqgnOAL0&google_hm=0Ud45bkYiwOBH6jV11gJcQ
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJ2lV0FHfuj6myDmx2_HCXvtJeJ54JbqcE4itwR4d1iJcrZkB3BlsWIYg5TdaIvMSULIi-bCo2Yky3CMFxoUWlexqgnOAL0&google_hm=0Ud45bkYiwOBH6jV11gJcQ
pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 12BC
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKljno6e-YpqS5SItjCIxaD6S6IMe9Dqnh1OCo...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpsTFJRQUFCTGFPdkFPNw&google_push=AYg5qPKljno6e-YpqS5SItjCIxaD6S6IMe9Dqnh1OCoxGmiD7FGgmLMIzmG5t_fHc19IFN8RfoHGbfJJbUEMPG49bqSIqVog_F_d
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpsTFJRQUFCTGFPdkFPNw&google_push=AYg5qPKljno6e-YpqS5SItjCIxaD6S6IMe9Dqnh1OCoxGmiD7FGgmLMIzmG5t_fHc19IFN8RfoHGbfJJbUEMPG49bqSIqVog_F_d
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWpsTFJRQUFCTGFPdkFPNw&google_push=AYg5qPKljno6e-YpqS5SItjCIxaD6S6IMe9Dqnh1OCoxGmiD7FGgmLMIzmG5t_fHc19IFN8RfoHGbfJJbUEMPG49bqSIqVog_F_d
Date
Tue, 22 Mar 2022 04:06:29 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
dds
rtb.openx.net/sync/ Frame 12BC
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEEtPReGdd2Cf2W8TeLowwfo&google_cver=1&google_push=AYg5qPJL9w7ErYmyj5pgPTZdXQN-jpTxzeghP7xsgZYQ6-_4IoPdJx4fZoEXzmaHyGsN_IZdRU-UPe9HRa9-WD9Ef-m88E3se4qq
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
4qtg2eks0k1qfvfpalrl0hjtbd11rlcb
pixel
cm.g.doubleclick.net/ Frame 12BC
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=21q0qmKdQpyoNWXYUWvrhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=21q0qmKdQpyoNWXYUWvrhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLW-OO8BP-rqLHF8T0ju1Gngv1TTbVczjJ1ta8GBmOuByIjPdOqHM8WDFoQAqQ6BvPAHqvpZkw6Y6NYnDk8DRRaGUqV5uqA
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=21q0qmKdQpyoNWXYUWvrhQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLW-OO8BP-rqLHF8T0ju1Gngv1TTbVczjJ1ta8GBmOuByIjPdOqHM8WDFoQAqQ6BvPAHqvpZkw6Y6NYnDk8DRRaGUqV5uqA
date
Tue, 22 Mar 2022 04:06:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 12BC
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEFWOM8Map7onvD8A7PKR04s&google_cver=1&google_push=AYg5qPLXrO2DAHfW1BvPBve08wbFqUvvZ7WHiQ2MCOwXA7R32Rn7CYHC2_hfw2e5DNHjUiUH9X5...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDExTTdDSEMtMTYtRExBOA==&google_push=AYg5qPLXrO2DAHfW1BvPBve08wbFqUvvZ7WHiQ2MCOwXA7R32Rn7CYHC2_hfw2e5DNHjUiUH9X5JTysceukQFB4Asnu-s5hGSKIh
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDExTTdDSEMtMTYtRExBOA==&google_push=AYg5qPLXrO2DAHfW1BvPBve08wbFqUvvZ7WHiQ2MCOwXA7R32Rn7CYHC2_hfw2e5DNHjUiUH9X5JTysceukQFB4Asnu-s5hGSKIh
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDExTTdDSEMtMTYtRExBOA==&google_push=AYg5qPLXrO2DAHfW1BvPBve08wbFqUvvZ7WHiQ2MCOwXA7R32Rn7CYHC2_hfw2e5DNHjUiUH9X5JTysceukQFB4Asnu-s5hGSKIh
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 12BC
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZ...
0
0

pixel
cm.g.doubleclick.net/ Frame 12BC
Redirect Chain
  • https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEB5bKYk5nGyG7g9SvsM7cZY&google_cver=1&google_push=AYg5qPKtsNtC5ZEs_VcHETM5...
  • https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKtsNtC5ZEs_VcHETM5oKhonMZY1o0bt_EpAPxaWYgDyS1mCbfYsh2R70Ekj8MRaF47lxgMZ5Wi95DXQP341VgLOfGI1266&google_hm=fclblkycazcpsbebp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKtsNtC5ZEs_VcHETM5oKhonMZY1o0bt_EpAPxaWYgDyS1mCbfYsh2R70Ekj8MRaF47lxgMZ5Wi95DXQP341VgLOfGI1266&google_hm=fclblkycazcpsbebpfqdwqloweka
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPKtsNtC5ZEs_VcHETM5oKhonMZY1o0bt_EpAPxaWYgDyS1mCbfYsh2R70Ekj8MRaF47lxgMZ5Wi95DXQP341VgLOfGI1266&google_hm=fclblkycazcpsbebpfqdwqloweka
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Mon, 21 Mar 2022 04:06:29 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 12BC
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L3UjD4BCbGLN0mhrjw6UKmHna2JuXiNqy6n3WDdEDvBhg6FWtCH27gCxCRwgpy4Ae77uescw
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enabler_01_245.js
s0.2mdn.net/879366/ Frame 0A60
110 KB
38 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_245.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/260227187032981504/320x050.html?e=69&leftOffset=0&topOffset=0&c=meJY7ftQA1&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/260227187032981504/320x050.html?e=69&leftOffset=0&topOffset=0&c=meJY7ftQA1&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 14:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49494
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38568
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 19:32:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 14:21:34 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 0A60
60 KB
24 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/260227187032981504/320x050.html?e=69&leftOffset=0&topOffset=0&c=meJY7ftQA1&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/260227187032981504/320x050.html?e=69&leftOffset=0&topOffset=0&c=meJY7ftQA1&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 04:06:28 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 9102
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEHHusj6_kA7VjFEH96xBxGA&google_cver=1&google_push=AYg5qPJW9UGXqrLC35ReAgaFoiicYStJ6HrJvtnfToSe_SVdQFVZm8Y-XiImg8Jd2izoPy6Ia-MtLWmnahoi8V8W_DRPR6YzYDkWiw
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 9102
0
173 B
Image
General
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESED81Awv1zyYwgUaxJVoMQas&google_cver=1&google_push=AYg5qPKMHZzTDjlondCgSzF5SlTPHmFlooRQoyXiWbtpNw7csJNgIh65RP8S-9c52lM2zXpPCkj5bhvZOkK8Yp-MN0rTPzLScBAa2A
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dot.gif
s0.2mdn.net/ Frame 9102
43 B
65 B
Image
General
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEMBYlYIaeujNk3iDeq2mXjw&google_cver=1&google_push=AYg5qPK5kpsDqSfiGWbJMWgrI3n5ZQnmR4b6_RrK74UemajeUg1qEjfPBj6cHRNncsBlrrx_PNfUNRTgp9NhX7zUqPtXgbpgV5oX9w
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 04:06:28 GMT
pixel
cm.g.doubleclick.net/ Frame 9102
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEEKdIudzgrDSuSSyD-zgRg&google_cver=1&google_push=AYg5qPIu2WHOd-0Zt5z6yhykuDQLVxbmjUy0Amvt_82lbWqOQBbXXD12oxvqA3bQHDG_tVROphoRz6A8...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE0NDgxNzY1NDA0NTA0Mjk1Ng&google_push=AYg5qPIu2WHOd-0Zt5z6yhykuDQLVxbmjUy0Amvt_82lbWqOQBbXXD12oxvqA3bQHDG_tVROphoRz6...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE0NDgxNzY1NDA0NTA0Mjk1Ng&google_push=AYg5qPIu2WHOd-0Zt5z6yhykuDQLVxbmjUy0Amvt_82lbWqOQBbXXD12oxvqA3bQHDG_tVROphoRz6A882HRg3ww46MV5TQ2sRGa
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE0NDgxNzY1NDA0NTA0Mjk1Ng&google_push=AYg5qPIu2WHOd-0Zt5z6yhykuDQLVxbmjUy0Amvt_82lbWqOQBbXXD12oxvqA3bQHDG_tVROphoRz6A882HRg3ww46MV5TQ2sRGa
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9102
Redirect Chain
  • https://onetag-sys.com/sync/i,19/?google_gid=CAESEG0sQerRDZcsK8KBAdSED8s&google_cver=1&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
0
0

pixel
cm.g.doubleclick.net/ Frame 9102
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKPmJpmOUM0GnQGIRX1fseE&google_cver=1&google_push=AYg5qPKOcy9pu0GwgqjNGX3dXW8wNNCSPCyvdlbQHSvoPGzNvFbfZCCWwdoD4PxD430gvJ8kYo...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GYjBrODdORTJ1Rkx1em5UNVcxZjY2X1l6YVRyd2FyUn5B&google_push=AYg5qPKOcy9pu0GwgqjNGX3dXW8wNNCSPCyvdlbQHSvoPGzNvFbfZCCWw...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GYjBrODdORTJ1Rkx1em5UNVcxZjY2X1l6YVRyd2FyUn5B&google_push=AYg5qPKOcy9pu0GwgqjNGX3dXW8wNNCSPCyvdlbQHSvoPGzNvFbfZCCWwdoD4PxD430gvJ8kYoAQMvYQZFkaYENQZjNHrL6cTkfIXBY
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1GYjBrODdORTJ1Rkx1em5UNVcxZjY2X1l6YVRyd2FyUn5B&google_push=AYg5qPKOcy9pu0GwgqjNGX3dXW8wNNCSPCyvdlbQHSvoPGzNvFbfZCCWwdoD4PxD430gvJ8kYoAQMvYQZFkaYENQZjNHrL6cTkfIXBY
date
Tue, 22 Mar 2022 04:06:28 GMT
server
ATS/9.1.0.33
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/sync/i,19/ Frame 9102
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEG0sQerRDZcsK8KBAdSED8s&google_cver=1&google_push=AYg5qPJSZ8eiud8PMpchMIs8orWAiJsMr7s_otqOjRzIYelb45GPwt9CYE-UbLZFeszFhFMdolcr8_rClBy...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPJSZ8eiud8PMpchMIs8orWAiJsMr7s_otqOjRzIYelb45GPwt9CYE-UbLZFeszFhFMdolcr8_rClBydjYQzekiFtuomGxK-AeM
  • https://onetag-sys.com/sync/i,19/?google_error=5
0
148 B
Image
General
Full URL
https://onetag-sys.com/sync/i,19/?google_error=5
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-cache, no-transform
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/sync/i,19/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 9102
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2Q8k0zO0x22RHb1lwQZMvtBJ9NtpB1n9w-MzFxqkKVYbvHbjWoCsksm5-33mK5341ekFVotc
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 5667
4 KB
659 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a6135b4fdc2e5aa7701bef24955e945ee9222144edd93e00a27fea47e7fca8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 02:25:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 22 Mar 2022 04:06:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Mar 2022 04:06:28 GMT
gwd_webcomponents_min.js
www.gstatic.com/external_hosted/gwd_webcomponents/ Frame 5667
17 KB
6 KB
Script
General
Full URL
https://www.gstatic.com/external_hosted/gwd_webcomponents/gwd_webcomponents_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5622
x-xss-protection
0
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 22 Mar 2022 04:06:28 GMT
Enabler_01_238.js
s0.2mdn.net/879366/ Frame 5667
106 KB
36 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_238.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 10:03:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64954
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36751
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 21:21:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 10:03:54 GMT
css
fonts.googleapis.com/ Frame 5BB5
4 KB
659 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=xdjJ9XweGu&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2a6135b4fdc2e5aa7701bef24955e945ee9222144edd93e00a27fea47e7fca8b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 22 Mar 2022 03:44:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 22 Mar 2022 04:06:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 22 Mar 2022 04:06:28 GMT
gwd_webcomponents_min.js
www.gstatic.com/external_hosted/gwd_webcomponents/ Frame 5BB5
17 KB
6 KB
Script
General
Full URL
https://www.gstatic.com/external_hosted/gwd_webcomponents/gwd_webcomponents_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=xdjJ9XweGu&t=1&renderingType=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5622
x-xss-protection
0
last-modified
Thu, 03 Oct 2019 10:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=0
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Tue, 22 Mar 2022 04:06:28 GMT
Enabler_01_238.js
s0.2mdn.net/879366/ Frame 5BB5
106 KB
36 KB
Script
General
Full URL
https://s0.2mdn.net/879366/Enabler_01_238.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=xdjJ9XweGu&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=xdjJ9XweGu&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 10:03:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64954
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36751
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 21:21:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 10:03:54 GMT
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame 97BD
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 22:49:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
191795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 22:49:53 GMT
ev_view.aspx
inv-nets.admixer.net/
43 B
300 B
Image
General
Full URL
https://inv-nets.admixer.net/ev_view.aspx?cc=DE&am-uid=b2d7dbba5e8345328475ef26e78e696e&zone=E7702231-2E98-4FD2-8C48-2B474CAB0363&device=28&rule=367981D1-53B6-4DD6-8A3E-50DB6709E57C&requestId=6d4d30c9-45aa-41a3-82a5-3edb3b5f16f0&hp=-370074540&page=ivona.ua%2F&segments=495%2C5%2C2&ts=637835187862676021&ap=NDU%3D&asign=1410551059&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=Core-Backbone&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=B33B3BDF-BE0E-438D-ADD0-AADF085D0524&inst=ADS-EU-7&pxl=0&pvid=b9919893-1840-4d8e-8e17-840011b01401&ip=82.199.130.39&item=F8B2536D-904F-43FA-A7FF-34F8638AC44B&crid=F8B2536D-904F-43FA-A7FF-34F8638AC44B&profile=A882975B-8C3C-40D9-B188-89F4EF2DFCE1&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=9&sw=[e=screen.width]&sh=[e=screen.height]&sf=0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:28 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=25
