nv.ua Open in urlscan Pro
2606:4700:10::6816:3649 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://nv.ua/
Submission: On December 14 via api (December 14th 2022, 3:26:15 pm UTC) from DE — Scanned from DE

Summary HTTP 122 Redirects Links 118 Behaviour Indicators

Summary

This website contacted 49 IPs in 13 countries across 33 domains to perform 122 HTTP transactions. The main IP is 2606:4700:10::6816:3649, located in United States and belongs to CLOUDFLARENET, US. The main domain is nv.ua. The Cisco Umbrella rank of the primary domain is 121121.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 3rd 2022. Valid for: a year.

This is the only time nv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
38	2606:4700:10:... 2606:4700:10::6816:3649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2400:52e0:1e0... 2400:52e0:1e00::864:1	200325 (BUNNYCDN) (BUNNYCDN)
1	146.59.30.108 146.59.30.108	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	13.224.195.78 13.224.195.78	16509 (AMAZON-02) (AMAZON-02)
1	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
1 4	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
1	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	52.57.177.80 52.57.177.80	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
4	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	46.105.202.39 46.105.202.39	16276 (OVH) (OVH)
1	13.224.191.98 13.224.191.98	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c09::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	149.202.77.192 149.202.77.192	16276 (OVH) (OVH)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	23.51.120.104 23.51.120.104	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.36.94 104.18.36.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.18.232.130 2.18.232.130	16625 (AKAMAI-AS) (AKAMAI-AS)
1 3	172.64.154.237 172.64.154.237	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 8	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 5	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:4483:92fd:9ae4:d5c	16509 (AMAZON-02) (AMAZON-02)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 3	52.94.223.167 52.94.223.167	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:22::14 2620:1ec:22::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 4	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
1 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 2	52.50.17.128 52.50.17.128	16509 (AMAZON-02) (AMAZON-02)
2 2	3.68.131.166 3.68.131.166	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d018:cc3... 2a05:d018:cc3:fe05:c40a:eeeb:93e7:6fa1	16509 (AMAZON-02) (AMAZON-02)
1	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
122	49

38 2606:4700:10::6816:3649 (United States)

ASN13335 (CLOUDFLARENET, US)

nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (Poland) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2400:52e0:1e00::864:1 (Slovenia)

ASN200325 (BUNNYCDN, SI)

cdn.membrana.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ym-tack.b-cdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.108 (France)

ASN16276 (OVH, FR)
PTR: ip108.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.171.53 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.177.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-177-80.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7caf (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.105.202.39 (France)

ASN16276 (OVH, FR)

u.heatmap.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.191.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-191-98.fra2.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

80841b26ec44483329df41eeb27c08a7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.202.77.192 (France)

ASN16276 (OVH, FR)
PTR: eu8.heatmap.it

eu8.heatmap.it	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.51.120.104 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-120-104.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.64.154.237 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 69.173.144.138 (Frankfurt am Main, Germany) 6 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:4483:92fd:9ae4:d5c (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.94.223.167 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:22::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.17.128 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-17-128.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.68.131.166 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-68-131-166.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe05:c40a:eeeb:93e7:6fa1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
38	nv.ua nv.ua — Cisco Umbrella Rank: 121121 static.nv.ua — Cisco Umbrella Rank: 425371	1 MB
11	rubiconproject.com 6 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 451 eus.rubiconproject.com — Cisco Umbrella Rank: 547 token.rubiconproject.com — Cisco Umbrella Rank: 551 pixel.rubiconproject.com — Cisco Umbrella Rank: 321	14 KB
11	amazon-adsystem.com 4 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 308 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492 aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1090 s.amazon-adsystem.com — Cisco Umbrella Rank: 276	53 KB
11	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 81 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	133 KB
9	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 478 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 413 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507	7 KB
8	googlesyndication.com 80841b26ec44483329df41eeb27c08a7.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	42 KB
5	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 218 acdn.adnxs.com — Cisco Umbrella Rank: 579	20 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 83299 ls.hit.gemius.pl — Cisco Umbrella Rank: 16948	22 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 72 region1.analytics.google.com — Cisco Umbrella Rank: 6986 www.google.com — Cisco Umbrella Rank: 2	2 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 734 gum.criteo.com — Cisco Umbrella Rank: 399 mug.criteo.com — Cisco Umbrella Rank: 3032	8 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 11832 www.google.de — Cisco Umbrella Rank: 7952	1 KB
3	heatmap.it u.heatmap.it — Cisco Umbrella Rank: 33943 eu8.heatmap.it — Cisco Umbrella Rank: 230337	11 KB
3	membrana.media cdn.membrana.media — Cisco Umbrella Rank: 118680	193 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 718	1 KB
2	bidr.io 2 redirects match.prod.bidr.io — Cisco Umbrella Rank: 476	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 323	529 B
2	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 605 cdn.indexww.com — Cisco Umbrella Rank: 1503	2 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 662	58 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 784	3 KB
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 604	491 B
2	3lift.com tlx.3lift.com — Cisco Umbrella Rank: 501 eb2.3lift.com — Cisco Umbrella Rank: 350	656 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	159 KB
1	adroll.com d.adroll.com — Cisco Umbrella Rank: 1464	181 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 644	506 B
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 372	707 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418	617 B
1	adtelligent.com ghb.adtelligent.com — Cisco Umbrella Rank: 6038	276 B
1	adpartner.pro a4p.adpartner.pro — Cisco Umbrella Rank: 9870	404 B
1	adform.net adx.adform.net — Cisco Umbrella Rank: 4774	478 B
1	b-cdn.net ym-tack.b-cdn.net — Cisco Umbrella Rank: 73690
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	27 KB
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 216035	310 B
122	33

	Domain	Requested by
28	static.nv.ua	nv.ua
10	nv.ua	nv.ua
5	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
5	cm.g.doubleclick.net	3 redirects
4	s.amazon-adsystem.com	2 redirects ssum-sec.casalemedia.com
4	pixel.rubiconproject.com	2 redirects
4	token.rubiconproject.com	4 redirects
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.google-analytics.com	www.googletagmanager.com nv.ua
4	ib.adnxs.com	1 redirects cdn.membrana.media acdn.adnxs.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
4	gaua.hit.gemius.pl	1 redirects nv.ua gaua.hit.gemius.pl
3	aax-eu.amazon-adsystem.com	2 redirects
3	ssum-sec.casalemedia.com	1 redirects js-sec.indexww.com ssum-sec.casalemedia.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	c.amazon-adsystem.com	cdn.membrana.media c.amazon-adsystem.com
3	cdn.membrana.media	nv.ua cdn.membrana.media
2	pm.w55c.net	2 redirects
2	match.prod.bidr.io	2 redirects
2	match.adsrvr.org	ssum-sec.casalemedia.com
2	eus.rubiconproject.com	cdn.membrana.media eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	static.criteo.net	cdn.membrana.media static.criteo.net
2	www.google.com	nv.ua tpc.googlesyndication.com
2	www.google.de	nv.ua
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	u.heatmap.it	nv.ua u.heatmap.it
2	unpkg.com	1 redirects nv.ua
2	ap.lijit.com	cdn.membrana.media
2	www.googletagmanager.com	nv.ua www.googletagmanager.com
1	cdn.indexww.com	ssum-sec.casalemedia.com
1	d.adroll.com	ssum-sec.casalemedia.com
1	cms.quantserve.com	1 redirects
1	px.ads.linkedin.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	acdn.adnxs.com	cdn.membrana.media
1	js-sec.indexww.com	cdn.membrana.media
1	eb2.3lift.com	cdn.membrana.media
1	mug.criteo.com
1	eu8.heatmap.it	nv.ua
1	region1.analytics.google.com	www.googletagmanager.com
1	80841b26ec44483329df41eeb27c08a7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	htlb.casalemedia.com	cdn.membrana.media
1	bidder.criteo.com	cdn.membrana.media
1	tlx.3lift.com	cdn.membrana.media
1	ghb.adtelligent.com	cdn.membrana.media
1	a4p.adpartner.pro	cdn.membrana.media
1	fastlane.rubiconproject.com	cdn.membrana.media
1	adx.adform.net	cdn.membrana.media
1	ym-tack.b-cdn.net	cdn.membrana.media
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	www.googletagservices.com	nv.ua
1	c.hit.ua	nv.ua
122	56

This site contains links to these domains. Also see Links.