Content-Length
43
X-Xss-Protection
0
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame CCAC
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 22:49:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
191795
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 22:49:53 GMT
/
track.adform.net/adfserve/ Frame 0414
3 KB
2 KB
Script
General
Full URL
https://track.adform.net/adfserve/?CC=1&bn=53795657;click=https%3A%2F%2Fhal90008.redintelligence.net%2Fc%2Fpk29uozkvkorfqf%3Ftprde%3D;js=1;adfxid=1x;5060;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0&CREFURL=https%3A%2F%2Fivona.ua
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
890472238ca9a7abb8cdf59d3d3f88852036c2b958e51ca26f9761286fa6d9d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
1933
expires
-1
view
googleads4.g.doubleclick.net/pcs/ Frame 2BFE
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvvucRVyCpyS2LeSFc-1ogz3hvi-WST6kxv78oHcJTQoibSd1SaZtu8HlHsbXQJTHp47TMynT_T06b3Dh8HYl8hm_UOnoYB1fzSybOPkT5T4vUUvsJaKOQ3jl3DTbFGfB3MiO4srcIzRegmR0fau8R6mKHa330f-F5g7wOpaHOvcDYWYnXOQCk-k1Y6q_LQZaRFO8qacBDicoiZhm0rsnAG2bzK9JiNPBGKCBotbZVirKYwKIIoecsUKA8WP5JI2jhrb5svGq6R6inhCwM8XjzvW02I9PAHXLkmWPiQD8PIzBA0WqkYMWZH_Tlt3fwkZiDIzjnCRnMdRmseVch127io-OBE5jEecQ_TWBfzay4HlWZza8opd-2l7a-wYvNE6L8JILyvEQpbo0sP6XwL8q3w4GHDAnPxneQ-L4BXZSxvHCignSPYUg_A5pS8udk25I1PAh2At3tA3Kdun0iOTRuGTEMfaathF3VmKYuEU84ZBxGTZ82yBltp0CMeDg76tklqu4SQbbc__mccTXvb3e_NnNhBjrxUBFNR-1Sa3bhdr0lPJ1mZx-Yq-6DVlcqNhRimPOYVosmxSq654mO7PwnqWZO5VBamVJQw-B-zydldKM-Pxh98b5cwNhteID6HrdS2gxDisjPInOAkB-clLNVBbQXnJhnPt9x8RvtlzzZWP5ETezbKefwgx0LAqXtd87VJLNsSHug1wo-8uNDyoN1bXRQM_Q7Yh-yvA-1mbz8N45pgeh-6cX_OJ9oZcMPe68A_SpmOp4JfOqdM__WcpyUHBM_Xt0z65TBGsCjCsNOhN4J0J0vWZfBJHvo8Wc2uIH2pQ3f8g9mWdP99Q8xSae0kbhm0gkp8w7Xc_zZ-bXtJZBn22a5ZVnKi0ekJB9f9uc7O1JY4qSywxHDPH4yY2GbLcqIoVkTYYd5wLQuQ5z2_4U29bSh_lpVD3ERiwcODU4VkReYw_HOchXI3y6yWjQw_v-Ge10kIBSaSNwRADjyjfpdAv6qrzvYaBrDcL__9M6YhlgbQySSfjifCN3jXmOUNWzT6uryz5Y7k1Vrn4_VK147li7V1kxlAaCyWziIwwE46YkwPQEGYBCR4aeEJdtMFzVnEznTmhYpLGYU74X-yFRDZFdYWCQCKigPZByC_yQqviyJ15w1XwjbhT97legzd9dFMju9UJb1SVwoK_WZtKv7uSsiEo9B6Pe0ns_rL7AlZpQuJhJOiefuWLf7pLjL1-z5P59Dy&sai=AMfl-YQxIF15PcB4NU7kO-qhsdu-Pi7p2U82dwwPtxJQLy9WFlPi1fmu6iqn-Vy4p73rIhP1Tw-U7pho4IE5hkuKmcpu8ST6C4kHLl_aUu5ah2MPmG6KX4cAkWe3zBIgW1aYQA7owgbg1XFyo8n0BpXzNUze8mLQgJIoYQQ7-5HbO_Czzptsky3IhRHrVShKiEYylMSFxeE6MM0JrOynQk6nug&sig=Cg0ArKJSzFfR1abBDJF7EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=537&vt=11&dtpt=327&dett=3&cstd=204&cisv=r20220317.79202&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame 8496
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 22:49:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
191796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 22:49:53 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/ Frame 1983
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 09:21:39 GMT
x-content-type-options
nosniff
age
67490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:19:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Mar 2023 09:21:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 1983
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 18:59:49 GMT
x-content-type-options
nosniff
age
551200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 18:59:49 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/ Frame 5667
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 09:21:39 GMT
x-content-type-options
nosniff
age
67490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:19:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Mar 2023 09:21:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5667
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 18:59:49 GMT
x-content-type-options
nosniff
age
551200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 18:59:49 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v24/ Frame 5BB5
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/robotocondensed/v24/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 09:21:39 GMT
x-content-type-options
nosniff
age
67490
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:19:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 21 Mar 2023 09:21:39 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5BB5
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700|Roboto:regular
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://s0.2mdn.net
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 15 Mar 2022 18:59:49 GMT
x-content-type-options
nosniff
age
551200
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 15 Mar 2023 18:59:49 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2200
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssh3tLE7sFO13s1SjL8GF-kS8TAiVKBG0ZkDhFKi299DaqHeZ9OiQDrnYtmuNqi5uowFKe9iBwwO-z6i4m395ehNoNw7mflPodI6sJC4K5P_c69JjaRO3iNIrarVVIlO9ix4o6RDbb19KYLWrVfjUEkzbrSGuw8VxhVTQ_so7z1h-uR9JNO3tkGa43lRoB2EHz77yzJE8wOTFfBeSEVbQKOvg7ib6kkLAE8gyDSzvuHOirytdIUckBBIwLvQbXohTLsKoXR3QS9gwASeOy8kPfI1UtoYl_AH0gHngN2qhmJb_MOlNludyyj5t8vx8CGohXeJtXOLwqovn5ZFMG8v0IkDBSP_gwbNH0MePGi1FMZmMM9e0HWVCJLltNEcFeN7CPjbAwHq2A1KlhCynLdniMcHJUNCMFdGWq_wyQ5PQbyk0EpT5DwZMoz6y1Xyp_-rOH94DKwxaRqjRcGjmKTi9O6x82Np0_dhS8l7x1Cx-zYS38lMuWD0uUICuPC1qfxOmga4o1mIDRAlGZ69tgwvU-XpQ6pTQ4sHl3zLGAedAcLbRYbgNk8UBpxfuTkx1AEvz-Ft5OZuLaUt42EGO8WUBTvih-gbe44V0H9gWrgw-sjAWjXzWBrIHKWxvuDeBrUWlwqBIL6JIReGodDemsiD2vgCpCDo7UFsi0fXmzuTAmG2Q5hLbH8yz5v5cQj7cW4IcqOOxqluwnru-Maf3hs9ytX_3LKuDb75D3XUe6Y7JxZ2mc2lTQwBoyjGptviGNGDNeAQ-dTYF_Y8ZKKhlUBBvycF-_2wTysBhcAy_9yxlpJ_N_sjqnbUwJRj_a4FKKNwlzTxax2eQmq9ubrBDtoeSQuifzvVg2SNOkGW-r-zW-S5QCcToxL1evBNrQcs9vKN7W_DbVgVuVXPq84NeD3flLEgSgR5Fca9ZVPqWBWO8zIpIgW9Sp372ZZiC1-NCypxIhlVyzo3l5abtDwRFhyF8rxAcWqHuNp5hoGq6C-wACeomdGbRTX8WMutoSCsJV9E0Q-fWpOnayeFGdd4HZcplfysfcHTJ8lQL9HzrLrh1nDKpEzpShrWJTVJRQXYnYFqiM8xpDyJIvlv3ffQKDSuuaDkZFlEIul028ko7W9UuChnyXV5fWhI3_MshYOdwgQ0m0dWE47Kqm4lC2yhfhxKiuhCC7kj5zN5Kqwjine1XNIhgnNIgWYpFLErtcyjCx_HhuV31sQih2_QBlaWPM5rIdUNHxl&sai=AMfl-YRtMXflEMQysUXhiYWlpvqMx-dNOx-mt0RW960HPrqpgHvNja7hydfE4SgISJuiiPw5KYKVadePm-19DZnjahShW7trLcY6g0BzSuc64OkV4sbjRN2KTJSEtB-tJfFs9laCn3u5tOlqmgm801BCOMtOL4NiFj6dyjwjJAOnrwYzWd0oTUFe85fiZzJPz4Dxbuv9hOgg_6rj8agGrsAQ8w&sig=Cg0ArKJSzD4Vrnr8AeGpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=748&vt=11&dtpt=426&dett=3&cstd=319&cisv=r20220317.28354&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
activeview
pagead2.googlesyndication.com/pcs/ Frame 099C
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkAvt5zMguKkHNs6VR0WPqgq0myttjNhJ352yLP9fw2iaNaOM83Rt2uAoSrkiJBlYbSvEXAFcaFoYCXVzoOR1CWw&sig=Cg0ArKJSzHVf_IqlDu5oEAE&cid=CAASF-RoHIKGvX00AHdNEQs2Hx9Te0s_2jFg&id=lidar2&mcvt=1043&p=0,0,90,728&mtos=1043,1043,1043,1043,1043&tos=1043,0,0,0,0&v=20220321&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=739537396&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1647921986777&rpt=1279&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8E9B
0
23 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bybj_REs5YrjGA_z97_UPtuOdkAQAAAAAOAHgBAI&bg=!MzClMHTNAAba2mK92to7ACkAdvg8WnwrER34oNXIhslpX-pEknUti4GwIYgmaImXYjK8FdP0WhkWrgIAAAE2UgAAAAVoAQeZA0FTC89zNwrDCyD03kd7o82bn1SqXURWW0eYgqwvFhxrMeoGku5iqIFtZzx5xdWhBwFVAJa0QFDiGQ5yRswUzoPhlO47sGW5hnnvwfZDUeDmZVcsLUaZaRLiq6ozLkukXP7CEM7VG1PratBBDbzuIwBFAbeJEgHK4CgCrn0k3480pTf68aBflw2MsQLgUvAlMW67kQ5eFISdbZ6h7RWJUPy7cNoTLnI5zKDdiCfLaYKP6P5CIkDjUB_jzHPYwoMtYFIE5VdfQ_z0nngkzoFyOzmXvhicUNcUSE1vQymBqZw78x1YLLlLh5kSSAwhTUTsAkB95gIgj4JryzyIzcxZn01tVUnno0M9WtVzK2d-3R6D-_HvNZxXIdcsvutFr8zpmnouRB93Nw7WfAB-7XWNcNUVLB-blPOkDjakvaKX2kHR5vNNDtzD2Pex0d-zPhTnShE0ZPDBbxo4scptgLkqYoZtfreLo5yMdF4baYqAympAghMcpP0IN2ALzHNl_VdL8xFOdzNwMJ-jhWki6Tpx0M7XCi1ECWo69SPwehdz6d2sW0Ug_1L_b6AmedFBF1c6CFyT7GZ1KR6-EShLLOxsWXnrK56E4bZfuk9CGeJUgDasFVOWygEhRjD-ZGQKDwmubWcIklNh2BW3wf32oNz9H9GDB-kIQXCEOe1aaxvV8Yv_IxmiYlFrsa9z1wa4otEFWggy0WEw78vACYPFerzswRvFGcMSDmUuxENhX9zxdlJHgAgpj5HX3WqY9R9YHu__x51ncWiOfskd8BpHCGkQDTvXxObJK2Ce9yAfvHYALQ2pKw_833dUaxZRfOlQCodS6u_KvsEuTNLJfZWKzMjpG-qulK-_rozfnnvxcgTRRQmhyS4pDajhLPVUJy_FKbJxOZnSwjLZyKNpCN2ld9jmGlfOdMI-jyC8bEIvkjw40oef6rDwLJtluFRnpT1u9rWm7qByrY4vxhqRuao4lEN2vRJDniV8ObE198B3ZaS-f-XSjlwzxOiwk48Ial4gZ2iz3Zv53dsZ8FRZuJq2v8fz-sc275XPJl5PKU4bFoe71djDrl5LVI1CnfDnK-i-EMSIqquRclahOADdmblc9vHJDbHnRw
Requested by
Host: 3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL: https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CTA_JetztReinlesen.svg
s0.2mdn.net/10852055/1643292360957/ Frame AED5
5 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/CTA_JetztReinlesen.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50d7d94410ff16c24db95f131746a855300256defa9dfb4dd8e5c9131d0ee016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1600
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:06:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 00:46:39 GMT
CTA_Buch.svg
s0.2mdn.net/10852055/1643292360957/ Frame AED5
4 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/CTA_Buch.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e2ad399edc1695ec19228b68829128919bbc7fd1ab664be415f06ef3e9e6436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1542
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:06:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 00:46:39 GMT
CTA_Buch-hover.svg
s0.2mdn.net/10852055/1643292360957/ Frame AED5
4 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/CTA_Buch-hover.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
644dd08aa6d64a4d31e0df7feef58f753382ccd5769f9d26aa426ea2f49656a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1539
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:06:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 00:46:39 GMT
H4.svg
s0.2mdn.net/10852055/1643292360957/ Frame AED5
3 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/H4.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90a16f7efd590e129e99a3c5fc8886259be51cf6205e8f582ad69da2f77b64e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1367
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:06:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 00:46:39 GMT
Buch_WELT-OHNE-MORGEN.png
s0.2mdn.net/10852055/1643292360957/ Frame AED5
80 KB
80 KB
Image
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/Buch_WELT-OHNE-MORGEN.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94efbcbddc045364d47cd2b5d0b21b9ef088193e0187fead4094cbfd440ba49f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:23:11 GMT
x-content-type-options
nosniff
age
13398
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
81744
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:06:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 00:23:11 GMT
H2.svg
s0.2mdn.net/10852055/1643292360957/ Frame AED5
10 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/H2.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe26508b493439d336ef61b807d8f9e4c41415b59fcbd35753498512d816970b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3317
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:06:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 00:46:39 GMT
Buch_ETHAN-CROSS.png
s0.2mdn.net/10852055/1643292360957/ Frame AED5
88 KB
88 KB
Image
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/Buch_ETHAN-CROSS.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60913d7f0a99b85754f1bdf3666856f52e1a041ce2fa58c0f01bb794a8649710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:23:11 GMT
x-content-type-options
nosniff
age
13398
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89662
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:06:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 00:23:11 GMT
H3.svg
s0.2mdn.net/10852055/1643292360957/ Frame AED5
7 KB
3 KB
Image