Domain
biz.nv.ua
podcasts.nv.ua
life.nv.ua
radio.nv.ua
techno.nv.ua
health.nv.ua
sport.nv.ua
azart.nv.ua
shopping.nv.ua
www.facebook.com
instagram.com
www.youtube.com
t.me
english.nv.ua
twitter.com
www.instagram.com
play.google.com
itunes.apple.com
promokodi.nv.ua
podcasts.apple.com
podcasts.google.com
soundcloud.com
spoti.fi
www.mixcloud.com
apps.apple.com
ua.depositphotos.com
interfax.com.ua
ukranews.com
hit.ua

Subject Issuer	Validity	Valid
nv.ua Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2022-09-13` - `2023-09-25`	a year	crt.sh
hit.ua R3	`2022-10-07` - `2023-01-05`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
cdn.membrana.media R3	`2022-12-05` - `2023-03-05`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.b-cdn.net Sectigo RSA Domain Validation Secure Server CA	`2022-11-07` - `2023-11-11`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
adpartner.pro R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-12-03` - `2023-03-03`	3 months	crt.sh
*.3lift.com Amazon	`2022-05-13` - `2023-06-11`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-22` - `2023-06-21`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.heatmap.it Sectigo RSA Domain Validation Secure Server CA	`2022-06-12` - `2023-06-26`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
cdn.adnxs.com GeoTrust RSA CA 2018	`2022-10-21` - `2023-10-22`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-21`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://nv.ua/
Frame ID: CD86BA76F5CBF4282511F3D8C3A35477
Requests: 87 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: D1B6344E91CD0B01B9A783D117C39477
Requests: 1 HTTP requests in this frame

Frame: https://80841b26ec44483329df41eeb27c08a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CFE804A87CC9C9E43AEC054B9F520963
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nv.ua
Frame ID: DB4C29179304AC92CE28F3A516B2D704
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B96920B8D02FDE7D6EA1ED2106E43DBD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1EA1C6030D8BF461F64B3CBF8A3193FC
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A256CCF30DBF0914F71D882D769601F2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 89BE995735727B26967C99863F9F3613
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: D9253507A0C88C4F8DE1B78A0F0DB49E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8EA3AD28229A7DE4B5C53CA2002CA982
Requests: 3 HTTP requests in this frame

Frame: https://ap.lijit.com/beacon?informer=13408038
Frame ID: CD1FDAE6459ABF9BE06C63739983C1B5
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 69C4295AC4A58AC08CA62FB2DBF021DD
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Новини України та Світу. Головні і останні новини - НВ

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

122
Requests

87 %
HTTPS

47 %
IPv6

33
Domains

56
Subdomains

49
IPs

13
Countries

1806 kB
Transfer

3602 kB
Size

41
Cookies

118 Outgoing links

These are links going to different origins than the main page.

URL: https://biz.nv.ua/ukr
Title: Бізнес

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/ukr?utm_source=nvua&utm_medium=desktop-menu
Title: Подкасти

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr
Title: Life

Search URL Search Domain Scan URL

URL: https://radio.nv.ua/
Title: Радіо

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/economics.html
Title: Економіка

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance.html
Title: Фінанси

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets.html
Title: Компанії / Ринки

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/tech.html
Title: Телеком / IT / Медіа

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/top-100-bogatyh.html
Title: Профайли ТОП 100

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/publications.html
Title: Статті

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/bizinterview.html
Title: Інтерв'ю

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts.html
Title: Експерти

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/consmarket.html
Title: Ритейл/Нерухомість

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/?utm_source=nvua&utm_medium=desktop-menu
Title: Подкасти

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr
Title: Техно

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/it-industry.html
Title: IT-індустрія

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/gadgets.html
Title: Гаджети

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/innovations.html
Title: Інновації

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/popscience.html
Title: Наукпоп

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/technoblogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/games.html
Title: Ігри

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/krasota-i-moda.html
Title: Краса та мода

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifestyle.html
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/blogs.html
Title: Блоги

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/health.html
Title: Health

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lyudi.html
Title: Люди

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/socium.html
Title: Соціум

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/art.html
Title: Арт

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/kids.html
Title: Діти

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/travel.html
Title: Travel

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/food-drink.html
Title: Food&Drink

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti.html
Title: Знаменитості

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/evrovision.html
Title: Євробачення

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/horoscopes.html
Title: Гороскопи

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifehacks.html
Title: Лайфхаки

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr
Title: Здоров'я

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/medicine.html
Title: Медицина

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/nutrition.html
Title: Харчування

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/fitness.html
Title: Фітнес

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/happiness.html
Title: Щастя

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/sex.html
Title: Секс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr
Title: Спорт

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/football.html
Title: Футбол

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/boxing.html
Title: Бокс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/tennis.html
Title: Теніс

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/hockey.html
Title: Хокей

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/other-sport.html
Title: Інше

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/zimnie-olimpiyskie-igry-2022.html
Title: Зимові Олімпійські ігри 2022

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr
Title: Азарт

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/news.html
Title: Новини

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/articles.html
Title: Статтi

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr/reviews.html
Title: Огляди

Search URL Search Domain Scan URL

URL: https://shopping.nv.ua/ukr
Title: Шопінг

Search URL Search Domain Scan URL

URL: https://www.facebook.com/media.NV

Search URL Search Domain Scan URL

URL: https://instagram.com/nv.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/@NVUA

Search URL Search Domain Scan URL

URL: https://t.me/nvua_official

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/health/zhinoche-zdorov-ya-50289198.html
Title: ЖІНОЧЕ ЗДОРОВ’Я

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/bizinterview/zhinoche-fermerstvo-pid-chas-viyni-50283162.html
Title: Жіноче фермерство під час війни

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/5-nagalnih-tem-dlya-pidpriyemciv-50260846.html
Title: П`ять нагальних тем для підприємців

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/dumay-globalno-diy-lokalno-50175561.html
Title: Думай глобально, дій локально

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/novaya-komanda-kosyuka.html?utm_content=set_lang
Title: Нова команда Косюка

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/lifestyle/zszh-v-xxi-stolitti-yak-poyednuvati-priyemne-z-korisnim-i-ne-boyatisya-peredchasnogo-starinnya-50190870.html
Title: Здоровье в 21 веке – что нужно об этом знать

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/totalnaya-izolyaciya-rossii.html
Title: Тотальна ізоляція Росії

Search URL Search Domain Scan URL

URL: https://english.nv.ua/
Title: eng

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/farmacevtichniy-biznes-pid-chas-viyni-50285937.html?utm_source=nv.ua&utm_medium=1&utm_campaign=ukrmarketsfarmacevtichniy-biznes-pid-chas-viyni-50285937

Search URL Search Domain Scan URL

URL: https://azart.nv.ua/ukr?utm_source=nv.ua&utm_medium=1&utm_campaign=ukr

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/rivno-cinni-u-biznesi-50289911.html?utm_source=nv.ua&utm_medium=1&utm_campaign=ukrmarketsrivno-cinni-u-biznesi-50289911

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/punkt-nezlamnosti-z-internetom-fregat-gotovit-punkti-obigrivu-iz-merezheyu-24-7-novini-ukrajini-50289886.html?utm_source=site&utm_medium=lentaglav&utm_campaign=promosite
Title: Будуємо пункти інтернет-незламності по всій країні. В’ячеслав Мішалов про те, як «Фрегат» відновлює зв’язок

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/urozhay-kukurudzi-v-ukrajini-pid-zagrozoyu-cherez-doshchi-ta-vidklyuchennya-svitla-novini-ukrajini-50290924.html
Title: Дощі та постійні відключення світла загрожують українському врожаю кукурудзи — Bloomberg

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance/dopomoga-yevrosoyuzu-ministr-finansiv-marchenko-rozpoviv-koli-chekatime-noviy-transh-novini-ukrajini-50290930.html
Title: Давайте одразу після свят. Україна чекає на 3 млрд євро нового траншу ЄС вже у січні — Марченко

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/rosiyskiy-biznes-shcho-derzhava-robit-iz-serednim-i-malim-biznesom-z-kapitalom-z-rf-novini-ukrajini-50290405.html
Title: Українізація російського бізнесу в Україні. Місія можлива

Search URL Search Domain Scan URL

URL: https://sport.nv.ua/ukr/boxing/vba-dopustila-do-bojiv-rosiyskih-ta-biloruskih-bokseriv-50290931.html
Title: «На благо спорту і на користь бійцям». Всесвітня боксерська асоціація дозволила проводити бої за участю росіян та білорусів

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/popscience/kitayci-znayshli-na-misyaci-palivo-dlya-termoyadernogo-sintezu-ostanni-novini-50290899.html
Title: Китайці знайшли на Місяці мінерал, який може бути джерелом палива для ядерного синтезу

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/markets/ukrajina-otrimaye-415-mln-yevro-na-vidnovlennya-energosektoru-minenergo-novini-ukrajini-50290914.html
Title: Енергоблоки, високовольтне обладнання. Україна отримає 415 млн євро на відновлення після російських атак — Міненерго

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/tech/twitter-zablokuvav-trafik-30-mobilnih-operatoriv-ostanni-novini-50290897.html
Title: Ілон рубає з плеча. Twitter заблокував трафік приблизно 30 мобільних операторів по всьому світу

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/finance/danske-bank-splatit-velichezniy-shtraf-u-ssha-za-vidmivannya-groshey-putinskogo-rezhimu-ostanni-novini-50290891.html
Title: Відмивав гроші Путіна та ФСБ. Danske Bank заплатить $413 млн за згодою з американським регулятором

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/consmarket/reforma-budivelnoji-galuzi-shcho-propisano-v-zakonoproekti-5655-novini-ukrajini-50290756.html
Title: Будівельний скандал. Чому архітектори, мери та активісти критикують новий містобудівний законопроект?