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/H3.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f0bf36f4a11443a6f4400d1257cccdeffce17d2e243507d864c06a211251ce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2618
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:06:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 00:46:39 GMT
Buch_RED-TRAITOR.png
s0.2mdn.net/10852055/1643292360957/ Frame AED5
75 KB
75 KB
Image
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/Buch_RED-TRAITOR.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8c4970effe0407ad472f9100787e4b62250369cafc1da77e41a8ced7166758a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:23:11 GMT
x-content-type-options
nosniff
age
13398
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
77265
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:06:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 00:23:11 GMT
H1-1.svg
s0.2mdn.net/10852055/1643292360957/ Frame AED5
1 KB
658 B
Image
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/H1-1.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a5bee91860d073538c8117cde2b4033362dd7ae82ae87b18412da76a861d74d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
630
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:06:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 00:46:39 GMT
H1-2.svg
s0.2mdn.net/10852055/1643292360957/ Frame AED5
4 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/H1-2.svg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5896ea849925a8d011fdf4335065a28cb8e14b03a822a427d1512bd42ec12740
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:46:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11990
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1831
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:06:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 00:46:39 GMT
Logo-Luebbe_white.png
s0.2mdn.net/10852055/1643292360957/ Frame AED5
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/Logo-Luebbe_white.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
72b580a3910165e1d90e683efbdc98dec5e188d11827b42ace5b28146a38c85a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:23:11 GMT
x-content-type-options
nosniff
age
13398
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4023
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:06:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 00:23:11 GMT
thriller-bg.jpg
s0.2mdn.net/10852055/1643292360957/ Frame AED5
370 KB
370 KB
Image
General
Full URL
https://s0.2mdn.net/10852055/1643292360957/thriller-bg.jpg
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42e83052d92107ab13f5565a4101eb3f49457ce252a2310a09b4f4baafbb28c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/10852055/1643292360957/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 00:23:11 GMT
x-content-type-options
nosniff
age
13398
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
378568
x-xss-protection
0
last-modified
Thu, 27 Jan 2022 14:06:01 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 23 Mar 2022 00:23:11 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 60B5
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstTXduIyzTTuFVsSDz-Aiuv63rkDMdWH1hlMfrpN6BSB_MRGZuNrqFR1Rn_LW5rB9cUJqu4ZXzrpPZdaJe5hAf1Kvp66K9ekqTSZ9fOqgpaZ7a-wfhe22OkM81vNhhp8HqU3pU50idl_-ZN9MUdfxJPPlIIZL0g8h7DBcRs599bCQGNWWukBMElzGs8W-3ZnxFmaJTNASD6pkMotfaeA7sxEISg9CYN9d25Y4_8rVhoV8VRSoigzN6ch40APdfVU7vTklnVUIp-HolsKW6gd_brEx6R6QQtnJfWO-0TvNZfHJZWYdWdrQlsdNEC9HswAHTr1dJoJEqk2KmDQfhrqRBhVh8Rfly8kB4kJM_MnUDoidcLDDDqWFPvoTLxltn3aknAJwtxX_ZSRYyYolO_AvZ2aMVsRONXH7IMGjcn2h3xjt1L9_vvoSVQ38arPHXfmiMocEVrQWkw1PHeKYFz8L4iold8aBFCV69cETZZyAGiZKlRQ6LLqJtla0KRkIXFZquaSDO8bTSuPZ7W-_cNFgF9GTWswu6LV4Vbon2l3Eh0-fziLMkTsFpCYxTWukhqMpcl_3xHDzF9cdJHv0NZtoZ7ffPYochdacHdQm-Su1qxoj1ooyts-M1PDbn_5Y9WuVas0ZhuqVOFkM78CnUYCcV2x2bNOmWiPISQQE-C-i29CJKthRt9qhSfaoq5EBAo3OnIK_q6JK6JmnNtPqE3Wr7xe496sDJNktf-QUTQ0J-1sEqqyezwqCtoy_7nedFCVYTQb2zJfFNUIoIceo4GaZIRTVls3KlCHH8qlfT7GHAMEGQ3K42oa2VfTZkU_Qv2PZIgKmtXFUBN_C8wM-qajVoekJGN1QJPQStQRMRRvFL8mDgWIZWi9H6l-frM822Xf0GKgFBYtAUgES9JcNDjkxYl2DN0Xqe04no766nA_4OXwjrSwpad2CHlnGesCEUyHpT0HQFU-gKhD-uqqh0AbIGKfrejbAJlb6ooPRdo-GJ3AJrIhrP4Ow4RfbrYiIWkc_sKiJxhWcwnJpjixxQ6vugL6rH42TTlcsp8btn3_4NPO9Hd9bRzSeJWPjR1PWt-GDu1mYmGiSuoxlzlj2joNH-GNf_dxnLPlcxGhL1i2sS7-xXQ8i7AhXvBY3m0CRW1WYhUa8dAAukbiK2WVOUIEJDpkTsh9ioqMhr-OBcthlT2h2xRpgR8M1N-OfcZtYwNzuOwViUT5xRasVY4SFY-yXML5pWP4uh0owo2SfyTVvCSIjI7CAK5JMKPtQ&sai=AMfl-YTIySGdfhw5FbW2jD-csO8KHNCPb0kV4pbK39oCD5Np1gTMp0uhFbVaddiEgbKazM2MZqxjTI3JeS5Big9JAbjb8zjrVi18FmDDJRXGOlzxl_HUAGsI0QGd8gVRqVddZhhj8KsorT6g6haX5T4a1tDVgaMZ-jZKtCQmFQ23AqasDYHM5k_XLoFB47OLdyc0ALzPQ-vjc9r93Ra_WoSyEQ&sig=Cg0ArKJSzEcauVWUGZfOEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1017&vt=11&dtpt=661&dett=3&cstd=351&cisv=r20220317.42238&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame 4B5A
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst-pgGbOLOWtU8_WB2PRvqNkjE4c2WjgunHCzmjO_VQgk3QkI8pJawU-GHmJNra7a2D0Z65L4JFbFALJkR3BM-TtMSxKKPtR_oxq_-TWt6N1uZvFcxIu9QtXmjJmGcObLpZSBRVB4IsVy3pY8kZ3GQBxzZ0b1ENq8Weqp48p2h72zLbpwshpF7D0Zr-NcDDyjsCeeKmDGkNnDhs6etPe_2ohroMt9zGjxocN4YkLyICXro09RVuW8-KyqSNeUWwu3SED-SP_f9srj9nDe1v0-gOuaZa6Y68NQPQ85MmqbYVaLqg17pbeL-CO5URiBbUCM2eqCiSm_CXXrAnfOn-kXty-nJh4D-7EzVs8W49gYZbEwD9udQAzI0A_lmkHSV_mhNSQkT4kkaIclgM7d-OM_j2DLmQo68toi_7oVzUugSil4NJnZcdP45zOvd_sqwQrkKmLepuLW68NBPYDRLARKrejEIFqhtVv_P-UQZo6D5b7n5mN6vfYnYgLllQ8yPahxSPuwIFSuP9ZSD8wYBphNLtgh_P0E6MOl3gkQYxSlEzIbrRUC9TQmAz_jZXxyP3K_pg3ePBT4v9ZUBh8OrvDgfPC3XvbZR49Z7f8JnNt0d37sieHa0jqrl46VVxOJzOyIB3hArFoP2avCiUoUCER350ymO-bWo45GJg4jZuGZRRp2l3OpHsW16lSjTFlREV1ujG5qHhMz-8tsNyYVtzYcxocxiTuEu-4l6LTBCV2_aRpYw7muUPFIJQkM3X8DmYHUf6g_p4XhgfJiNy7MeH2NsXCh_zT0wcxa0GyxYg8eiSpOl6we6Q3Eq7bzC7TJeKmmDU_P15o5Oxl3oBs_GXORPQghzPPf9FJtm25PxRPrNlWYwFgY3D5HnPwX_OLjKIS49I2W2q35kXcEDBbUMUMTlEztTLUW20ErF3kCgeNq7hn3yxtGb3LgeJI3ZYJeeAO2G9x9nqYgpmbEN1eTGSas4AbINPTxyrpeUmhSX9fvPH3btwPh1WkvNQGXJw5smyCqOsqgasCtyNZ0OiP2MSl2PujMLns0FMRYxo3oGlA4sEKzIzCplo26hYO1f6n9ZbU_hcv65ieWzsR6CAhRQmj6I2yofDeNJLasnHekYwplkmJlzlIgl7R1hgkp3uLo_-ML79moTVyPvAnGkKpOPQ9nYdjYB6NixHVeoPYZg99leybHrRT-_Q9YWBofVEqm_PlIOQOeLxHBmSYTB8KUech1dhrzLtAOOTuGVPa9Au&sai=AMfl-YR5_1MGil8aaWjU2evTifNTPS5TevUlZzUdKsIG4y3xkXH-ureP5Aa8Y2o_gvb2liEDzVgSNghEGCqaJdmrUkZbAdJCfsvVdIZqkOuDhE7UYZdYiPFKIvkFd-XIa4sb7cWfYs_-N_ozyi0v3EF6zXZ5cieHEpYhcpjp7zYiYfjIEV-Gaeo4Jae2SsnMoKNhv80qyuO88qQCJi33owKmGQ&sig=Cg0ArKJSzKgfjxR1BccbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=722&vt=11&dtpt=466&dett=3&cstd=253&cisv=r20220317.70956&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
googleads4.g.doubleclick.net/pcs/ Frame FA33
0
23 B
Ping
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsve-7lzSH9DaAczyUtkFtSAZlaHg3Cr_geyWcbl7ICsRFNVUq32j4sXC2yteY8X5UJMzz1h2TP5KPyr5nN4JvOm2_-VDxb5Zi6l-nP3W3fdvI_EpGEslxQ--IiO4MafWEV4ltKmp56RtPbaEKHokbWUfXkqqsWUgxkgBVElY7_uQMsDHGD6p17Whxyk3vDOhKjlcltL8nF7yKB8gMQb15-lW5oF7EmpLeYYzdv6XMAbKfubaT4SAzUvTTkDzCf4uWaEM8dDF7gDq0BW7RI3138IyZa6Rfn_TSEh8qNQRFFkB9P5WMzB4Apv2Kw3fAikNs9SHHNiNCM6p1N0JxZjtnEjCVlZFp3_-NsFpwUa1CjLgDUTMDwYJu7IlfAtuKMO4YmE6WISyy4Sg9HpdA89enA_tjzklHlGTzi5o0k8uaWSZ6VgT8afELxUKGHr9QRb7pMojOquA79fhB3oUTRJu5En0kPfkGL0H8bxWvynUzc4M604kr_RFr8VctNsoEMt8up4YrZO6vR_5SjDP66gTXxjqU-XcDorP_HA2ov0Hk-D75IVwIs_W23j04ErJb3fzFstyOf8SpMEc1N_a2ouWWL0DEGtEAc9_pQ1go4hn-HhfRAPcPyPCg70zO0uWCqcNLnEYMPrDrb3fp3Tn1NVD4WGjeBT3MTn9-nqrNiTqsEybTx-0WsF9_uIkfkUhZpTUg5mAJmiCb9FueG2C9F_ehwr86_VFnUGEcH8prDZyrW96MRA7_y_YjBaYnkRovy__DRvQYeshXFDAGKwmccu2mk3RxdQfnnksHCEbWy-RMH1CjatDg0s-6SdazkVVa_nu8VW-geAyF_37XsnW8aonCmcfwThd0Tl-_oZqddxO6kob7ViJfEHfFzFKJGYWxtcONP8f81i_iwPVGbQwGhU2RTY8hj5nBa7_QhkeyA9jIxNf_I48UQR7p8865niAErKHlj60PYlg5mMQkQ9paG2nz_LJupiEyRnKoMNVUedyGzxEWiX0kIpUui7IWmxd7KMwh--zA7dmt4zCcQ2AwKaQbNjyr_iO3LGIXwWcY-6AGbuAmMxSOqPCdngmuCQxn2gS3r7GaINL3gOlSw718XNZ6m6Q1PUYEV58XQehahfMWc1jj97JaKMfBNS_Z7V2pFNgJ231LVXsQjdO_aCbmYCYP0Dv1wgRWq-awiafJFK-OHI7mGXNKunWftsrzVHIr9afMWHVcE1AfqbEtXqzM6FRiOb_aAKyHYn9d6AqTd8XMFuA9l-ke-0&sai=AMfl-YSyOzOh0Gk4ANOcpII-lc_HycCAxGHBAQgpjfnURgSNv6l8vpQMBiRNf4WKZzlBQs4giXbF9Dudc1X-XAzkwtlGkx72SJm6gXuUZfyhc2ClFxYTXa3GE5m33MfS1O3unUcRkhDDRmTnujQgPERSPNxIRsfK_UWo-_m0LWrUp5yUlq0Q8-oLgt3hxxe9-FFQaIzrO2RzFrKP82AeTexPeg&sig=Cg0ArKJSzG81JdmT5JHyEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=705&vt=11&dtpt=469&dett=3&cstd=233&cisv=r20220317.18907&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
prod_studio_01_238_configurablemodule.js
s0.2mdn.net/879366/ Frame 1983
31 KB
11 KB
Script
General
Full URL
https://s0.2mdn.net/879366/prod_studio_01_238_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_238.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=4DCIR0Xjx2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 10:03:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10829
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 21:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 10:03:56 GMT
truncated
/ Frame 0414
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0A60
7 KB
5 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
604101a36fa71dbfbecf6ac29b783e2879c58fe93135511e299b8920f0bd1e8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5529
x-xss-protection
0
60005582_20210429075356624_m-320x050_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 0A60
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210429075356624_m-320x050_LOOK-01.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abd997957ed00b3f3005fb952893a6e757b7dc38dbb4fa6f0e12592aaeb25ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/260227187032981504/320x050.html?e=69&leftOffset=0&topOffset=0&c=meJY7ftQA1&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:22:32 GMT
x-content-type-options
nosniff
age
53037
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7230
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 14:53:56 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 13:22:32 GMT
60005582_20210429075359706_m-320x050_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 0A60
7 KB
7 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210429075359706_m-320x050_LOOK-02.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21619248936f4d1b198aefbe7b89a7c855f29d4911d540d4d16c075a206aac12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/260227187032981504/320x050.html?e=69&leftOffset=0&topOffset=0&c=meJY7ftQA1&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:22:23 GMT
x-content-type-options
nosniff
age
53046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6847
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 14:53:59 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 13:22:23 GMT
60005582_20210429075403657_m-320x050_LOOK-03.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 0A60
6 KB
6 KB
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210429075403657_m-320x050_LOOK-03.png
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1f647bb2c2cd06b7531b514ad62a0d6c4b403329babd0a502e0f56fa6187b5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/260227187032981504/320x050.html?e=69&leftOffset=0&topOffset=0&c=meJY7ftQA1&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 13:22:23 GMT
x-content-type-options
nosniff
age
53046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6168
x-xss-protection
0
last-modified
Thu, 29 Apr 2021 14:54:03 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 13:22:23 GMT
postview.gif
portal.o2online.de/nws/img/ Frame 0A60
43 B
609 B
Image
General
Full URL
https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27008872_4307561_324455464_145979204_-0&ref=27008872_4307561_324455464_145979204_-0
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
82.113.101.132 Heusenstamm, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS
portal.o2online.de
Software
Apache /
Resource Hash
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:29 GMT
Last-Modified
Wed, 26 Aug 2020 10:11:24 GMT
Server
Apache
ETag
"2b-5adc50abeeb00"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection
close
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
/
www.facebook.com/login/ Frame 953B
Redirect Chain
  • https://www.facebook.com/v3.1/plugins/page.php?adapt_container_width=true&app_id=1797034293858937&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook...
0
0
Document
General
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31de5ec4464598%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff15d30d91dd2c2c%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=89a9060dd3c99587b42ae706e69cafd2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
about:blank

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
Y9nfiYvSszR8m52Wu5GdUeyYlDu3JhFu0Tj+54rDzPHEZZTyAPPBgdNmcrJ2FzZnnbioPVzT2F74aEbn/dzNog==
date
Tue, 22 Mar 2022 04:06:29 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D1797034293858937%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31de5ec4464598%2526domain%253Divona.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fivona.ua%25252Ff15d30d91dd2c2c%2526relation%253Dparent.parent%26container_width%3D320%26height%3D600%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FIvona.bigmir.net%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dtrue%26small_header%3Dtrue%26tabs%3Dtimeline
x-fb-rlafr
0
document-policy
force-load-at-top
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v6.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
JGHRO/I0ONjIHA0X8e0uCOzhMGo/oY6cao5/fa1Rp0CnuOtCkmmzbYFlKBS2YcW8hkw2f2Z4w0f/fBDvp/csEw==
content-length
0
date
Tue, 22 Mar 2022 04:06:29 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
sodar
pagead2.googlesyndication.com/getconfig/
13 KB
10 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220317&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c31215f8668d183f1b54033180f96e7bf6d64ada5fc3597c8dcedd0163c8b72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 22 Mar 2022 04:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10430
x-xss-protection
0
truncated
/
287 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
prod_studio_01_238_configurablemodule.js
s0.2mdn.net/879366/ Frame 5667
31 KB
11 KB
Script
General
Full URL
https://s0.2mdn.net/879366/prod_studio_01_238_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_238.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 10:03:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10829
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 21:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 10:03:56 GMT
prod_studio_01_238_configurablemodule.js
s0.2mdn.net/879366/ Frame 5BB5
31 KB
11 KB
Script
General
Full URL
https://s0.2mdn.net/879366/prod_studio_01_238_configurablemodule.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_238.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=xdjJ9XweGu&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 10:03:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64953
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10829
x-xss-protection
0
last-modified
Tue, 11 Jun 2019 21:21:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 10:03:56 GMT
Standard
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/ Frame 0414
90 KB
39 KB
Script
General
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:29 GMT
content-encoding
gzip
last-modified
Thu, 10 Feb 2022 15:16:56 GMT
server
nginx
x-cache-status
HIT
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Wed, 23 Mar 2022 06:58:55 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0A60
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Mar 2022 04:06:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203160101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=ivona.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 22 Mar 2022 04:06:29 GMT
arrowIcon.svg
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/ Frame 1983
429 B
287 B
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/arrowIcon.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
686e714a396ef9b1cb39f3c06f50dbc54b5105a6d3a7c41e013e624f3edfb84d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=4DCIR0Xjx2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:43:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252
x-xss-protection
0
last-modified
Thu, 19 Sep 2019 16:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-richmedia-studio-eng"
expires
Tue, 22 Mar 2022 04:33:13 GMT
6874211348065297878
s0.2mdn.net/simgad/ Frame 1983
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/6874211348065297878
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae161ed60b805ef55252d8015763b0d99d598643677e4a647862f6c4a6c6a8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=4DCIR0Xjx2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 04:24:51 GMT
x-content-type-options
nosniff
age
430898
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3815
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 16:30:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 04:24:51 GMT
11680859914692182044
s0.2mdn.net/simgad/ Frame 1983
14 KB
14 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/11680859914692182044
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6316733cee30d53f937ba821e429ea084ed89ec8367be14a676c4edb9d3730b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=4DCIR0Xjx2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 04:24:46 GMT
x-content-type-options
nosniff
age
430903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14398
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 14:19:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 04:24:46 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2200
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDENpjMIguf9NtRK0d0W1WR0Ks5LScnZ5k1tviRhvKvFt6E0Sgue5qVSeTiV_QUs1nk62cXpyDOYrXir1ceRpinadaazLw7Jwm5HJTonY63Xa9_BQOUw&sai=AMfl-YS5xc_N0qCFbrpyk8bqka2wZ1iK6QSb6JqlbX3JBTxni856bG0WZU9dC45fgtFYQ49M16FiqknLj0sTsW3E73GGu959jmvA1sWORcbriQWEjVl6SaChukBEOAM&sig=Cg0ArKJSzMqrUnSIbeUMEAE&cid=CAASJORoJlsYyto8i8qlwO1WGiZWl0ND09KpWk9jRZUzxpLh-lTQLw&id=lidar2&mcvt=1031&p=950,0,1000,320&mtos=0,1031,1031,1031,1031&tos=0,1031,0,0,0&v=20220321&bin=7&avms=nio&bs=0,0&mc=0.94&if=1&vu=1&app=0&itpl=20&adk=2128242484&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1647921988188&rpt=254&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
arrowIcon.svg
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/ Frame 5667
429 B
287 B
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/arrowIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
686e714a396ef9b1cb39f3c06f50dbc54b5105a6d3a7c41e013e624f3edfb84d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:43:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252
x-xss-protection
0
last-modified
Thu, 19 Sep 2019 16:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-richmedia-studio-eng"
expires
Tue, 22 Mar 2022 04:33:13 GMT
6874211348065297878
s0.2mdn.net/simgad/ Frame 5667
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/6874211348065297878
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae161ed60b805ef55252d8015763b0d99d598643677e4a647862f6c4a6c6a8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 04:24:51 GMT
x-content-type-options
nosniff
age
430898
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3815
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 16:30:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 04:24:51 GMT
11680859914692182044
s0.2mdn.net/simgad/ Frame 5667
14 KB
14 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/11680859914692182044
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6316733cee30d53f937ba821e429ea084ed89ec8367be14a676c4edb9d3730b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 04:24:46 GMT
x-content-type-options
nosniff
age
430903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14398
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 14:19:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 04:24:46 GMT
arrowIcon.svg
s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/ Frame 5BB5
429 B
287 B
Image
General
Full URL
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/arrowIcon.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=xdjJ9XweGu&t=1&renderingType=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
686e714a396ef9b1cb39f3c06f50dbc54b5105a6d3a7c41e013e624f3edfb84d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=xdjJ9XweGu&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:43:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1396
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252
x-xss-protection
0
last-modified
Thu, 19 Sep 2019 16:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-richmedia-studio-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-richmedia-studio-eng"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-richmedia-studio-eng"
expires
Tue, 22 Mar 2022 04:33:13 GMT
5866681218847015177
s0.2mdn.net/simgad/ Frame 5BB5
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/5866681218847015177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae161ed60b805ef55252d8015763b0d99d598643677e4a647862f6c4a6c6a8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=xdjJ9XweGu&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 03:54:21 GMT
x-content-type-options
nosniff
age
432728
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3815
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 16:26:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 03:54:21 GMT
5067881649366237532
s0.2mdn.net/simgad/ Frame 5BB5
35 KB
35 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/5067881649366237532
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5cd62ce7cfdc3778c2c0a2576587ad27c9ef602d6d6a5ae4106518d9114c7a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=xdjJ9XweGu&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 03:54:21 GMT
x-content-type-options
nosniff
age
432728
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36094
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 14:39:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 03:54:21 GMT
J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame 9AF8
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 22:49:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
191796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 22:49:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 051E
0
23 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-zM1REs5YojfDv6DjuwPlKipuAsAAAAAOAHgBAI&bg=!EhGlEVXNAAba2mK92to7ACkAdvg8Wn2feIl0omZ0RbFs670yFC68E27samLEt2NSpuJAOu5-4DCvyAIAAAIQUgAAAAJoAQeZA3RQZUd0S4e2CodHyj35BqCYgSKJv3ciJIbwetJFx1aa4zy_cxW7_kVGF7WCgvIUFj6OZh0BsipYxyc61FK8UxA3YvVOxXKjY0mzJ6hMDqkkW6HpHXSUWbnuuWx1i_9RqNrx514Lg3XijyZ2sQ50Zx62wYVqRWZ6zlSoAC_02VcHAQChL0f2txCIBTt9xtPbZ4EO3FZJc7ZUqMVmcxo8Giicjb-jH_ctJKfOj0HqjNSrhbq59hmbXjxMMj63XO9oLniyFhlNRmgZjjVQTI2xMam0h2usfyf87oildwuTkyPzmnZt5K-YLnYCsegp7V_iFCZAerCFUaosvfFrcC611ERPXW7CiH0ymDMY-CjoGJzW8QpI1FTriCcKrShL5ZzZl5gOJgThKxf8DZuHqZJsgvhtNQAcQNQCaRqBa4ywsnsw_j_ZZn6N590zVAq6Aicb074Jp0Kz6r_BBk0vDHKciBYBYbagjck1snzWbnB9h0tR3honpS4RooTqvK8HJTJU2dagiQa72CqkeqmzCJVnFO5kzsunXKFehXpW_CchE9EIJ5G3VWJjtr0t-Ezl0FHJ26dJlcr06AjpQKM6cyQ5-wUVtmE5Mtqc3NVQhFcax38VA_mEV03BbzcqoVa9iYS-8fDhbZ3morT1cRLuwGcHDrkpxrc7b-EpXCQdw9DXykBrq4qc3yKlITfg36J2pEeKNjoJ8c_HTBS_xqRYCD8R8TolYo9t1GmcwngixZIwfwBVH_hRakNs-c8RlQ1yk7iEI7-dAw508M_VfKlKJpwRiQBQaC7qN08C29KVLLoF7DWhU_2HCd001LgKpHaQJc0Xv3N9-qj6PdqRVGRZemEen17IxuI1PbBdb_cTf_IS9ws5DRySBKJAzY8KgFExe2B5gwfNbQzRx754oBZ4HaBwGzHxuRw6MXy0HsTvPRfessVnKD7PENCifAJi9E7koNU_mpHznyW6UBEgTCcSnGJL7SMp1ZYJtyiLAaxzjl-pemZHeMAxwg0FV9-UjpGNBJijF895GMkV_bq98MElY8vP-RRIIKKEqIyIeCXBTRfssnTgAZ7njYCn-OiK8frq4umwDH5kd-LpeQuzQ30DzSBIDlu6mcxqGW0sDgDspHBEMV30gYCLYt3Ya8kv7nrZVluztqmgTzHzu49GJfhREObfz5UkJ1dapA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal90008.redintelligence.net/ Frame 0414
0
150 B
Script
General
Full URL
https://hal90008.redintelligence.net/viewability?s=60439800014014004380380011906008&a=068228e9&vb=v
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=60439800014014004380380011906008&a=72c628c7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Reilingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=60439800014014004380380011906008&a=72c628c7
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Tue, 22 Mar 2022 04:06:29 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8DD7
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 21 Mar 2022 22:42:01 GMT
expires
Tue, 21 Mar 2023 22:42:01 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
19468
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 923F
783 B
535 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0926abd1573b08b813715978b2603d47f6bef15be3b7f5fa44769fe6000d7245
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GVwvOCbsoLPk/CRC85tWQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 22 Mar 2022 04:06:29 GMT
date
Tue, 22 Mar 2022 04:06:29 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-GVwvOCbsoLPk/CRC85tWQQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
/
track.adform.net/csimpr/ Frame 0414
35 B
477 B