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti/demi-mur-pokazala-hvorogo-bryusa-villisa-pislya-togo-yak-povidomili-shcho-vin-ne-vpiznaye-ridnih-foto-50290718.html
Title: «Не впізнає рідних». Демі Мур опублікувала фото з хворим на афазію Брюсом Віллісом після того, як ЗМІ повідомили про погіршення його стану

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti/snayperka-yevgeniya-emerald-opublikuvala-seriyu-foto-z-osobistogo-arhivu-ta-vidpovila-na-heyt-u-merezhi-50290656.html
Title: У свій день народження. Снайперка Євгенія Емеральд опублікувала серію фото з особистого архіву та відповіла на хейт у Мережі

Search URL Search Domain Scan URL

URL: https://health.nv.ua/ukr/nutrition/yabluka-50100156.html
Title: Чи правда, що яблука — суперпродукт, який продовжує життя? Так, але є нюанси

Search URL Search Domain Scan URL

URL: https://life.nv.ua/ukr/znamenitosti/tanec-venzdey-povtoriv-pavlo-zibrov-ce-top-video-50290476.html
Title: З «живою рукою». Павло Зібров повторив вірусний танець Венздей і вразив Мережу

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/ukr/popscience/termoyaderna-energiya-realnist-chi-utopiya-50198036.html
Title: Після історичного прориву / Термоядерна енергія — порятунок людства чи утопія, яка все ж таки не здійсниться? 14 грудня, 14:55 Наукпоп

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_author/vladimir-semenishin.html
Title: Володимир Семенишин Президент EMEA SoftServe

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts/prognoz-na-p-yat-rokiv-shcho-vidbuvayetsya-v-tehgologichnomu-sviti-ostanni-novini-50290814.html
Title: Технології на стороні добра Попри те, що ми, українці, зараз живемо в середовищі війни, виживання, важкого емоційного стану та бізнес-викликів, нам треба ще й зуміти не випасти з реальності, в якій живе весь світ сьогодні. 14 грудня, 14:00 Експерти

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_author/dmitriy-kisilevskiy.html
Title: Дмитро Кисилевський Заступник голови комітету з питань економічного розвитку

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/experts/noviy-zavod-z-virobnictva-mivini-v-ukrajini-vdaliy-krok-nestle-ostanni-novini-50290581.html
Title: Як змити бруд від роботи в РФ. Кейс Nestle і порада Mercedes Чимало транснаціональних компаній не повністю або із великим запізненням пішли з російського ринку, через що їх реноме у діловому світі виявилось під загрозою. Вдалим ходом з виправлення ситуації є відкриття виробництва в Україні. 14 грудня, 17:22 Експерти

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/ukr/tech/krajil-vidibrala-licenziji-u-troh-onlayn-kazino-novini-ukrajini-50290884.html
Title: Слідом за 1xBet / КРАІЛ анулювала ліцензії трьом онлайн-казино з російським корінням 14 грудня, 14:56 Телеком / IT / Медіа

Search URL Search Domain Scan URL

URL: https://techno.nv.ua/techno_bloggers.html
Title: Всі техноблогери

Search URL Search Domain Scan URL

URL: https://biz.nv.ua/expert_authors.html
Title: Всі експерти НВ Бізнес

Search URL Search Domain Scan URL

URL: https://twitter.com/tweetsNV

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nv.ua/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.app

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/ua/app/%D0%BD%D0%BE%D0%B2%D0%BE%D0%B5-%D0%B2%D1%80%D0%B5%D0%BC%D1%8F-%D1%81%D1%82%D1%80%D0%B0%D0%BD%D1%8B/id1194455118

Search URL Search Domain Scan URL

URL: https://www.facebook.com/biz.nv.ua/

Search URL Search Domain Scan URL

URL: https://t.me/nv_opinion

Search URL Search Domain Scan URL

URL: https://t.me/nv_tech

Search URL Search Domain Scan URL

URL: https://www.instagram.com/nvmedia_life/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/NV.LifeStyle/

Search URL Search Domain Scan URL

URL: https://t.me/nv_shopping

Search URL Search Domain Scan URL

URL: https://promokodi.nv.ua/
Title: Промокоди

Search URL Search Domain Scan URL

URL: https://podcasts.nv.ua/
Title: НВ Подкасти

Search URL Search Domain Scan URL

URL: https://www.facebook.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://twitter.com/nvpodcasts

Search URL Search Domain Scan URL

URL: https://t.me/nv_podcasts

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCVoPOHZYyNUr1GiVnRVm2ig

Search URL Search Domain Scan URL

URL: https://www.instagram.com/radio_nv/

Search URL Search Domain Scan URL

URL: https://podcasts.apple.com/ua/podcast/%D1%80%D0%B0%D0%B4%D1%96%D0%BE-%D0%BD%D0%B2/id1394491455?mt=2

Search URL Search Domain Scan URL

URL: https://podcasts.google.com/feed/aHR0cDovL2ZlZWRzLnNvdW5kY2xvdWQuY29tL3VzZXJzL3NvdW5kY2xvdWQ6dXNlcnM6NDUwNTQ0NDQ2L3NvdW5kcy5yc3M=

Search URL Search Domain Scan URL

URL: https://soundcloud.com/radio-nv/sets

Search URL Search Domain Scan URL

URL: https://spoti.fi/39x63HF

Search URL Search Domain Scan URL

URL: https://www.mixcloud.com/Radio_NV/

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ua.nv.podcast&gl=RU

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/apple-store/id1540571606?pt=118513922&ct=Podcasts-AppBlock&mt=8

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/?utm_source=NV&utm_medium=footer&utm_campaign=UA-brand

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/
Title: "Інтерфакс-Україна"

Search URL Search Domain Scan URL

URL: https://ukranews.com/
Title: ИнА “Українські Новини”

Search URL Search Domain Scan URL

URL: http://hit.ua/?x=26009
Title: Cd=document;Cr="&"+Math.random();Cp="&s=1"; Cd.cookie="b=b";if(Cd.cookie)Cp+="&c=1"; Cp+="&t="+(new Date()).getTimezoneOffset(); if(self!=top)Cp+="&f=1"; if(navigator.javaEnabled())Cp+="&j=1"; if(typeof(screen)!='undefined')Cp+="&w="+screen.width+"&h="+ screen.height+"&d="+(screen.colorDepth?screen.colorDepth:screen.pixelDepth); new Image().src = "//c.hit.ua/hit?i=26009&g=0&x=2"+Cp+Cr+"&r="+escape(Cd.referrer)+"&u="+escape(window.location.href); <img src='//c.hit.ua/hit?i=26009&g=0&x=2' border='0' aria-label="hit.ua"/>

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://unpkg.com/web-vitals/dist/web-vitals.iife.js HTTP 302
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

Request Chain 63

https://gaua.hit.gemius.pl/_1671031565934/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=ub_30racscLszlh8jk6ApO6WnW_4yWhyCDrXw6C7w2X.Q7hF.PUo3H9Z5bvccXdmJkZ3bV2UHaNdDMcHK6gT8Ne6Ej89/uASggbpQHqI3b/&fpdata=YQhniB6jFE6z71LoPG78mX52VoYz7aGbUCpGtl38_4v.U7&ltime=357&fr=1&ref=&inner=_ver%3D333%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6399eb0d2252ba95&brts=1671031565&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1671031565934/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=ub_30racscLszlh8jk6ApO6WnW_4yWhyCDrXw6C7w2X.Q7hF.PUo3H9Z5bvccXdmJkZ3bV2UHaNdDMcHK6gT8Ne6Ej89/uASggbpQHqI3b/&fpdata=YQhniB6jFE6z71LoPG78mX52VoYz7aGbUCpGtl38_4v.U7&ltime=357&fr=1&ref=&inner=_ver%3D333%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6399eb0d2252ba95&brts=1671031565&fpcap=

Request Chain 87

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=x8x693xtSVpiY3U0dGpycnZsY2FlQ3hUdnNVT3dzMXFQMXlUQVphSlQ0MjIxTmJxaGpIWksxWlhiZC9RQ0hCcFRIV1l3QXNjdCtPb09yTmlGYWFiWUZDVnFhQTI4MWR2VXlHd1gyTDRzQTBBNnBXMjRYbDJhempRUy9zcHRiZDBwUGMyWE1EVGRuVGtsWk5raUhEQXhmZXVLSzF6d2NUKzBuNXBQNURqcUdYaDI3N25BbGxGdVFSbm5MRG10TUI2WEphbklUZUpJU2N3cmN1N09YVG9GSGNNYXdJcE5HUjk1UlZOZ21hRGFFd1U5R1VLWXp1ZGZRM0dva3RiTms1UTlyNFNCbTFNK1o2eUZzUGhWNzA2L0RGZlUrQT09fA&cppv=2

Request Chain 100

https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Request Chain 102

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Request Chain 103

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOVDFTQkItMTUtSEQxNQ==

Request Chain 104

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/VEFBhhwlz7ly9Phel6Z8fcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4.QCdNNE2oK3J8wUrLqPRgr34aIyS6bIopq80A--~A

Request Chain 106

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=50ddaVUGQ6S1heTkeVIoIA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=50ddaVUGQ6S1heTkeVIoIA

Request Chain 107

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBNT1SBB-15-HD15

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFVbIvSJW6OsU0tWQOe8LuU&google_cver=1

Request Chain 109

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWFjNmE0Yzc1ZTNjNzE5NTQ4N2QwNmFlZjc4ZGNjNmJkMGNkYmRiNw

Request Chain 110

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2Zz1Mp2VR76fjXenI6RRQg&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2Zz1Mp2VR76fjXenI6RRQg

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5nrEUNrKL0Cuskw-Bc6BgAAFB0AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIeuvzLacDDMoBjc49H4Lq0&google_cver=1

Request Chain 113

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5nrEUNrKL0Cuskw.Bc6BgAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA9D6YxdYOY8yQyY-FOTrhI&google_cver=1&google_hm=2

Request Chain 115

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=QFCFARMBjQpbV98LTwGRAURW3lxbV44AR1GDdDcy

Request Chain 116

https://match.prod.bidr.io/cookie-sync/ie HTTP 303
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADkDk7HM9YAAB86x1tRMw&expiration=1672241170

Request Chain 117

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=uXP2bqw11P5tE65

122 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
nv.ua/ 235 KB
49 KB 284ms
215ms Document
text/html 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc225bafb6cd2df3bbe1617e21d67282254660a72307d254c99e4456ecd7e154

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7797f4b018d7bbcb-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 14 Dec 2022 15:26:05 GMT
nv-cache: 180s
server: cloudflare
x-cacheable: 1

GET
H2 200 a197efbd4f02030ab7e2bc3c43012c9f.jpg
static.nv.ua/shared/system/Article/posters/002/610/636/original/ 351 KB
352 KB 103ms
68ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/636/original/a197efbd4f02030ab7e2bc3c43012c9f.jpg?q=85&stamp=20221214102145&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee02cbf38a563a6515d35416d464be844c93080aaabbf48c0fee7947bd02b3c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 07:22:15 GMT
server: cloudflare
age: 25393
etag: "b2a80b86c1a9c03845238f09e0ce5348"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b1cccdbbcb-FRA
expires: Fri, 13 Jan 2023 08:22:52 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 246 KB
86 KB 192ms
38ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfedd92697f13384c3ef9f6f21cd359d6685a6562020ad99b1de4db6d0c5fc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87541
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Dec 2022 15:26:05 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 64 KB
17 KB 169ms
35ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 6e5b89c63dfcddcf721da712eecc6eee483deb782118123e3e0215d7ec3085dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 13:05:35 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 17062
expires: Thu, 15 Dec 2022 03:26:05 GMT

GET
H2 200 hit
c.hit.ua/ 43 B
310 B 327ms
49ms Image
image/gif 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.hit.ua/hit?i=26009&g=0&x=2&s=1&c=1&t=0&w=1600&h=1200&d=24&0.6241154385121435&r=&u=https%3A//nv.ua/
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

p3p: policyref="/w3c/p3p.xml", CP="UNI"
pragma: no-cache
date: Wed, 14 Dec 2022 15:26:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
server: nginx/1.17.9
expires: 0

GET
H2 200 all_scripts.min.js Show response
nv.ua/scripts/ 133 KB
44 KB 96ms
91ms Script
application/javascript 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/scripts/all_scripts.min.js?4.116
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d14393252c06ed0054dcfd644b50ada8a7593bf8128f27c2d345910ba5db458

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 12:14:12 GMT
server: cloudflare
age: 183256
etag: W/"63971b14-2147a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
cf-ray: 7797f4b1fd4bbbcb-FRA
expires: Wed, 13 Dec 2023 12:31:49 GMT

GET
H2 200 1.html Show response
nv.ua/ukr/get_additional_blocks/ 43 KB
9 KB 99ms
95ms XHR
text/html 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/ukr/get_additional_blocks/1.html
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90759d70a2278d4dc8930724f5d108e7b417d49aa1ea4e1487836f62f6dec557

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
content-encoding: gzip
x-varnish-hash: GET:nv.ua/ukr/get_additional_blocks/1.html:desktop
x-cacheable: 1
server: cloudflare
cf-cache-status: DYNAMIC
age: 637
vary: Accept-Encoding
x-cache: hit cached
content-type: text/html; charset=UTF-8
nv-cache: 900s
varnish-ttl: 900.000
cf-ray: 7797f4b1fd3cbbcb-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 164ms
44ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27544
x-xss-protection: 0
server: sffe
etag: "1421 / 328 of 1000 / last-modified: 1670587582"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Dec 2022 15:26:05 GMT

GET
H2 200 ym.js Show response
cdn.membrana.media/nvr/ 389 KB
114 KB 106ms
8ms Script
application/javascript 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/nvr/ym.js?3
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 0e96fcb6892f18be36182e444084291dcfd03b90f66c4a8780ecdd0d616b28e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
content-encoding: br
cdn-edgestorageid: 1048
cdn-storageserver: DE-200
cdn-cachedat: 12/10/2022 00:05:26
cdn-pullzone: 139012
last-modified: Sat, 10 Dec 2022 00:03:33 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 300
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6393ccd5-6125f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: 782447d3e326bfb84e431140c10244f1
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 author-arrow.svg
nv.ua/images/ 419 B
419 B 92ms
92ms Image
image/svg+xml 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nv.ua/images/author-arrow.svg
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Mar 2020 21:45:05 GMT
server: cloudflare
age: 15060500
etag: W/"5e6ff361-1a3"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31557600
cf-ray: 7797f4b1fd5bbbcb-FRA
expires: Sat, 24 Jun 2023 07:57:45 GMT

GET
H2 200 DW_90x58.png
nv.ua/images/ 948 B
1 KB 39ms
39ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nv.ua/images/DW_90x58.png
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 671561c7b5807ce1f525b581bd2bc762e43504e0f6f6b09ef2c1f8ba98da7ada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
age: 3878
cf-polished: origFmt=png, origSize=1727
content-disposition: inline; filename="DW_90x58.webp"
content-length: 948
cf-bgj: imgq:85,h2pri
last-modified: Mon, 16 Mar 2020 21:45:05 GMT
server: cloudflare
etag: "5e6ff361-6bf"
vary: Accept
content-type: image/webp
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 7797f4b20d62bbcb-FRA
expires: Fri, 15 Dec 2023 14:21:27 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 37 KB
37 KB 50ms
48ms Font
font/woff2 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 3763457
etag: "60e41fd8-944c"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 7797f4b21da5bbcb-FRA
content-length: 37964
expires: Thu, 02 Nov 2023 02:01:48 GMT

GET
H2 200 icons.ttf
nv.ua/fonts/ 14 KB
14 KB 64ms
62ms Font
application/octet-stream 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/icons.ttf?686a3322dd25953a70b02d42b58ae3c0
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 11:43:45 GMT
server: cloudflare
age: 1651849
etag: "616eaf71-3914"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 7797f4b21db0bbcb-FRA
content-length: 14612
expires: Sun, 26 Nov 2023 12:35:16 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 37 KB
38 KB 49ms
47ms Font
font/woff2 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 24549574
etag: "60e41fd8-9578"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 7797f4b21db2bbcb-FRA
content-length: 38264
expires: Mon, 06 Mar 2023 12:06:31 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-regular.woff2
nv.ua/fonts/noto/ 53 KB
53 KB 87ms
85ms Font
font/woff2 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-regular.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 15060745
etag: "60e41fd8-d430"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 7797f4b21db7bbcb-FRA
content-length: 54320
expires: Sat, 24 Jun 2023 07:53:40 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-700.woff2
nv.ua/fonts/noto/ 58 KB
58 KB 83ms
82ms Font
font/woff2 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-700.woff2
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5

Request headers

Referer: https://nv.ua/
Origin: https://nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 8541594
etag: "60e41fd8-e8b8"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 7797f4b21dbdbbcb-FRA
content-length: 59576
expires: Thu, 07 Sep 2023 18:46:11 GMT