Ping
General
Full URL
https://track.adform.net/csimpr/?bn=53795657&csi=c_hmUKFU25TIhQRDXp1a0mVUnQKWgMZemoGpSmqCskPrygPkIxxfk7zdkaIVAVjq_lvzbe7IaBNbviB8bWfCU96vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90008.redintelligence.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90008.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
truncated
/ Frame 1983
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
11680859914692182044
s0.2mdn.net/simgad/ Frame 1983
14 KB
14 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/11680859914692182044
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6316733cee30d53f937ba821e429ea084ed89ec8367be14a676c4edb9d3730b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=4DCIR0Xjx2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 04:24:46 GMT
x-content-type-options
nosniff
age
430903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14398
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 14:19:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 04:24:46 GMT
6874211348065297878
s0.2mdn.net/simgad/ Frame 1983
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/6874211348065297878
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae161ed60b805ef55252d8015763b0d99d598643677e4a647862f6c4a6c6a8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=4DCIR0Xjx2&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 04:24:51 GMT
x-content-type-options
nosniff
age
430898
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3815
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 16:30:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 04:24:51 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B5A
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstquWmNtgA1eTGbtpEtt1W6sVUIYsbvntrWRXQ8zTBn0Sy02QrWXN8TUGl68q6rYjeJx-_zK0lxxJ3rkkt2cs7aVup1Hl-LjiIqdx7DAboh39nH19ycRi8&sai=AMfl-YRKsrA9FrKEeQGVk1CIaf31yY81eDCS9EmDR_abzK7iEybpqNQMbsSnQdk7TpMW3DQEa4IiIoEHpLcUj33SZPtiLMmZSJzUJtO1Vg_6Q_xAXBb0MQafLke6Crg&sig=Cg0ArKJSzBYNm3kFHbeWEAE&cid=CAASJORoLau2mXOXfL_-8G6UnaYw5Q-SkkXinLArfqmrSHfnV2trBQ&id=lidar2&mcvt=1040&p=889,980,1139,1280&mtos=1040,1040,1040,1040,1040&tos=1040,0,0,0,0&v=20220321&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1667366112&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1647921988169&rpt=425&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CCAC
0
23 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdFg8REs5YtXmFs6u3gPK7oLYBAAAAAA4AeAEAg&bg=!FhWlFVHNAAba2mK92to7ACkAdvg8WsET4a9oTpByvYHW8imjhwdYu6fQ65vT_FOnzb_6MH274xLbDwIAAAGyUgAAAAdoAQeZAwrPdnbl_J-F2rt1im3ranzepx_5TV8O7CMCMXR1oie4AZa0CZrst8Q28r9CTzZmWZoC8WLtjFs5LPGV_3PT_Z2ucK7TJQlewG60Vc1g5qcSV_qC4W9fDvves1BPm3G4OmlB2lbm0aeTf75adRQaEzb7GX1bUREwUP_e03fHVPNtzagXCEf88zpJZO4R5kYIaBatQXCiF9b3Oci3_DyOt0Jz8SFqFqM-2TDWrMkbqFABwzTbWA_qm8xOWR0U-1LawEsBRWI9j8nDVvE4UrQInRwTTWBViFRfc38RLqqlM0tQTxoQs4nuTqyabM-jv5gSPEO-0_slqgvqqBVxe5rSIhcq1fyLqgmK7KOXDnxfvLYirhEt700p2KB5EUyxmL2U0guMuTExPv-BtVpULp_2XHo3GyIWtWQvRkCjDJ5HKqO09xl0lFpRas9Gau33KUUdgmULNGFFq_NoJD_r5tmfzEnwzgFscZ2tWEFGJn4_-QgFeY4hB28BbnVG6N70t9HRAYrICYjtCRaejfslY2Aiz9CjdI1JO2xXvOCSnokwnx1YPzJ68Riw5lretQlAlcNGnNnPLxBgD1mrcvrIbWJTdUyQsVGobdED5d7AACynr4kHjaZMJcbItUny47ovITEYh-xrAB38EP-jaBCMTsEV4X3hoC9IJVBR7Tyb6evY8mw0V2UG-sxgZ87qfOyi6Y3iOJySa_HTl4HepPU94Qk0Fmtwte-ZEa2Xh17EDELmTxbRKqArsRumIS9lLmOD7znmRHAdDi_z9UFg3AUqv2I3w87xhsVryMlSZd5EKq5zvWUnHeAE5Pp4qyi5hln7TZ7ebcn_dD_jtPslll2HDAfPTDM6JRhi2vK8Pe-sk9cm1vFOBISKupVMAca8sozRm48IZqFXDCXkwSewceUVIow8NChlJVmfOa8NFChgTPjJL5H2AyNbRwnJJ95pgWKJ8iQYfoE2bCOBATrJS9Va2d5khXXOx5PsaCcVrgvoFzMh4NfTkAsYi1IUX891T9fh_WfAqXv6_5qACn1ujI1y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 97BD
0
23 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BefNaREs5YrmqFcmOjuwPwOePkA0AAAAAOAHgBAI&bg=!np2lndnNAAba2mK92to7ACkAdvg8WvNY9mL2BhkS4vJiHtGiDtYkXuExJxQfKV8g37vRq0aMLykgRwIAAAHcUgAAAAdoAQcKADVjRkfojyytpiIWa6XgNmomKt8ZPQw9gTkhxFcPDaw3eaJFZCbOPB4mU3c6r3TgPu9i0JAelJkDKrNv_VrF3LYW13aKN61NnQSf2pl1cnxgrP5GdpcuOarxqExYkGcQkyVBppK0WmgAkMneBC-YhYSXJoaJH-2NNE2ZhI_ah8DhJgh_UCmdOPdXIdpjSJXlZ16j3_SFSa2JQjuWGDwTiJscFAdMIewIVwpB75lFA9u6DF3DXhBDLHJOEbH5lgEwd6ugU2WG7Dq8UpihW7CH8qj8je5wPcRk8Ih2SYSMmrmrIB810ujrczQLun1JhxNKiwMpICSWfsxxEHIVBuDgzCqI3o0UT2dDQpPVPBxKPP6CHtQOm8zYJCKCBy5yLEBw0iC-finSQObH3p1jjUtzYKsc_BKmT9mcBkAdjwPJ7-XeN9LQCU1pGus-r7DYCHknhcLg7bw5Wz8jOfzUt4axoXOXnHtX9as5fCGKJI04RfxQlB7yiZzdVIWsLG3-fYtSk81zVa-aR8CvEeiYUyp33ZyeEXG7jwvJNgnuJ7P9rKue20dyLaACmQk3Zzx-_UA8kljwmSARtmNIZxdkVQWWovzZVcxFrdhW9TjviWVaZAO62lZ_j8Fyo4aU5cK6s7UZnneyslbmiJ-kYpEuU8OKOXr0rrVa9xiDDgtippQVx5DFA04p4trmd7tXEMkYcMg2A1l5dgrpRNnZ8c1P1p9b4yLWAc7oazRbn8if2vekcqYjjnpxMLMXUJpCNfZYlnHN4mCvHUIku4cviYWe860TOsMO8uxew4hjg3I13lB_LU2VCouHOY_t7WkAEB3j85_w3EKkZqLSgJfrcWytPdnd7q3an6CPRWKNGV9gtJKw9jcZfG-aJXymIdQQS2UrnqD6lhz2QcX170VPlCylw6gnrR-XkRi_sZxX7FXHUrBZrn9rd8_CtT1VUHtF485eedqQn96PVg4xtrdeFsLxIAaRODcWV0zqqfPX-9KJdKzrm1ixFZbpai7USUtub_mbmxA_aZ4oW0jjJHGSf_K7j1XZJA1bIVA0PLKHpAyCa7Q0xieyM9xdb8o7gOMEnqFVAUZjU7jjhEhu-9o6jf8-3fisUtAaY2q92SoUmwSLmizb3Uoszvj6SNrXE6oPLQFWiFc4bv-X9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
10998798.js
s1.adform.net/Banners/Elements/Files/160090/10998798/ Frame 74E6
110 KB
24 KB
Script
General
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998798/10998798.js?ADFassetID=10998798&bv=258
Requested by
Host: ivona.ua
URL: https://ivona.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7e5bd79cb954759cc000c99236ca0836418531fd48e30101c98c614ab08525ab
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:29 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 09:43:57 GMT
server
nginx
etag
W/"622b19dd-1b811"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
truncated
/ Frame 5667
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
11680859914692182044
s0.2mdn.net/simgad/ Frame 5667
14 KB
14 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/11680859914692182044
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6316733cee30d53f937ba821e429ea084ed89ec8367be14a676c4edb9d3730b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 04:24:46 GMT
x-content-type-options
nosniff
age
430903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14398
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 14:19:18 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 04:24:46 GMT
6874211348065297878
s0.2mdn.net/simgad/ Frame 5667
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/6874211348065297878
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae161ed60b805ef55252d8015763b0d99d598643677e4a647862f6c4a6c6a8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=rYO6Vpjifr&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 04:24:51 GMT
x-content-type-options
nosniff
age
430898
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3815
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 16:30:33 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 04:24:51 GMT
truncated
/ Frame 5BB5
43 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/gif
5067881649366237532
s0.2mdn.net/simgad/ Frame 5BB5
35 KB
35 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/5067881649366237532
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5cd62ce7cfdc3778c2c0a2576587ad27c9ef602d6d6a5ae4106518d9114c7a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=xdjJ9XweGu&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 03:54:21 GMT
x-content-type-options
nosniff
age
432728
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36094
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 14:39:07 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 03:54:21 GMT
5866681218847015177
s0.2mdn.net/simgad/ Frame 5BB5
4 KB
4 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/5866681218847015177
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ae161ed60b805ef55252d8015763b0d99d598643677e4a647862f6c4a6c6a8d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/ads/richmedia/studio/mu/templates/brand_awareness_cuecard/responsive/V2/index.html?e=69&leftOffset=0&topOffset=0&c=xdjJ9XweGu&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 17 Mar 2022 03:54:21 GMT
x-content-type-options
nosniff
age
432728
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3815
x-xss-protection
0
last-modified
Tue, 01 Mar 2022 16:26:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Mar 2023 03:54:21 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8496
0
23 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BN2C6REs5YtG2F72QlQffq6D4BQAAAAA4AeAEAg&bg=!t7SltPDNAAba2mK92to7ACkAdvg8WrNF6IqlS-ENL2QBC7G4q93YEXCt2epNgoMNbcizl48oDqBpRwIAAAHTUgAAAAFoAQeZAv2ZO253mQoyGqpX1nnH-8qsRBcpVfGDmaQqCLoZ2fHvyK87VHDoGaB2MU5az60qG9RXdIF-VB2t7BYxedOO8BNTTzalACUQFMqhi2vRJmlRaodeS2CHvYG6FYoJcoLociNsd_Zekq1eOJYsHHkDVxpNUKz65ubIggPqFDwzCcPekpZsJpkXBPD9uk77pCuPCiSduDvazOczap516qppIKpjEIDU4WaA7o1CVcwNx-D7Iwrf19C5xOE8YXtmap76RqJvRlPTuFoiXDbD0u8OlljsCNA-Loqhd5yQ4pW6wRFpORCctqlxRN8Zf3rlbzaqYyoYz2647BFyID6Aib2IUjcPQwFiV8GmY7LJceFBXj_IQQQh_s5W0qA6NMhGq7yGOnnvFnMfm37ru73vdOo_UqCr5W1Rk5nUgzssm1VZQBoqSxmhueM4vBxoIo47aFkAOkAxpm4MeVrZMHK6P2pISUDl4PDx3iVJED5Kng48RkTP9mk97QcZcTlXcbyXN60E5tLGmpyGmzRSN_NLbu9RyyZSJOU7zBERqW_mSh8xeCCwigREX8M77Rf50iHxGOlKWIvyUWSu0t_dqr9UK78hZhm7G6vpRl3jQUnijRrSYD7-2_67rlr3V8EUvJYN1Z4Tv9EgQs43OVFXoNCtKMoZdPYdAExP_uWPFb2FzfVrfAE4DImV2q8lE_t02DcR4kkOifV6xxuA7dZ4-4M7AJUmBqFUnpzM0x_QGz5YARIx58sGyd-X_Ky32WbXCRz5yAwc1iUnAn7IUYBed0oRqeOEW1h4NkwrqqN53ZIZ7_37ZyggjEvbb4E_D_DUfbsHaJfxfeobTUi80pGuG_0S4w2IpTx9wRVKe41x78wqsUvc6-9id4mSLRl5WFDjtL-dCCHeDLpSreaeLg2ot1o-CG2mAal9H81ZQCG66j0yJRYeLsq_oBdCd2VtRfnu_27_zVF8yA-kAvmLuTiaiG35l5z4-Ya7InJj7UcJ3XNpWEhA6IzC9zAM7FlhxTCLz-nCrzw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 923F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220317&jk=773249475289896&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
pagead2.googlesyndication.com/bg/ Frame 8DD7
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/J_qxQZjuUB_uQp7BvnBI0K8a5e4rJKdHhykRiRTCxyY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 19 Mar 2022 22:49:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
191796
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13888
x-xss-protection
0
last-modified
Mon, 14 Mar 2022 11:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 19 Mar 2023 22:49:53 GMT
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 74E6
30 KB
13 KB
Script
General
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=626
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:29 GMT
content-encoding
gzip
last-modified
Fri, 14 May 2021 12:35:29 GMT
server
nginx
etag
W/"609e6e91-76d9"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
Enabler.js
s0.2mdn.net/ads/studio/ Frame 74E6
134 KB
45 KB
Script
General
Full URL
https://s0.2mdn.net/ads/studio/Enabler.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.219/e/igSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 03:59:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
441
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46435
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:47:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Mar 2022 04:14:08 GMT
generate_204
tpc.googlesyndication.com/ Frame 8DD7
0
9 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?bdAZFw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220317&jk=773249475289896&bg=!NjWlNXHNAAba2mK92to7ACkAdvg8Wgj6vJ5kivAkhf-bLQpZ-9cWe0RbfVBgi-lE7LtifJM6qW7yjAIAAAB3UgAAAAxoAQcKAH_M2j4MLrOWm_J6xzRkDJBNlXJb_OmXevjc2O2XCPdQNUq5QbLUfZnmFzWUFSrzkJBorm4NtZ0t_YykC4CDIa7GL63zX9vKInmHP32p0mSPBKcP3pPAtyn4XUwk2VHGgdUeM4266xMAIUioB88roW-dCcDm3v3-ILN2vn5Oar7xmQLXUhmcAA_0z_wwiz8tGFHQMV-insV2FFIPEbajj82DF6EP_1xYVLuILZOHSY7X4ooLVOkmzW1JZqySZZEqrTgCs1wSJiRmNXTpxD0hIU4FFht-icbxqxXpwu8fWi1iWqGtnWXSlvFVgHIrIUOsEh21U3nQg3UqCuSNHwJS8GInqsNQwwLnokdmVNT9iFbtvLJTXRHcTcQfGVI0QDpWBaYpRsnTPA3pyeTipvNm_F-nzC9JjVeFcLvLZ7OfBFGzzE9aJBeI5nXu7d2f1_Kqf-u6BCP9D7oUaeaiEbvSlAsfTPYd3V9LXPNaoB24-vGAqV3ty3V3-xk8BY3oecqBNMmI7MprseJjYqBeRG1cD-yM-m8PyAeOrCejwSXovigKeRoHi9oUDNup_T4UFiJW2tkQzWv75nzhM7REb7070kB7Bk4kabAO_Io_VVDpmjAj6W2sBzdQGq8gaUT0XdX9g-GKFWcEbQy4nCuu5_tn4xIaGcM7SsMa5Bck5_Wkwbv9iVLcnUUi9QCb_ayBq6L3rUIRb5yOpB05SfgxwrUl7yc-U_O5o2H2-L3woPIk11RUlGwwfUucrUXmGCyZxRL1RpeznkG1qZthcx3epYrGjqSQmuNut8RsZUFPAu_TMI5T-IRVf_sZepepboMvwQJiYBCdAXrS6keK9w7wxYK3KmmTu_rkSFkJHQxNlF0lt0GSV9pHpl0H5wD75FO4F_bKK__qddwgJR89L-j1tFH2RyJKv-CkDCspEQiEsFxk2irlHtu54TbkvlVm7XIjtbTTMAQlcg6w7FpcRAyi2Vh7pIlHyiWpRGbveSfWPxpfCAGJYbMkvgDKox3SjYoSDh2MT_sNqmJXd15x6uUujEHPSp5KoRsFHVlFNfzMo-EwPeE-f7t68EocKmuX2gpmESdA-FTwNSHxVLkVj9aLld1ZXRCWAY-TSpGXS7k9oGUzIsxdblifKrzzhgH4sw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

/
track.adform.net/serving/unload/ Frame 0414
35 B
477 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8982964572609997348@@53795657,6188572385103114838,100|1197|0|0|0|0|0|0|0||41|1|||||1|0|0|YvwZ0OLedYNcPlakbYq96Thb4RBWcQCkf64bKfz5HXYtdHQCSAS2afL_QlhaeLlf0|||11||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90008.redintelligence.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:31 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90008.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/
36 B
130 B
XHR
General
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 22 Mar 2022 04:06:32 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
PageStatEntry
sslpagestat.mmi.bemobile.ua/pagestat/
36 B
130 B
XHR
General
Full URL
https://sslpagestat.mmi.bemobile.ua/pagestat/PageStatEntry?cookie=9006AC80F20142D0A7689A37858C3FB8&time=1647921992095&location=https%3A%2F%2Fivona.ua%2F&referrer=&is_flash=0&session_id=711762606&version=3.5.337_ua/1.83&sw=1600&sh=1200&scd=24&spd=24&tnscm_adn=holder&param1=~cm_timer~&param2=5&param3=1200&param4=4829&param5=8&vt=d
Requested by
Host: source.mmi.bemobile.ua
URL: https://source.mmi.bemobile.ua/cm/cm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.247.175.26 , Ukraine, ASN196831 (BEMOBILE-AS, UA),
Reverse DNS
Software
nginx/1.13.0 /
Resource Hash
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013

Request headers

Accept
application/json
Referer
https://ivona.ua/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 22 Mar 2022 04:06:32 GMT
server
nginx/1.13.0
content-length
36
content-type
application/json
cta2.png
s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/ Frame 74E6
6 KB
7 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/cta2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1246d6849faab2638993561535bb95cced30ef5400c522face78a1039cdb9b83
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:32 GMT
last-modified
Fri, 11 Mar 2022 09:43:57 GMT
server
nginx
etag
"622b19dd-192c"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
6444
cta.png
s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/ Frame 74E6
8 KB
8 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/cta.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4292092746cc87ee5e39bbcb8a21dac324e3ff1b79a25f8213e5ea7e589be46d
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:32 GMT
last-modified
Fri, 11 Mar 2022 09:43:57 GMT
server
nginx
etag
"622b19dd-2099"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
8345
text.png
s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/ Frame 74E6
24 KB
24 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/text.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
699c186d7d74ea78249d6613fa5428740d877e85cb4a2b9ce2de86a74d353e61
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:32 GMT
last-modified
Fri, 11 Mar 2022 09:43:58 GMT
server
nginx
etag
"622b19de-5e36"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
24118
spare.png
s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/ Frame 74E6
7 KB
7 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/spare.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7c5a0aad1b59f9c9806e1cca44b63a1acf648bd64ff33a65ffb4eecfaf6a1831
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:32 GMT
last-modified
Fri, 11 Mar 2022 09:43:58 GMT
server
nginx
etag
"622b19de-1c12"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
7186
price.png
s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/ Frame 74E6
20 KB
20 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/price.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
28294fa7754e0d4411cf16f03459c15d031813960b5d71169340ace883a1597e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:32 GMT
last-modified
Fri, 11 Mar 2022 09:43:57 GMT
server
nginx
etag
"622b19dd-4ebd"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
20157
logo2.png
s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/ Frame 74E6
7 KB
8 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/logo2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
37c776d2e3ca6d9c4b96ee721c24f9b1a87067762c5aceaaea350dbb86a07f17
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:32 GMT
last-modified
Fri, 11 Mar 2022 09:43:57 GMT
server
nginx
etag
"622b19dd-1cd9"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
7385
pic.jpg
s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/ Frame 74E6
30 KB
30 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/pic.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
0323d64c6d26497fd4ebd93e78c618d5b1a7afff77581965348a1baa3b717d98
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:32 GMT
last-modified
Fri, 11 Mar 2022 09:43:58 GMT
server
nginx
etag
"622b19de-786a"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
30826
logo1.png
s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/ Frame 74E6
7 KB
8 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/logo1.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e938ab5c05afa7cd14c78f8ef80555ceff653d20b7ebe55a061911ca67068f7c
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:32 GMT
last-modified
Fri, 11 Mar 2022 09:43:57 GMT
server
nginx
etag
"622b19dd-1d1b"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
7451
bg.jpg
s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/ Frame 74E6
30 KB
30 KB
Image
General
Full URL
https://s1.adform.net/Banners/Elements/Files/160090/10998798/bvpath_258/bg.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
fa0b379576b2be415c0b2e36ccf7d3e7f8e2f799ff324445b5362baac6f16378
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 22 Mar 2022 04:06:32 GMT
last-modified
Fri, 11 Mar 2022 09:43:57 GMT
server
nginx
etag
"622b19dd-786a"
x-cache-status
HIT
strict-transport-security
max-age=0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
30826
6e165c746a724430caae15178e21a6e2-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
i.ivona.ua/i/62/62/04/1/6262041/image_main/
71 KB
71 KB
Image
General
Full URL
https://i.ivona.ua/i/62/62/04/1/6262041/image_main/6e165c746a724430caae15178e21a6e2-quality_100Xresize_crop_1Xallow_enlarge_0Xw_630Xh_283.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-70.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50e07aa79dc79061d84384ddb8284f3f4f9db1c00dfd3b93f10a0026ce846172

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ivona.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 21 Mar 2022 14:49:28 GMT
via
1.1 befe3b8553d90339ecf78e5d7cefa60a.cloudfront.net (CloudFront)
last-modified
Mon, 21 Mar 2022 14:49:27 GMT
server
AmazonS3
age
47826
etag
"ed699d26126b8d33c229d15ffeb9d50b"
x-cache
Hit from cloudfront
x-amz-version-id
azQlqVeHH5d8RLm3PlREYkt15p.tt3OU
cache-control
public, max-age=315360000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
image/jpeg
content-length
72623
x-amz-cf-id
OeiydaEjBmOws0zuu_aXo7lJOwU_PVx6Po794vCPSzEj-IjSbZzfKg==
activeview
pagead2.googlesyndication.com/pcs/ Frame 60B5
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQFJMdgLAzl3mWmJlThs19-X45TFgMT-eRQn58IKyo4xOyjbWqNOc3zrhX5i-4CWWQzixsG8hM12dy5kENCaZ8bROn9Lixl5Z-KHP0HwwdFjr1f6ZiFGg&sai=AMfl-YTBhGpStLZap1-DrRkZYO_kzFDyQBrJLS6G6wQq_y9INNJmQEc5cVXK3oKE5NodMo5TztO_ZAERN3cPNbqV8dMfAlGBpB98wX80mCfOHt4YwOxnKNKHEspKPiM&sig=Cg0ArKJSzOHgsZx0OVvDEAE&cid=CAASJORoW6E86dghjacaMGFLX7q7s9pZ-x1kEqYV8qKF72e0BIVKoA&id=lidar2&mcvt=1001&p=950,300,1200,600&mtos=632,906,1001,1034,1034&tos=632,274,95,33,0&v=20220321&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=189180291&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1647921987875&rpt=347&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame FA33
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvb5VE_7Ih9CJVw8aY6k0mT-cWJLEDeJGzcr-Fx3-USbldGo-KQhjPgkNhN-vnXSXZQMclEqC-wLhV7A45mtloyIdmqgBJkvP3Mq3bbjFhvd_aMtYwwLEg&sai=AMfl-YTeV0S1Io4j7CrmtyLBTCVKdGvHfg1QNuvmVfw6iVANxTezEzEX10v3JQLiO0KfKE3EOwUch0f5Loyj8Ph0qdwhNP1BNcqR9MIm7vDq0KB5oHg3NRPMIangS_g&sig=Cg0ArKJSzLWxucdU4IdTEAE&cid=CAASJORosiDvql-fuy0kpZr_RXWdl9dqg6M2FeEuS4Eb8nZAolafiQ&id=lidar2&mcvt=1000&p=714,1280,1314,1580&mtos=0,826,1000,1060,1060&tos=0,826,174,60,0&v=20220321&bin=7&avms=nio&bs=0,0&mc=0.76&if=1&vu=1&app=0&itpl=20&adk=72111099&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1647921988182&rpt=437&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 0414
35 B
477 B
Ping
General
Full URL
https://track.adform.net/serving/unload/?version=15&unload=8982964572609997348@@53795657,6188572385103114838,100|4497|0|0|0|0|0|0|0||153|1|||||1|0|0|YvwZ0OLedYNcPlakbYq96Thb4RBWcQCkf64bKfz5HXYtdHQCSAS2afL_QlhaeLlf0|||01||0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal90008.redintelligence.net/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 22 Mar 2022 04:06:34 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET, POST
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://hal90008.redintelligence.net
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
recreativ.ru
URL
https://recreativ.ru/mtch/31/f28c455d-c191-4216-be40-7cd9688b355a
Domain
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
URL
https://3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 function| structuredClone object| oncontextlost object| oncontextrestored number| H_DEV object| holderPlaces function| holder function| gtag object| dataLayer function| $ function| jQuery string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| ABNS string| ABNSh object| ABNSl object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad function| Popper object| bootstrap object| jQuery1124066723957520029 object| hb_dmx_res function| lazyload function| LazyLoad function| phnx_frontend_get_var function| phnx_article_stat_view_complete function| phnx_article_stat_view_add function| md5 object| toastr function| phnx_set_data_message function| phnx_notice function| phnx_notice_session_save function| phnx_notice_session_start function| phnx_scroll_to object| name269now function| setUMHBibbCode function| loadUMHBranding function| admixerLisBrndMsg function| runZoneJS object| UMH function| ABN object| pr number| pos string| k number| v object| e object| b object| FB object| gemius_cmpclient object| gemius_hcconn number| pp_gemius_cnt object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| googletag object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint boolean| admixerLisBrndMsgSet object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| s object| p function| html2canvas function| _open string| bn_url object| regeneratorRuntime object| mwayss number| tns_already object| tnscm_adn string| tnscm_pak object| cm_events object| loadedBanners string| scr object| div object| x number| len undefined| newScript function| getApuID object| APC object| functionCallbacks boolean| functionLock boolean| apuidExists function| waitForApuID object| shownAds7161 object| initRtb1647921986785393278 object| result string| key string| apuid boolean| initVisitTime object| logVisitTime number| sessionPageview object| sessionData function| setImmediate function| clearImmediate function| Achernar function| pbjsChunk object| pbjs object| _pbjsGlobals object| _mgIntExchangeNews object| IdealmediaInfC1211636 function| IdealmediaCContextBlock1211636 function| IdealmediaCMainBlock1211636 function| IdealmediaCInternalExchangeBlock1211636 function| IdealmediaCRejectBlock1211636 function| IdealmediaCInternalExchangeLoggerBlock1211636 function| IdealmediaCObserverBlock1211636 function| IdealmediaCSendDimensionsBlock1211636 function| IdealmediaCRtbBlock1211636 function| IdealmediaCIframeSizeChangerBlock1211636 function| IdealmediaCContentPreviewBlock1211636 function| IdealmediaCResponsiveBlock1211636 boolean| mg_loaded_466737_1211636 function| idCoreOnReady function| tnsOnStatResult object| IDCore object| __cm function| Swiper function| dryRealShowEvent object| banner7161_1647921986785393200 object| onClickExcludes function| mgReject1211636 function| mgLoadAds1211636_10880 function| IdealmediaCReject1211636 function| IdealmediaLoadGoods1211636_10880 object| _mgq function| _mgqp number| _mgqt number| _mgqi string| _mgCanonicalUri boolean| _mgPageViewEndPoint466737 string| _mgPvid boolean| _mgPageView466737 function| CrossDomainStorage boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgRequests object| GoogleGcLKhOms object| google_image_requests

130 Cookies

Domain/Path Name / Value
ivona.ua/ Name: b
Value: b
ivona.ua/ Name:
Value: store.test
.cdn.umh.ua/ Name: AU
Value: 42e0a42265815c4f
.ivona.ua/ Name: __gfp_64b
Value: Nkhxt3KUEG8..I9_ZT2RIqY5pCG.1FZsj_tqkEI6yUr.A7|1647921985
.ivona.ua/ Name: _ga
Value: GA1.2.175811496.1647921986
.ivona.ua/ Name: _gid
Value: GA1.2.1350180959.1647921986
.ivona.ua/ Name: _gat_gtag_UA_206274582_1
Value: 1
.admixer.net/ Name: am-uid
Value: b2d7dbba5e8345328475ef26e78e696e
ivona.ua/ Name: cbtYmTName
Value: IlkAS0YAGAATERYRRhdBGkcWQxZAQEMQAF8L
ivona.ua/ Name: am-uid
Value: b2d7dbba5e8345328475ef26e78e696e
.hit.gemius.pl/ Name: Gdyn
Value: KlxK7RMGQMQG50iXA7eyHaEissGMXP8c25nSGLQ9OeF5geMiGsRPIQlGvGQp8Mg8SsL8RDcGFsCBI8l8MG..