GET
H2 200 nv_logo.svg
static.nv.ua/images/main/ 2 KB
1 KB 87ms
69ms Image
image/svg+xml 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/images/main/nv_logo.svg?q=85&f=webp&stamp=4.116
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 653e544762ef3579e27972e6c26c8d1e8d6cbeae3f0ea229a226826276cf6ec8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 30 Sep 2022 12:17:29 GMT
server: cloudflare
age: 2866
etag: W/"6336de59-7ce"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b2bf5dbbcb-FRA

GET
H2 200 1075ac94531321641761bbbb80313292.png
static.nv.ua/shared/system/opinion_authors/avatars/000/014/261/original/ 6 KB
6 KB 86ms
68ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/014/261/original/1075ac94531321641761bbbb80313292.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7207c1161b18365488468eb3fde9e4a686b97af51da21daf2ccade2bb251efb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
age: 1659435
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 05:26:27 GMT
server: cloudflare
etag: "284dfe86641db543a532e909705954fb"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b2bf64bbcb-FRA
expires: Sun, 25 Dec 2022 10:28:50 GMT

GET
H2 200 bae8fe4c95b663f7c1aed1723c2507e4.png
static.nv.ua/shared/system/opinion_authors/avatars/000/010/810/original/ 6 KB
7 KB 115ms
97ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/010/810/original/bae8fe4c95b663f7c1aed1723c2507e4.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4976340def2fb203b3eeca3f8b34480265f8c0b08e276e26f1a175497cb6704b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
age: 267985
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Dec 2022 10:09:21 GMT
server: cloudflare
etag: "ca62a49260664b7a803bb6cb3bcb9f67"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b2bf6cbbcb-FRA
expires: Tue, 10 Jan 2023 12:59:40 GMT

GET
H2 200 c69a411ca9a7e378f74701ab43807ae5.png
static.nv.ua/shared/system/opinion_authors/avatars/000/011/002/original/ 7 KB
7 KB 87ms
72ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/011/002/original/c69a411ca9a7e378f74701ab43807ae5.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a2da8f81c8efe9e4e54fed45b1b5ead9b4d8008fa32783e8d432272169dc593

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
age: 8941
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Wed, 14 Dec 2022 11:56:47 GMT
server: cloudflare
etag: "65cb0add36cda186ba0193b9fb5f6416"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b2bf6fbbcb-FRA
expires: Fri, 13 Jan 2023 12:57:04 GMT

GET
H2 200 86785f8cd6708a6eaa9d2d6ccd573c43.png
static.nv.ua/shared/system/opinion_authors/avatars/000/008/408/original/ 5 KB
6 KB 91ms
76ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/008/408/original/86785f8cd6708a6eaa9d2d6ccd573c43.png?q=85&stamp=1&w=115
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4b8398f71ca259546ec6e8c9c8b486b725dba9f09f1d7c70be5260e205786b7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
age: 2080177
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 10:23:21 GMT
server: cloudflare
etag: "24abe9d5f49025b89f619d8a1dec9c31"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b2bf76bbcb-FRA
expires: Tue, 20 Dec 2022 13:36:28 GMT

GET
H2 200 85f657d729fa7441719d23f209951f2c.png
static.nv.ua/shared/system/top_images/images/000/000/074/original/ 3 KB
3 KB 74ms
74ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/top_images/images/000/000/074/original/85f657d729fa7441719d23f209951f2c.png?q=85
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3c68a9d2396b3186796024e4dcccae352ba22e0e3278c1a1e775fd068270bb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
age: 1650689
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Fri, 25 Nov 2022 11:51:41 GMT
server: cloudflare
etag: "28f89a0601fe09f8949b21591c941567"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b2cf98bbcb-FRA
expires: Sun, 25 Dec 2022 12:54:36 GMT

GET
H2 200 9c01ef32f3c4483332ca2e1a4b9a3b25.png
static.nv.ua/shared/system/top_images/images/000/000/076/original/ 10 KB
10 KB 75ms
34ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/top_images/images/000/000/076/original/9c01ef32f3c4483332ca2e1a4b9a3b25.png?q=85
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74bd2c23a8ff454df4010d3b6b6c03c92c3e1e1a4e95ddd0d5983a55d1677ca6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
age: 1392958
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Nov 2022 02:26:18 GMT
server: cloudflare
etag: "3737dab4be0a632e47821e9cda8721d7"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b3a9b4bbcb-FRA
expires: Wed, 28 Dec 2022 12:30:07 GMT

GET
H2 200 3127081ef5d4fa6e80e8120e763662f7.png
static.nv.ua/shared/system/top_images/images/000/000/078/original/ 6 KB
6 KB 96ms
55ms Image
image/png 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/top_images/images/000/000/078/original/3127081ef5d4fa6e80e8120e763662f7.png?q=85
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad9fbb7f560e1352e93e09cc730192d449a86868b4fab2ac19411f03bedda165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
age: 775983
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
cf-bgj: imgq:85,h2pri
last-modified: Mon, 05 Dec 2022 14:51:40 GMT
server: cloudflare
etag: "fa8022d461a40b40b77a265c569e4ede"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b3a9bbbbcb-FRA
expires: Wed, 04 Jan 2023 15:53:02 GMT

GET
H2 200 098eee95fccce0c04f26df78146c4a7a.jpg
static.nv.ua/shared/system/Article/posters/002/611/005/original/ 23 KB
23 KB 76ms
35ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/611/005/original/098eee95fccce0c04f26df78146c4a7a.jpg?q=85&stamp=20221214170825&w=600&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfa4a45ae5e4499d47330191a4a195186a806d6c60885342fec57160efc94112

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 14:25:08 GMT
server: cloudflare
age: 5
etag: "e24bce86eef6eb8ff7e77fae042091c0"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b3a9d1bbcb-FRA
expires: Fri, 13 Jan 2023 15:26:00 GMT

GET
H2 200 fe90479de3c6108ff2adec6bd6c77b81.jpg
static.nv.ua/shared/system/Article/posters/002/610/993/original/ 11 KB
11 KB 101ms
60ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/993/original/fe90479de3c6108ff2adec6bd6c77b81.jpg?q=85&stamp=20221214164529&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99fecfebe46b4881fa4378760afbcc571822391abcd02aaee3078e25cedc90ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 14:17:49 GMT
server: cloudflare
age: 380
etag: "f1d5c9e5603c120817a07deee78bc25b"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b3a9dbbbcb-FRA
expires: Fri, 13 Jan 2023 15:19:45 GMT

GET
H2 200 fd9b50091520f4ce3fe404ce791c126c.jpg
static.nv.ua/shared/system/Article/posters/002/610/842/original/ 14 KB
14 KB 101ms
70ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/842/original/fd9b50091520f4ce3fe404ce791c126c.jpg?q=85&stamp=20221214143138&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 504ee67f8ae03b4bce255b4ef14695b9f7e15ad218adcc8fe558069c5fdeda8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 13:42:55 GMT
server: cloudflare
age: 2554
etag: "7428249ede35996bb61629ecdeccab6a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b3a9debbcb-FRA
expires: Fri, 13 Jan 2023 14:43:31 GMT

GET
H2 200 af3a10fce0b28a4a2dab66ac50dfc431.jpg
static.nv.ua/shared/system/Article/posters/002/610/970/original/ 12 KB
13 KB 83ms
54ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/970/original/af3a10fce0b28a4a2dab66ac50dfc431.jpg?q=85&stamp=20221214162552&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03676a44ba850fc209a733f9a6642252df84eb907d6fc113fb415d2283f2cbc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 13:40:12 GMT
server: cloudflare
age: 2554
etag: "d12a102f5311397a72e6bc0840b311fd"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b3a9e0bbcb-FRA
expires: Fri, 13 Jan 2023 14:43:31 GMT

GET
H2 200 ef5a97ea227c638c0ecb882cc279f7d2.jpg
static.nv.ua/shared/system/Article/posters/002/610/624/original/ 6 KB
7 KB 120ms
119ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/624/original/ef5a97ea227c638c0ecb882cc279f7d2.jpg?q=85&stamp=20221214094743&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45d8ecd032e7435debe3cb3dd069dd1c81dac22846aaa038efc979a1c1af6fe8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 06:47:46 GMT
server: cloudflare
age: 27303
etag: "16e4ab584044046cd3e923b17b2dd811"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b3ea81bbcb-FRA
expires: Fri, 13 Jan 2023 07:51:02 GMT