loadercdn.net/ Name: vui
Value: 08f57ffe9fe94279a3b8df43b297433f
ad.mox.tv/ Name: _mwayss_zone_imp[1025][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[1025][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_imp[15459][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15459][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_camp_imp[4847][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4847][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_imp[15597][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15597][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_camp_imp[3877][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[3877][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_imp[11767][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[11767][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_camp_imp[2282][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[2282][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_imp[15444][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15444][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_camp_imp[4418][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4418][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_imp[15789][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15789][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_camp_imp[4942][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4942][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_imp[15780][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15780][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_camp_imp[4912][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4912][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: moxuuid
Value: 38d34758-dfd3-4d9e-8b93-6fde47bcbe6c
ad.mox.tv/ Name: _mwayss_zone_imp[4730][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[4730][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_imp[15455][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15455][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_imp[15595][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15595][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_imp[15442][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15442][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_imp[15792][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15792][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_imp[15362][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15362][frequencyPeriodEnd]
Value: 1648008386
ad.mox.tv/ Name: _mwayss_camp_imp[1954][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[1954][frequencyPeriodEnd]
Value: 1648008386
ivona.ua/ Name: lapuid
Value: f28c455d-c191-4216-be40-7cd9688b355a
ivona.ua/ Name: session_id
Value: 1028c3a1-4b91-423a-b87c-0eba59f73627
ivona.ua/ Name: session_pageview
Value: 1647921987.1
ivona.ua/ Name: site_visited
Value: 1648008387.1
a4p.adpartner.pro/ Name: ivona.ua_ref
Value:
a4p.adpartner.pro/ Name: apuid
Value: f28c455d-c191-4216-be40-7cd9688b355a
a4p.adpartner.pro/ Name: apudmg
Value: 1
.quantserve.com/ Name: mc
Value: 62394b42-e7c67-52167-b4484
.bidswitch.net/ Name: c
Value: 1647921987
.bidswitch.net/ Name: tuuid_lu
Value: 1647921987
.bidswitch.net/ Name: tuuid
Value: d46b6bbd-ed08-4279-9fce-3b6861d24f24
.doubleclick.net/ Name: IDE
Value: AHWqTUk0TJPDakQs33OiA58lbzrXjX7G2o6I9S93xTTIPNGqoHvsNPPraA3Q-hJHp00
.uuidksinc.net/ Name: jcsuuid
Value: epEAllHcmvXyaixcmJ22
.eskimi.com/ Name: __eConsent
Value: 1
.mathtag.com/ Name: uuid
Value: 3e646239-4b43-4501-95e1-b861985f0487
.acint.net/ Name: test_cookie
Value: CheckForPermission
.acint.net/ Name: aid
Value: fwAAAWI5S0MDugnfA0OpAq305BlxVfcibIO1+EPJAjB7bDQI
.adhigh.net/ Name: gi_u
Value: PLYaGwKK66c.AikABlF_r83_0g
.acint.net/ Name: cSyncDp14v3
Value: 1647921987
.ivona.ua/ Name: __gads
Value: ID=16cf585529a6bea7:T=1647921986:S=ALNI_Mbj-vYD7v2a7eLZMuNjTdzya5wTMA
servicer.idealmedia.io/ Name: __mglb
Value: 4aae4d8c393f422d100aefd60785b084
.idealmedia.io/ Name: muidn
Value: m2lr4pjwoj6l
ivona.ua/ Name: IdealmediaStorage
Value: %7B%220%22%3A%7B%7D%2C%22C1211636%22%3A%7B%22page%22%3A1%2C%22time%22%3A1647921987787%7D%7D
a4p.adpartner.pro/ Name: buyeruid_63
Value: 5d3c08b9-bdde-4269-592e-251af210a832
a4p.adpartner.pro/ Name: buyeruid_64
Value: b7152f12-d2e3-4acf-77af-4e646a425e03
.ssp-rtb.sape.ru/ Name: sspuid
Value: fwAAAWI5S0OtlwA9SL/0Agu7mdrfj08fc1Qhp4fF/MxoKHnt
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: tuuid
Value: af26d260-1ff0-5351-8eac-37baec957cf9
.betweendigital.com/ Name: ut
Value: YjlLRAAAH0DE70GHNYTL6z8xG4Vo0cdG69CJYQ==
a4p.adpartner.pro/ Name: buyeruid_53
Value: 0100007F434B3962DF09BA0302A94303
a4p.adpartner.pro/ Name: buyeruid_55
Value: 0100007F434B3962DF09BA0302A94303
a4p.adpartner.pro/ Name: buyeruid_47
Value: af26d260-1ff0-5351-8eac-37baec957cf9
a4p.adpartner.pro/ Name: buyeruid_57
Value: af26d260-1ff0-5351-8eac-37baec957cf9
.quantserve.com/ Name: d
Value: EGEBCQHcJYEA
.adnxs.com/ Name: uuid2
Value: 3552383200722088981
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb7uA-Sr!@wnfH8K6pQK`!5=E<*L5?%K-58w>bmhw+ig3Z_uieFThgN8DP??kS(ZaDe2*bpRz*qF1`*b]d[)[*o4
.casalemedia.com/ Name: CMPS
Value: 1840
.bidswitch.net/ Name: google_push
Value: AYg5qPL7wiYPH9VKbGQhsc1Q0HsZC0__DiSyTvwC1OmnwjlDO9FZFJXPqqlDAwpvb6kiTY4Yj99UzXU7mco4x-Jw1QjbhpJ76u0
.pubmatic.com/ Name: KADUSERCOOKIE
Value: DB5AB4AA-629D-429C-A835-65D8516BEB85
.agkn.com/ Name: ab
Value: 0001%3AsJp3ZAxydAu7LGspCQh02se5gAlajKnV
.adform.net/ Name: C
Value: 1
.simpli.fi/ Name: suid
Value: D749FB212B4044B7AAEBB4EBCFE1789E
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.casalemedia.com/ Name: CMST
Value: YjlLRGI5S0QA
.casalemedia.com/ Name: CMRUM3
Value: 2d62394b442760CAESEJ_oMS3z9u-PYk-xSzCEVJY
.yahoo.com/ Name: A3
Value: d=AQABBERLOWICEG12EjozxTLCVOG1a_FSnXkFEgEBAQGcOmJDYgAAAAAA_eMAAA&S=AQAAAlzemWq67ue_LfFa15K1JvY
.advertising.com/ Name: APID
Value: UP72fbf976-a995-11ec-aeb6-0254fab0062e
.agkn.com/ Name: u
Value: C|0CEApzAfEKcwHxAAAAAABAQ13AQEAAQpAAAAAAA
.casalemedia.com/ Name: CMID
Value: YjlLRG6iP1l-x7D5t4a4UwAA
.casalemedia.com/ Name: CMPRO
Value: 229
.spotxchange.com/ Name: audience
Value: 72fb9572-a995-11ec-90d3-19da87bf0106
.addthis.com/ Name: na_id
Value: 2022032204062800086952775422
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 62394b4437fecda2
.addthis.com/ Name: ouid
Value: 62394b4400010b5266de96fda643292da8e29e88311c49ee9468
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220322
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.rlcdn.com/ Name: rlas3
Value: rafvu96jAEBJSLkrK6hwTFnSAOjhIi+HXWwyCBs0gOs=
.rutarget.ru/ Name: userId
Value: Gw1T0JQkrjvB
.rlcdn.com/ Name: pxrc
Value: CMSW5ZEGEgUI6AcQABIGCOndKhAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yl~23w4:18yx~23w4"
.ctnsnet.com/ Name: cid_dacfa88761c94e46bf96f0e57ff229b7
Value: 1
.turn.com/ Name: uid
Value: 7806946134722327687
.media.net/ Name: visitor-id
Value: 2909235880669584000V10
.media.net/ Name: data-g
Value: CAESEDF63aMzvpnCYBWqZrZHluA~~3
.blismedia.com/ Name: b
Value: 62394B4518965AB00D100DC5BLIS
.w55c.net/ Name: wfivefivec
Value: 21ecfIid1NwvMV5
.adform.net/ Name: uid
Value: 8982964572609997348
.adform.net/ Name: TPC
Value: 1647921989028
.w55c.net/ Name: matchgoogle
Value: 5
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_DSP_TRA_HAV_14112_PV&mediacode=27008872_4307561_324455464_145979204_-0&ref=27008872_4307561_324455464_145979204_-0
.facebook.com/ Name: sb
Value: RUs5Yjq5D8TXVt2lbXzXMq5r
.facebook.com/ Name: fr
Value: 02vwzlbNcSVeMni37..BiOUtF.H8.AAA.0.0.BiOUtF.AWWqXbp2Gh4

10 Console Messages

Source Level URL
Text
network error URL: https://h.holder.com.ua/s?ta&bholder_320x100_5759&c1&r66042817&dholder2068016217&hhttps%3A//ivona.ua/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://h.holder.com.ua/s?ta&bholder_320x100_4084&c1&r66042817&dholder1217097366&hhttps%3A//ivona.ua/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=4730&height=300&width=400&tld=ivona.bigmir.net&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1025&height=600&width=300&tld=ivona.bigmir.net&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://recreativ.ru/mtch/31/f28c455d-c191-4216-be40-7cd9688b355a
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPKdu6i_1ymVi6sJTF933RoyC-TawcgJf5acC2rdArQIfzcEkLVtE3M-gcgRB5ihutsQ78aedb_oIyt-oFz3FmhMXimhMO4
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRKp8whwlHmFQz0T4vAAAByUAAAIB&google_push=AYg5qPLvGTC4ovCdnQ7KMvow9bdC6rJSFC2KPorifnC2fqLZcGpLxOSi7u6CGQOvyk5lxOtWLHNLJ_RGs8Fx8lwtoOcGl20PW4d2&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_cver=1
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YjlLRG6iP1l_x7D5t4a4UwAAAOUAAAIB&google_cver=1&google_gid=CAESEE2RQpFyYtVLkg8Lr1dtV_E&google_push=AYg5qPJIkAN4c5FWzLryNlYj_TCtTKJb24eTZxbMYySkp7ez9RQLoaqu-GJWl1DOaCr6l9g_N3D9OjS7w3BG6p3ZDaDHVd1Ic7is
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPIMUAM6c7I--1IiQB2bno4m1IUhA7lOHMV10kJ9kl12x7iw3RBheFGUnsm1RBzA2L4M7gEx5D3y6lznV-f_9xLI5XmmSh9RPA
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
a4p.adpartner.pro
acint.net
ad.mox.tv
ad.turn.com
ads.betweendigital.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
autocounter.idealmedia.io
bgstats.mox.tv
c.idealmedia.io
c1.adform.net
cdn.admixer.net
cdn.idealmedia.io
cdn.jsdelivr.net
cdn.umh.ua
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
cms.quantserve.com
connect.facebook.net
cs.emxdgt.com
cs.media.net
d.agkn.com
dclk-match.dotomi.com
dm.hybrid.ai
dsp-trk.eskimi.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
exchange.buzzoola.com
exchange.informer.ua
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
gcm.ctnsnet.com
google-sync.rutarget.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
h.holder.com.ua
hal9000.redintelligence.net
hal90008.redintelligence.net
i.holder.com.ua
i.ivona.ua
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
inv-nets.admixer.net
ivona.ua
jsc.idealmedia.io
kolobok.ua
loadercdn.net
ls.hit.gemius.pl
match.new-programmatic.com
odr.mookie1.com
onetag-sys.com
pa.tns-ua.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.advertising.com
pixel.everesttech.net
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prg.smartadserver.com
px.adhigh.net
r.turn.com
recreativ.ru
rtb-csync.smartadserver.com
rtb.openx.net
s-img.idealmedia.io
s.ad.smaato.net
s.uuidksinc.net
s.zmctrack.net
s0.2mdn.net
s1.adform.net
securepubads.g.doubleclick.net
servicer.idealmedia.io
source.mmi.bemobile.ua
ssbsync.smartadserver.com
sslpagestat.mmi.bemobile.ua
ssp-rtb.sape.ru
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
t.trafmag.com
tags.mathtag.com
tpc.googlesyndication.com
tr.blismedia.com
track.adform.net
um.simpli.fi
unpkg.com
ups.analytics.yahoo.com
us-u.openx.net
ww251.smartadserver.com
www.acint.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.cdn.umh.ua
3f087054eec248a8929906632c5aee67.safeframe.googlesyndication.com
cm.g.doubleclick.net
recreativ.ru
104.111.215.191
104.111.242.245
104.16.221.74
137.74.6.209
138.201.63.117
138.201.63.150
141.94.242.148
142.250.184.194
142.250.184.226
142.250.186.66
143.204.215.70
146.0.227.109
146.59.30.108
159.69.74.6
167.71.9.19
169.50.137.182
18.195.155.181
18.196.142.162
185.184.8.65
185.187.81.40
185.187.81.41
185.29.132.246
185.86.137.107
185.86.137.110
185.86.137.114
185.86.138.16
185.94.180.126
193.200.65.5
193.29.200.142
193.29.200.162
194.190.76.41
194.247.175.23
194.247.175.26
195.201.243.72
198.47.127.19
2.18.233.201
2.18.234.21
2.18.235.93
2001:678:cb4:bbbb::11
212.8.250.228
217.65.2.150
2600:9000:2057:da00:1b:5138:8a40:93a1
2606:4700::6810:125e
2606:4700::6810:5514
2606:4700::6810:7aaf
2606:4700::6812:bcf
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1288:80:807::1
2a00:1450:4001:803::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::200e
2a00:1450:4001:810::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::2006
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:831::2004
2a00:1450:4001:831::2008
2a00:1450:400c:c01::9a
2a02:fa8:8806:12::1400
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:90c0:41:2801::254
2a05:d018:d29:3601:55fe:ad5:a9ae:f98d
3.122.208.3
3.123.105.96
3.123.203.20
3.126.56.137
31.220.27.134
34.120.139.69
34.96.105.8
34.98.67.61
35.186.193.173
35.186.253.211
35.244.159.8
35.244.174.68
37.157.2.238
37.157.2.248
37.157.4.29
37.18.16.22
37.252.172.45
46.4.121.26
51.75.86.98
52.215.248.120
54.37.238.28
65.9.66.119
69.173.144.139
78.159.118.240
80.64.106.147
82.113.101.132
91.198.36.26
91.198.36.35
94.130.13.220
96.46.183.20
011b3ae80023242fbd15b0f8b01e2c5a429892a2392e56769bbb935ee0e2e748
01b58ddb2f86a768f91751b62f25395417f6cf526191a4aefc1ebe4f8beacdcb
0323d64c6d26497fd4ebd93e78c618d5b1a7afff77581965348a1baa3b717d98
05a1d421a4edf1e1ae9bd3381c39262160a0601cf2b325acb6a737aa09ee8b2e
0737ba1f3e19945cfe2cedc4b9b06f815c85a61cfa879023cd084b80547b1d8d
0926abd1573b08b813715978b2603d47f6bef15be3b7f5fa44769fe6000d7245
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be2379234dc3da388a009dec6a8204e17edd28b2f09b2003b64282d59125702
0c816db78c9677581e1a5944e4822496ff397e2fdba0df34a2f809b49562f3cf
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0f0bf36f4a11443a6f4400d1257cccdeffce17d2e243507d864c06a211251ce7