GET
H2 200 bbca315fb832f606703a93fc687114ae.jpg
static.nv.ua/shared/system/Article/posters/002/610/716/original/ 18 KB
19 KB 40ms
40ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/716/original/bbca315fb832f606703a93fc687114ae.jpg?q=85&stamp=20221214114117&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddeca2f06cc5e62724bea27d4b3253f1a0720eabc539f2768f4f97aeb873e38a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 09:50:11 GMT
server: cloudflare
age: 16540
etag: "84bb1d1897e529799c8c1b9038c1e906"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b3ea85bbcb-FRA
expires: Fri, 13 Jan 2023 10:50:25 GMT

GET
H2 200 b86d4d3de6f86cf71db04bd33528e1b7.jpg
static.nv.ua/shared/system/Article/posters/002/610/957/original/ 11 KB
11 KB 36ms
29ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/957/original/b86d4d3de6f86cf71db04bd33528e1b7.jpg?q=85&stamp=20221214155848&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2269f96faf1d2f9a6b328ccde2f87316306c48eab677d112c03595838cb188ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 13:20:12 GMT
server: cloudflare
age: 3878
etag: "3ea73cd5ec8225c4e3c3a2e648638fa5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b41ad2bbcb-FRA
expires: Fri, 13 Jan 2023 14:21:27 GMT

GET
H2 200 85dbca4ec9d8d6e6831f1da2509a6a5f.jpg
static.nv.ua/shared/system/Article/posters/002/610/951/original/ 9 KB
9 KB 56ms
49ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/951/original/85dbca4ec9d8d6e6831f1da2509a6a5f.jpg?q=85&stamp=20221214155155&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4a9996cecdbf07daca5c9731ebaf39888a7ddda1ee84fb54f16ac91d5c30498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 13:00:20 GMT
server: cloudflare
age: 5121
etag: "6e971ff700589411d4d656366c7b1818"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b41ad6bbcb-FRA
expires: Fri, 13 Jan 2023 14:00:44 GMT

GET
H2 200 2bf37a777308b5f0ba002bc8c6f9eaba.jpg
static.nv.ua/shared/system/Article/posters/002/609/959/original/ 16 KB
16 KB 55ms
54ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/609/959/original/2bf37a777308b5f0ba002bc8c6f9eaba.jpg?q=85&stamp=20221212205507&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46657b741f02aa03f86d68beadd6eaed69044e30583a3d48496bfe7a21c4b995

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 14:10:08 GMT
server: cloudflare
age: 87220
etag: "beb8a8e31fa2655363301fa7592edbb0"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b41ad8bbcb-FRA
expires: Thu, 12 Jan 2023 15:12:25 GMT

GET
H2 200 7ca3b078d67405c88ea55fffa1968775.jpg
static.nv.ua/shared/system/Article/posters/002/610/905/original/ 9 KB
9 KB 82ms
81ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/905/original/7ca3b078d67405c88ea55fffa1968775.jpg?q=85&stamp=20221214145625&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87f3fd56c5b953ac77a80cdd7d5274b9ba0222e499ad29831822f70f9fbd111e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 12:22:59 GMT
server: cloudflare
age: 7386
etag: "9e014bfba861ae2619234407d7a5ed5b"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b42af4bbcb-FRA
expires: Fri, 13 Jan 2023 13:22:59 GMT

GET
H2 200 b189b6378a30d882d6ffe2a8290c45fe.jpg
static.nv.ua/shared/system/Article/posters/002/610/898/original/ 11 KB
11 KB 45ms
43ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/898/original/b189b6378a30d882d6ffe2a8290c45fe.jpg?q=85&stamp=20221214144415&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c587a401813db636d706569da8233e4789e71891c0e84c973e28f00e872dc3cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 12:25:26 GMT
server: cloudflare
age: 7133
etag: "f91a8ae28a2b759fd8d65dbdd06832e2"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b43b10bbcb-FRA
expires: Fri, 13 Jan 2023 13:27:12 GMT

GET
H2 200 e60a86d519079580292acd8de83f3214.jpg
static.nv.ua/shared/system/Article/posters/002/610/694/original/ 11 KB
11 KB 33ms
33ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/694/original/e60a86d519079580292acd8de83f3214.jpg?q=85&stamp=20221214112641&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38686f8707bbd69234f4e5ca06d98dd1efcce6fbae46e714b1ded7e8be185b0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 08:30:18 GMT
server: cloudflare
age: 21327
etag: "0574e05da92cba7278532866d53fc512"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b44b36bbcb-FRA
expires: Fri, 13 Jan 2023 09:30:38 GMT

GET
H2 200 4119a2965937568d54ce10aa0053ae4b.jpg
static.nv.ua/shared/system/Article/posters/002/610/200/original/ 11 KB
11 KB 32ms
31ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/200/original/4119a2965937568d54ce10aa0053ae4b.jpg?q=85&stamp=20221213124207&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be9806282d457c3b1559375d8ebf042404688b16fdb4dca453d860084aec9a7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 13:27:28 GMT
server: cloudflare
age: 89917
etag: "b96e05d212c3c776023033549b8ed331"
x-cache-status: MISS
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b46b84bbcb-FRA
expires: Thu, 12 Jan 2023 14:27:28 GMT

GET
H2 200 708164d5bd8b9358011e4bf47d21f8a0.jpg
static.nv.ua/shared/system/Article/posters/002/610/107/original/ 7 KB
7 KB 74ms
27ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/107/original/708164d5bd8b9358011e4bf47d21f8a0.jpg?q=85&stamp=20221213144021&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22c246a8c56174804c5b51311527dce73ffaba639d168dcb6b20674ee77c1c92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 11:40:48 GMT
server: cloudflare
age: 96317
etag: "29a28d50c6272227a8e0a1c4519684a0"
x-cache-status: MISS
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b4dc6fbbcb-FRA
expires: Thu, 12 Jan 2023 12:40:48 GMT

GET
H2 200 7b17399da6193790add7eddca4864ec3.jpg
static.nv.ua/shared/system/Article/posters/002/610/229/original/ 78 KB
78 KB 76ms
30ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/229/original/7b17399da6193790add7eddca4864ec3.jpg?q=85&stamp=20221213130810&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0db77be22a10b591b968cf1edb09c5bc49f7f6195219e33e61e98a0b493a4a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 14:23:41 GMT
server: cloudflare
age: 142
etag: "68eb9220071c92e54aa1ed4ea208a5cb"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b4dc73bbcb-FRA
expires: Fri, 13 Jan 2023 15:23:43 GMT

GET
H2 200 23f78ab06e6ec15542df6ec52717d805.jpg
static.nv.ua/shared/system/Article/posters/002/610/558/original/ 6 KB
7 KB 145ms
97ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/558/original/23f78ab06e6ec15542df6ec52717d805.jpg?q=85&stamp=20221213210607&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a304013cfa14d9dc1fad6307a353f82447636bb18272b4bd0201c1fb4c916c29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 19:20:25 GMT
server: cloudflare
age: 68706
etag: "77167b2619768d96a70448165c333bfc"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b4dc84bbcb-FRA
expires: Thu, 12 Jan 2023 20:20:59 GMT

GET
H2 200 3f6a74d3cc3a2b1556e88c81452a7448.jpg
static.nv.ua/shared/system/Article/posters/002/610/082/original/ 11 KB
12 KB 82ms
70ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/082/original/3f6a74d3cc3a2b1556e88c81452a7448.jpg?q=85&stamp=20221213091140&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 826ddb2baf7e76e4604749657086940e717da6125535230a76def99c5101bc1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Tue, 13 Dec 2022 06:55:10 GMT
server: cloudflare
age: 113436
etag: "b8092c94883dd633a93a4342fbb20cee"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b4dc97bbcb-FRA
expires: Thu, 12 Jan 2023 07:55:29 GMT

GET
H2 200 590c61d92ffc6508e6c668e9012e2c81.jpg
static.nv.ua/shared/system/Article/posters/002/609/897/original/ 7 KB
7 KB 82ms
71ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/609/897/original/590c61d92ffc6508e6c668e9012e2c81.jpg?q=85&stamp=20221212183610&w=300&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10bbc037d581563fe1406f75b8a7d30bd8d1a94f4807064640d588b3cee0ea93

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Mon, 12 Dec 2022 18:50:16 GMT
server: cloudflare
age: 156896
etag: "742fd131e93e70718b87b531be526869"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b4dc99bbcb-FRA
expires: Wed, 11 Jan 2023 19:51:09 GMT

GET
H2 200 c4cd55f6e38be29eb780cdd59ceaf16b.jpg
static.nv.ua/shared/system/Article/posters/002/610/224/original/ 60 KB
60 KB 50ms
40ms Image
image/webp 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/610/224/original/c4cd55f6e38be29eb780cdd59ceaf16b.jpg?q=85&stamp=20221213133256&f=webp
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51afe72fed4de05e1dd5c6e490ef15c8c4d2630c0bef3088108b971f562a92de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: public
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: HIT
last-modified: Wed, 14 Dec 2022 04:59:15 GMT
server: cloudflare
age: 33993
etag: "6553ef2a41ce31370b7a8517b0b55e3c"
x-cache-status: HIT
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b4dc9cbbcb-FRA
expires: Fri, 13 Jan 2023 05:59:32 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 274 B
389 B 37ms
35ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=nv.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 60a8914b38f3dd0deaa4f9db844a3356aee5e111e2aceaca946fb40c9d325917

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 274
expires: Fri, 13 Jan 2023 15:26:05 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame D1B6 5 KB
3 KB 165ms
14ms Document
text/html 146.59.30.108
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.108 , France, ASN16276 (OVH, FR),
Reverse DNS: ip108.ip-146-59-30.eu
Software: GHC /
Resource Hash: acaf99ca95c98b2bc0bead4486a8c50536373001577a9e9ae3677fb0cdacaee9

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2715
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:26:05 GMT
etag: PRIVATE7520710249
expires: Fri, 13 Jan 2023 15:26:05 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 190ms
39ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 14:16:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4151
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Dec 2023 14:16:54 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 219 B
746 B 232ms
87ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=nv.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69632316ada5c95cb5c5ff8fb734655e60292f0cf4aa1349a900d07a34b66657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 0
expires: Wed, 14 Dec 2022 15:26:05 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 178 KB
45 KB 101ms
19ms Script
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa00bdc74cdf124e45f545f927f91ed9c9c1af8db39769fa302d4dbdb195a546

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 14:29:02 GMT
content-encoding: gzip
via: 1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront), 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
last-modified: Wed, 07 Dec 2022 21:39:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA2-C1
age: 3424
x-amz-server-side-encryption: AES256
etag: W/"64f4b7b07dc566a98060fc55042f4433"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: NmgrZ7B7s-6tdHlQ_bW3HBlwY3TDg4XHy4YlbcDDOBjrY6Q3TjkMGA==

POST
H2 200 page_view
ym-tack.b-cdn.net/ 0
0 112ms
30ms Ping
text/html 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://ym-tack.b-cdn.net/page_view?NVR;desktop;;page_desktop;d80353|f55193
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H2 200 video.js Show response
cdn.membrana.media/video/ 246 KB
78 KB 43ms
42ms Script
application/javascript 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/video/video.js
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 010a781c5b20d6c0db56133540f242e59e4510689fb0a1587ff30b390c510855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
content-encoding: br
cdn-edgestorageid: 1053
cdn-storageserver: DE-51
cdn-cachedat: 12/14/2022 13:19:07
cdn-pullzone: 139012
last-modified: Wed, 14 Dec 2022 13:19:01 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 224
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6399cd45-3d645"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
cache-control: public, max-age=86400
cdn-requestid: ddf83ab613a086aac563702973da0ed6
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 currency_file.json Show response
cdn.membrana.media/ 177 B
872 B 78ms
7ms XHR
text/plain 2400:52e0:1e00::864:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.membrana.media/currency_file.json
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1e00::864:1 , Slovenia, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-DE1-864 /
Resource Hash: 233b1cb59370e7b723d84ccb974e6742b3312566fcdcb7c4e14c26e6a0dc329c

Request headers

Referer: https://nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
content-encoding: br
cdn-edgestorageid: 874
cdn-storageserver: DE-169
cdn-cachedat: 12/12/2022 08:41:07
cdn-pullzone: 139012
last-modified: Mon, 12 Dec 2022 08:30:22 GMT
server: BunnyCDN-DE1-864
cdn-fileserver: 324
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"6396e69e-b1"
vary: Accept-Encoding
content-type: text/plain
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: ae2fd556-b96a-4dbc-a12f-7867877cff13
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=86400
cdn-requestid: f16b8c4ca180c0e4603d066a4c537678
cdn-requestcountrycode: DE
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 / Show response
adx.adform.net/adx/ 5 B
478 B 284ms
59ms XHR
application/json 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/?rp=4&bWlkPTE0NDc3MDMmcmN1cj1VU0QmdHJhbnNhY3Rpb25JZD0yYWYyZmUzNi1iZDRiLTRiN2YtODAwMi1iMGZmZDdhNTVlNTE%3D&pt=gross&stid=c30b563f-4086-4618-a01a-a26937cc6d15&fd=1

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: https://nv.ua
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
704 B 99ms
42ms XHR
application/json 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:26:05 GMT
AN-X-Request-Uuid: eb621780-e066-4f12-984d-22bbd59b48fa
Server: nginx/1.21.3
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://nv.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
794 B 308ms
95ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17352&site_id=425650&zone_id=2416604&size_id=15&alt_size_ids=10&rp_schain=1.0,1!notsy.io,d213ae40-68fb-4b86-9cbc-771f4345009c,1,,,&rf=https%3A%2F%2Fnv.ua%2F&tk_flint=pbjs_lite_v4.43.4&x_source.tid=2af2fe36-bd4b-4b7f-8002-b0ffd7a55e51&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9917095709934254
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 6feb4bdd30394f5a053a39cd546e2a7770196bd5a3e9fff704fd2f40aa929d74

Request headers

Referer: https://nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:06 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://nv.ua
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 261
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 bid Show response
a4p.adpartner.pro/hb/ 193 B
404 B 319ms
108ms XHR
application/json 51.83.220.94
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://a4p.adpartner.pro/hb/bid?tag=8553&sizes=300x600|300x250&referer=https%3A%2F%2Fnv.ua%2F
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 51.83.220.94 , France, ASN16276 (OVH, FR),
Reverse DNS: app-ngx-pl-03.adpartner.pro
Software: nginx /
Resource Hash: 8b1f07ec89987326cf9b3cddb72c9705972e73b79c9b34bb2fd86a48b1ca9dc1

Request headers

Referer: https://nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://nv.ua
date: Wed, 14 Dec 2022 15:26:06 GMT
cache-control: no-store no-transform
access-control-allow-credentials: true
content-encoding: br
server: nginx
content-type: application/json

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 B
276 B 186ms
27ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 14 Dec 2022 15:26:05 GMT
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://nv.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
X-Robots-Tag: noindex
Content-Length: 2

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
516 B 180ms
10ms XHR
application/json 52.57.177.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.4&referrer=https%3A%2F%2Fnv.ua%2F&tmax=1000

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.177.80 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-177-80.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:05 GMT
accept-ch: sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink,sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt
x-auction-status: 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
303 B 269ms
42ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.4&cb=2718419559

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Dec 2022 15:26:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nv.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
565 B 243ms
47ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=849843&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2215409cde1181a0e%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fnv.ua%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A1%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%224.43.4%22%2C%22userIds%22%3A%5B%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22notsy.io%22%2C%22sid%22%3A%22d213ae40-68fb-4b86-9cbc-771f4345009c%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2216ef4510a236cf9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x600%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%2216ef4510a236cf9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22849843%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%5D%7D
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81c4b78d19684375727d55e5f6239442b097a787c8babc84b3bc29cee953f207

Request headers

Referer: https://nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cFuXJrsP%2BFIYu1EkZkGOkcJ%2F4O2KFSn128bkagQnAz%2B3OXW%2BSMvR7NSamJGyb6h12uvnS56%2FgPZtCzQSYlwhSUQZPXACdwmlWxbdw89SJryKWy0L0VcZ6i9fcAzKVZjq%2FYXjX7Xd"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://nv.ua
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7797f4b729819231-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
491 B 226ms
76ms XHR
application/json 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.4
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: cd78f6ef496e447892244a717eb3f4363ee0471cf17992803f39267d035bb204

Request headers

Referer: https://nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 14 Dec 2022 15:26:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://nv.ua
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 245ms
11ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 14 Dec 2022 15:24:37 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 89
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 14 Dec 2022 17:24:37 GMT

GET
H2

200

web-vitals.iife.js Show response
unpkg.com/web-vitals@3.1.0/dist/
Redirect Chain

https://unpkg.com/web-vitals/dist/web-vitals.iife.js
https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

7 KB
3 KB

115ms
0ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@3.1.0/dist/web-vitals.iife.js

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:06 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 2469682
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GHZ0KNM9S6391KN4SDZ9RWRJ-fra
server: cloudflare
etag: W/"1b9c-Ooy//WAzbji1e0z3xvTKf9F/+q0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7797f4b9ab28699f-FRA

Redirect headers

date: Wed, 14 Dec 2022 15:26:06 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GM8KAJPC54XZBAT63S7FQEGH-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 581
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /web-vitals@3.1.0/dist/web-vitals.iife.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7797f4b75f26699f-FRA

GET
H2 200 log.js Show response
u.heatmap.it/ 27 KB
11 KB 215ms
9ms Script
application/javascript 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://u.heatmap.it/log.js
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 008702ed20b35006a694d4dc03dbb3f38c759a7db77b016857bd3641e7b54ce7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 08:37:11 GMT
content-encoding: br
last-modified: Sat, 19 Nov 2022 08:38:34 GMT
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
etag: "6378960a-6b2b"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=3600
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 10532
x-request-id: 520685767
expires: Sat, 10 Dec 2022 09:37:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
73 KB 143ms
47ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b11052fdbdfa44b0a1d8fe05cd3621f99073b58aa81f5c2374f91ecb2405c541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:05 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74818
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 14 Dec 2022 15:26:05 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1671031565934/
Redirect Chain

https://gaua.hit.gemius.pl/_1671031565934/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F...
https://gaua.hit.gemius.pl/__/_1671031565934/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnv.ua...