0f84b4437d0e326f099259177645ade546748ffc9d1401f786a1a196d8bfdfe0
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1246d6849faab2638993561535bb95cced30ef5400c522face78a1039cdb9b83
124c07b4e8796fd121878e84b052e054d9bf8d1049180a88667ba9e9f2083daf
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
147b1111edda7e2c2f9d672b5649de2f2dc5d5cb9dda7905198aa883a4273013
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
1713a1dc09693d01f4724c48cfaab88da8b9a434a417bfc33be94f6e566fa731
19cfa2789b5c347c0f7f12eca121b19d0c863b8836a07a1ea8c439787d2488e8
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1bd196d565563f0794da7029dbcb33017505af825740628890b240bf2068e41a
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
20b48f2d06a2ee4cdf0af422cb963e9245c92654af2706678e6f69f0391fe7b8
21619248936f4d1b198aefbe7b89a7c855f29d4911d540d4d16c075a206aac12
21b9f5c85149272e89310e9bc515a4b09bc41f2190f3a6d12355f98d51d11386
24b8dee038e42eb0a35f5f2250385a6e7821a0410a4c55f4afaab79dad56b470
258648f036b2724ed8b9868d5e04d05d6f76b6a9aed313da504c76e436a127c8
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
27fab14198ee501fee429ec1be7048d0af1ae5ee2b24a7478729118914c2c726
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28294fa7754e0d4411cf16f03459c15d031813960b5d71169340ace883a1597e
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a5ffc4b5364d3c9b497b0358cec59b47658cdbb7455e840977d80dffcc4c37b
2a6135b4fdc2e5aa7701bef24955e945ee9222144edd93e00a27fea47e7fca8b
2c87d3e2f818ba84a6d76a422499b997d743c05d936adfd84539290a8f0fec42
2cb6aa168491f0d76255839ccbed19fba4f560bcf0b95aea1dc84aa257ac685c
2d310648a31461f6b76c38bca295da135b9825938ad1defab174fc29b414487b
2dc7824b4593a58aaed31c8fdf7599e685f8e164900349adb9c8c09948b48f01
2e6388440eb7209bea8e05c25d23d9751b5f3512f1052ffc52a79cc09d5b457e
30092b46eb1f26a95ff624f4f2a6e33b8765c8e9c2d3b43112d1c1aa6316b470
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33400288ff10f1c8cec3cad23ad3c910f5a1f93ee89860224ac248fdb1118f1d
33ba16e1b1d8a7bd9b5fd855dbe3db459460d39b818944c98fa56efc03d04070
33e16199d9717148e8043208cda7ac30a9140610e98aaab2d6ac8bfd8a6e5e74
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
36a97fa351a1aa35ceb940c07bd4d1beac0c9c65c493784cc7bee6ab7090a301
36e8435564fbeaa59d7c1b052cc8297092a2fce7471d86976777f7027daef8a5
3705d0878203cc0b2525dcb0f874d85cc6b881d1fca1869191da4e599c768241
373aefdd3a72fc0f86f179979bb9c55bfe0883cc9df51f792a68a7ef66ddc3b1
37c776d2e3ca6d9c4b96ee721c24f9b1a87067762c5aceaaea350dbb86a07f17
3d0bf782b47dcd079eedf6bb34ecb0742c114a4e4b90e37a58a412482101b475
3fef54925ab497557a1799dadb2064f78e3557c19fbc9b27b9439b5ff529cec5
41d8b507e1f0f50da02267c292c88847b976530c43abf8c7b6ac099f68dad381
4292092746cc87ee5e39bbcb8a21dac324e3ff1b79a25f8213e5ea7e589be46d
42c91ea11139092cfa357ee0b2c512ee0e0819f4140194372755f543f2ea10a0
42e83052d92107ab13f5565a4101eb3f49457ce252a2310a09b4f4baafbb28c9
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
47620c41b67e387ccf1f9f1e5148c4f14a8d48cdcb8c5669472a0edfe6e3738a
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4a1ad6b15b75f1ac130c6779e0b891943298db212b158a4a6f92e4e8ae9fd328
4a5bee91860d073538c8117cde2b4033362dd7ae82ae87b18412da76a861d74d
4a6be2093e3e0effead5f267e134429c4645c7a98141e4b47dc025e9a2d069a7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
501625e01479ab61367685da5241d5c2e035c98e1770182b278844059a8b1bb8
5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d7d94410ff16c24db95f131746a855300256defa9dfb4dd8e5c9131d0ee016
50e07aa79dc79061d84384ddb8284f3f4f9db1c00dfd3b93f10a0026ce846172
51963d3074e03b274597ec8a657697e989d104197d060d7f71e4df8971c25edb
53be90903ccdd4eb68ddbb8906ce7d84afa951cf3004fb95c19cbcfa11ae9381
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ecff94787e130bec3a98142da5a6ff282e653f7481c8bf337eda24915d0e32
56bfc89aa9c7aa97db2e2d727b124c66255a19070cc324c9526ff3ff75de8d26
57390a59a4e6bc139c12e476c0811a97ba27438d8281070035d778f336ddb30c
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5896ea849925a8d011fdf4335065a28cb8e14b03a822a427d1512bd42ec12740
5926909d5b2393897dacf20cc276aed0163eb4ed60cb79a6b5c5e892e53e4792
5b4c50db42f5cb9000efc48143a7a8bff2f887712a77874defbd30a9372e0e83
5d1b56a762d63b6e9bfb8a70552ce75c1c3938c782f8d9de971ecc960836c451
5eae2c0778d946f9d71d3da5657f33c7c19c4fbd5a62ec0b447c643636dbd0c9
604101a36fa71dbfbecf6ac29b783e2879c58fe93135511e299b8920f0bd1e8d
6056ffc424715134bc8cb5583ce0af5e2bb6c2eb772550a0519e1afd163eb4d6
60913d7f0a99b85754f1bdf3666856f52e1a041ce2fa58c0f01bb794a8649710
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
619f5ad8418d48505c939e316c463f6316f47b1c15b4b1333cb2c92488cae840
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
6316733cee30d53f937ba821e429ea084ed89ec8367be14a676c4edb9d3730b3
644dd08aa6d64a4d31e0df7feef58f753382ccd5769f9d26aa426ea2f49656a0
659caa9f3d3c4d5386d561a68317c8343949b2300c74c432fd0f4e65a3335116
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
686e714a396ef9b1cb39f3c06f50dbc54b5105a6d3a7c41e013e624f3edfb84d
68859645aef6b0e9900bd3de2a284c24022de62f9b4e6295113a9f33c12faa70
699c186d7d74ea78249d6613fa5428740d877e85cb4a2b9ce2de86a74d353e61
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bdc397f15aaf13d1d53fa82dc2b2b44fb65561176562d0f46e7cfd2e277b6b6
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6e2ad399edc1695ec19228b68829128919bbc7fd1ab664be415f06ef3e9e6436
6edfad1d5d6275fc7ade68ffb1f07d480fdbb39579fa359bc9c7ea1d4649fce9
72b580a3910165e1d90e683efbdc98dec5e188d11827b42ace5b28146a38c85a
72f3e79de2c309bf00c759747335460c1e0c7100fc1ff8446a475b4584a7efcb
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
759834b7316b31b838b427955065153b2eda46f8022fe1e0892323f599d6947e
75f5b9882e6aba60eda5382bba68a064001a689c074711510871c8d8ea26a2a9
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b
76e49115526453de96a772c70c6c021b844fde78b5aa5a467b40c33c0dd8f783
78cbaa220a3f11c867474ddadf63a4393b21d74ad464f7f79ad1d124664166ec
7a3e2211e9bf114d049bb17ffdab66a889f20a55770d462a3136b573e23c439c
7b4b07d23354c543dc43e161b5abe841f026ebaf1d53ac0cce0e3884b970f871
7b8e36274e8930a38a94c85117c749376c2a1d7a219fe1558e2a58dd39e9e1dd
7c31215f8668d183f1b54033180f96e7bf6d64ada5fc3597c8dcedd0163c8b72
7c5a0aad1b59f9c9806e1cca44b63a1acf648bd64ff33a65ffb4eecfaf6a1831
7e5bd79cb954759cc000c99236ca0836418531fd48e30101c98c614ab08525ab
7e9c22d02fc319b701844b334477a05fd32acee9668feb98672f6c27887f79cf
80a84b01f3b3b41111d7d7b39f85f94ffd5883ec617bb40cde73a1f69251dea6
80c7fe7749a6e8c85fa6473e7bbba5c5dc6ffe20a86036de26d91bd4b9a4e8d4
813e00e93ee3876232674bfb1e27eebbeebc4a9494fbe02aff87c00aa6834ee9
81c08fef0a82e1cc4a63f66a1b54ef3eefe0a1fd676620bb02529cffe36bcb4e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874cad10027313f3620a770d4a338369833ed5b3913f0793cb8500361b19e6ea
87e858bf975ef9f79ae3d7750fe8c607ffda672ecc3be636859f14be59b080b5
890472238ca9a7abb8cdf59d3d3f88852036c2b958e51ca26f9761286fa6d9d9
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c49566661e25a56098710ae7c23c306a8cd94bf3ac3614686aa7f9a3afb1c32
8caef9f4576121cda798090e8813bfa0e75b1e7aec2246f3ea9dfbcac547e7eb
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a
8e516d1a4cd79279eca3fd875d4b461e2f5ab5a782a2449c64fbc7b217d649c7
8fc1968b29dece9ab454a19447e2ba9565358032217a6b3b9fe2f8b25e0c209e
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
90a16f7efd590e129e99a3c5fc8886259be51cf6205e8f582ad69da2f77b64e7
94efbcbddc045364d47cd2b5d0b21b9ef088193e0187fead4094cbfd440ba49f
96178a9090fb5b87690faea4f0d19b95ecf89435f1d01995af9c176531719686
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac
9a8315eb3d9f6bc8cf656427db34ba9fbf5a4aebc59d6ed07598738d21afc4ea
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b99450717649bd5715ae5cba0e064d8cc879abe705815792d66097163cfb576
9cdb8386ec50b0345596bcb5e09cd9dc70a852baaf4725eebbf1b2b3633a367d
9cfc3a96cab0eb315783265b6db554e532e060952d409399cc7dd1d7e775b9a3
9d1f93cc58ce3d5ed14e88bc68458c2b4f41569bc8a9f8e239bc5449ff179852
9d26abfff6599dc90bba98b8fb31c76249394c0dcf43d0ec542882b1f324cd1a
9dc5161268f9c2758201d0e6ddfadfc0b12da19ebdc6b3f14cb22e78438c790d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10e7064bf6a788c67304be2dacba454fca986a3bac0d0de71c79fb6a54bd1bc
a146b134bba34a5ae7be0d95e28a480d41fe75df3d9f4c30d64ef8ce01ecc270
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54b4444ecbfff874f40f5696136c22e13cc98a9311fea8dba07daef9d219b80
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7bd160faadecf8e0df42d750aa8ce10138284d76481555c3044551104cc8964
abd997957ed00b3f3005fb952893a6e757b7dc38dbb4fa6f0e12592aaeb25ef6
abda83b7b0fcad530a82341fef5a3b7acdfa13778c13debf5bddcc21beea49c5
ace460c46045291b5ad4be14c916040abb638a717f7737b062e05405be837611
ad04ecc25afc06bdc025fced82e8487a956f9c5a43fe7d0123b713b260fd53ea
ad8d6790c4653e3bd078031ffcd5b9c231056162ff04ae386ad85fb74e89407e
ae161ed60b805ef55252d8015763b0d99d598643677e4a647862f6c4a6c6a8d9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1dc99c08bed44a192198954efc8cbacc39cf81b488b84f1d3f064a9c6de8b85
b368c76d7ca58e5f4cd899c8a886714ec5d002fc6f6cbf180fb6781dde21c18d
b6ce302111de6cc0467e584ea54cd79e186e2c2d2872c1809ff7548ed750ce96
b7571b5eb29a982103da1278da9d91a7e7b55a194611dd5eaaf522444b7df496
b8c4970effe0407ad472f9100787e4b62250369cafc1da77e41a8ced7166758a
b8ef68c532845c4d011981f695c3506d8f1e37ce40786ac175953e70178edf19
b91db7c75a9298ebde0c0fdd241fdf8178a860f1ae22cbd11fa78bd78fa54f3c
bbb94c9bab834a9b73833943be7ebbf7a309bf6b8dc5a34e9a80f2ea1616f5fe
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d
be705c134d98e7a215275e82ed9d928f4361b65143517f9809ae1c9e113eeb42
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
bf0a76fe476f36dbb44a925fdfc3425c12db0ccc71f08e54f998faf49699e4bd
c1e4449092ab5426ac4550055ab12d71e7bd435c52be8d3d9af192435a4c6b10
c228cfe6b3ebb46f183eda1d08be68dfc80fd7680ce97ec6daef9b3d81f52b44
c30b014e3192d3d0d52b07e96b08e53ae72996798717bd8a46eeecfb353e7f16
c36e47807dcd7007ad03da542eaf26372ca10a82abf270d73d7ada5be65fd767
c7a700ef088ffaea195e7a00957b4af5d85147d811902d847ec8e86d94162f4f
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
ca18a695aa649c8be202136c7e83fe201f90b7c3391d45fbe971689d9bb3ebcd
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cc4485b98bb5818c5d48fb23119879c956a55a4e3630f9305192aaa770b17399
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9a6d2d58d42b5239d8c9405c627d9c995f11eb4e2807be1f4f142028dd5f9f
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d1f647bb2c2cd06b7531b514ad62a0d6c4b403329babd0a502e0f56fa6187b5c
d2f0f0ea6979359bd491ba9560cb1bad817ab00b74a14a1308ef8bf372e8846e
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d5cd62ce7cfdc3778c2c0a2576587ad27c9ef602d6d6a5ae4106518d9114c7a0
d6a283ffecebdc045a35405495cbc07f8411c97339d4f916cc2b4959b132313e
d6dcdc16622f417e6c5dc299bbe515ebb636e2964a1c8729fd869474f66b80ee
d75ab9d55ca668d58f3b3f444267c3f38dd0d731c093a9c3221e1ee4f19ef512
d7df2bcaf741416b5b5da1db82854dcaa9baef9cb1af177735b6ba8ee8b2b07a
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db42a29165eb970adf9b58acafc76da5159f787943ee213e4c1c6e1aadec9992
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46
dc00d2dc19a9dd32d5f89ec3d68bfed90dd775a5fa638855b7fe00d6415f379b
dca8823de767a73c21ca691a91cf4a6b73390a64ee42565d8c47c70f3a6e24eb
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dea8281e09b0019fa007b09d3c83c4adcb3e19cf82c578611305a3bdb0cf548c
e0258e66eddc5ec291e7b9089c7c1897ae1b38c693f5627aaa3911f83d83d26e
e09b2dd8838df37e9abab83c276821dce1d4484bf03e0b2d6bdea6a454e8657d
e0aa33565d329e1218a6d190b0aa8c20e73d637429df09713949330e4632d7cd
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e1a9f29f42c8aded9c06916867c167eeefff784bb887ea25d10959df0bbf25ec
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e51c445db4975b5607340b0d87f43e608360dd02f7f8e3a5acbd8d4cf4ef4c66
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
e938ab5c05afa7cd14c78f8ef80555ceff653d20b7ebe55a061911ca67068f7c
ea13b282c1ba7a41f41f284b0c1c084e7151e48be7c78cc9e57824c44d2c0e0c
ec66339ee29bea838a449c34e107fced546cf0ee0e04e9085dda0a12cf7119f0
ec8edc24a0345085f6254993b33757f537d439f8cae8e0398a4640329cb97a21
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24df5d33ea47df9d057f818b666c0f44fd601108723168b9495fb8512f4a57a
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f680b3e02ad880ed3077dda37fe4b5009db17a91a95404a742c67a2c5de7bbd4
f6b9d2159a8298cef6fd0897da2f2e8002b416ddf5d33b5d7ee93b5e951a60c7
f74c04529f8d5f9c248eda87caec654de5e5c61dd40e9ac4696b026d2841b131
f7e06ae449bdd4ebece6e26cdb36840f7cb19f28b57bbb6b8647a54535557d3f
f8880b7cc78fbe5f56ef008bb1961905036f577293c77a34b07e507c005f403d
f8c9ddeb88e1152c1d38e48a1809e5b2077917d09a06c2336e909feeae19ec01
f8de3f57f49b005896d4c3c10979df9cff5048ddfe29ebbe36507ed1ebff60a4
fa0b379576b2be415c0b2e36ccf7d3e7f8e2f799ff324445b5362baac6f16378
fb8ce03c389581661b57ca719e9ef48c4f7aa76efe3ecff14dbe600e1ffc3319
fc1a4ccf57ea460936d3328138ec4053d59bdb7445ea7930e9820cfe57eb2c0a
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fd84710193a102562bd8326c528bb5336dbf27f814f2954dc086a90131a6eca0
fe26508b493439d336ef61b807d8f9e4c41415b59fcbd35753498512d816970b
fe875ad1c8a536d3bef1595405d66497bc653fe49af89f83e840fb5b88a5ee5c
febb6c6919b74dfa0193deb85ac6be5838b29655dbc591e600fa07b3bd7dc0b5
ff08dcde9a458eb086ac477a627e4074978ac9655fc243620e91232064c32b79