169 B
474 B

91ms
23ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1671031565934/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=ub_30racscLszlh8jk6ApO6WnW_4yWhyCDrXw6C7w2X.Q7hF.PUo3H9Z5bvccXdmJkZ3bV2UHaNdDMcHK6gT8Ne6Ej89/uASggbpQHqI3b/&fpdata=YQhniB6jFE6z71LoPG78mX52VoYz7aGbUCpGtl38_4v.U7&ltime=357&fr=1&ref=&inner=_ver%3D333%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6399eb0d2252ba95&brts=1671031565&fpcap=
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: H2
Server: 54.37.238.28 , Poland, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: d575ba6c5411ab6e49743d328f4bd4491ca78afaa841e58cbf8f2b5bd2ddb169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:06 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: application/x-javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 169
expires: Tue, 13 Dec 2022 15:26:06 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:05 GMT
server: GHC
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1671031565934/rexdot.js?l=100&sendf=8&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&tz=0&fv=-&href=https%3A%2F%2Fnv.ua%2F&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=ub_30racscLszlh8jk6ApO6WnW_4yWhyCDrXw6C7w2X.Q7hF.PUo3H9Z5bvccXdmJkZ3bV2UHaNdDMcHK6gT8Ne6Ej89/uASggbpQHqI3b/&fpdata=YQhniB6jFE6z71LoPG78mX52VoYz7aGbUCpGtl38_4v.U7&ltime=357&fr=1&ref=&inner=_ver%3D333%7C_ch_mobile%3D0%7C_ch_wow64%3D0%7C_ch_brands%3D&exid=6399eb0d2252ba95&brts=1671031565&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Tue, 13 Dec 2022 15:26:05 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
302 B 40ms
18ms XHR
text/plain 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fnv.ua&pubid=71d4b8ca-53d1-4309-a952-3306259fb046
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 12:29:22 GMT
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 10603
x-cache: Hit from cloudfront
access-control-allow-origin: https://nv.ua
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: OOlkTizTHgbGupuxwHosQOfRpiA7rsmLrOhiapZpiV60FP6I9t-u2w==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
457 B 243ms
42ms XHR
text/javascript 13.224.191.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fnv.ua%2F&pid=54JhJzINd0yYF&cb=0&ws=1600x1200&v=22.1201.834&t=1000&slots=%5B%7B%22sd%22%3A%22notsy_container_7576491%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F271925883%2FNVR_ATFR_300%22%7D%2C%7B%22sd%22%3A%22notsy_container_639790120%22%2C%22s%22%3A%5B%221920x1080%22%5D%2C%22sn%22%3A%22%2F271925883%2Fnew_nv_brending%22%7D%5D&pubid=71d4b8ca-53d1-4309-a952-3306259fb046&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.191.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-191-98.fra2.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:06 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
x-amz-rid: TXNMSVDWX2WNWYECPKSC
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://nv.ua
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: _1EGpZuViyMKXd9u5BMk2KYpVu_4x7kUU0uE0pqWSlLYPZU3qf-Pvw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 42ms
10ms XHR
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-amz-version-id: KO0V33_zzBQMkGMaMpLupHqINiAUum0D
content-encoding: gzip
via: 1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
date: Wed, 14 Dec 2022 01:57:36 GMT
x-amz-cf-pop: FRA2-C1
age: 48510
x-cache: Hit from cloudfront
last-modified: Wed, 07 Dec 2022 02:43:04 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: 3Fl29GtZtdjMa9TlZEuST-xOHVZbpSR39c6IdHI_vFUN64g5ALzLYw==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 324ms
23ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 329ms
29ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 653 B
367 B 236ms
109ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1436008079542206&correlator=749644530722388&eid=31071094%2C31071151%2C31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=271925883%2Cnew_nv_brending&enc_prev_ius=%2F0%2F1&prev_iu_szs=1920x1080&ifi=1&adks=694616531&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D1000%26section%3D1000%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1671031566128&lmt=1671031566&dlt=1671031565033&idt=983&adxs=-160&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnv.ua%2F&frm=20&vis=1&psz=1600x0&msz=1920x-1&fws=512&ohw=0&ga_vid=733206321.1671031566&ga_sid=1671031566&ga_hid=1219220989&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db841e58b00b05dc5018b59c86695fe31470b231d086ac113623d1a4be55a73b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 337
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
80841b26ec44483329df41eeb27c08a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CFE8 6 KB
3 KB 338ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://80841b26ec44483329df41eeb27c08a7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:26:06 GMT
expires: Thu, 14 Dec 2023 15:26:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 517 B
294 B 525ms
464ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1436008079542206&correlator=749644530722388&eid=31071094%2C31071151%2C31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=271925883%2CNVR_ATFR_300&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=2&adks=2277368477&sfv=1-0-40&fsbs=1&prev_scp=r_imp%3D0%26r_cnt%3D0%26notsy_container_indx%3D1&cust_params=mbr_site_version%3Dukr%26lang%3Dukr%26razdel%3D1000%26section%3D1000%26page_id%3Dpage_desktop%26traffic_source%3Ddirect&sc=1&cookie_enabled=1&abxe=1&dt=1671031566247&lmt=1671031566&dlt=1671031565033&idt=983&adxs=1114&adys=1186&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fnv.ua%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=0&ohw=0&ga_vid=733206321.1671031566&ga_sid=1671031566&ga_hid=1219220989&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d70de3ebde75723649d080f04a48c700526affa51b5446522db333b42aafbce4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:06 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 264
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://nv.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
340 B 252ms
4ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=2oebu0&_p=1219220989&_gaz=1&cid=733206321.1671031566&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671031566&sct=1&seg=0&dl=https%3A%2F%2Fnv.ua%2F&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92&en=page_view&_fv=1&_ss=1&epn.top_category_id=1000&ep.paywall_user_id=0&ep.paywall_subscription=none&ep.allowLinker=true&up.paywall_user_id=0&up.paywall_subscription=none
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
340 B 218ms
4ms Ping
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-52RSPD3WMK&cid=733206321.1671031566&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:06 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 321ms
48ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-52RSPD3WMK&cid=733206321.1671031566&gtm=2oebu0&aip=1&z=1304398515

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nv.ua.js Show response
u.heatmap.it/conf/ 44 B
301 B 81ms
0ms Script
text/javascript 46.105.202.39
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://u.heatmap.it/conf/nv.ua.js
Requested by: Host: u.heatmap.it
URL: https://u.heatmap.it/log.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.202.39 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 92e929e4f5dbd52fdd482d523fb7fdda2876d663e86bf588edbf25fa79f6a532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:25:38 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
content-type: text/javascript;charset=UTF-8
cache-control: max-age=300
x-cdn-pop: sbg
accept-ranges: bytes
content-length: 49
x-request-id: 309364191
expires: Wed, 14 Dec 2022 15:30:38 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 140ms
0ms XHR
text/plain 2a00:1450:400c:c09::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-51943557-1&cid=733206321.1671031566&jid=1075797964&uid=0&gjid=2006303159&_gid=1635475561.1671031566&_u=YCDAgEABAAAAAEAAI~&z=211401590

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 14 Dec 2022 15:26:06 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 164ms
52ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1219220989&t=pageview&_s=1&dl=https%3A%2F%2Fnv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAAAAAI~&jid=1075797964&gjid=2006303159&cid=733206321.1671031566&uid=0&tid=UA-51943557-1&_gid=1635475561.1671031566&gtm=2wgbu0WKM63L&cd2=0&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd7=1000&cd11=0&cd12=none&cd16=A&z=1251063764

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45815
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 165ms
52ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1219220989&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=FCP&el=https%3A%2F%2Fnv.ua%2F&ev=603&_u=YCDAgEABAAAAAEAAI~&jid=&gjid=&cid=733206321.1671031566&uid=0&tid=UA-51943557-1&_gid=1635475561.1671031566&gtm=2wgbu0WKM63L&cd2=0&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd7=1000&cd11=0&cd12=none&cd16=A&z=432562121

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45815
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content pv
eu8.heatmap.it/log/ 0
212 B 201ms
17ms Image
image/gif 149.202.77.192
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu8.heatmap.it/log/pv?pid=115066&u=https%3A%2F%2Fnv.ua%2F&tpl=.&pt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92&t=656137
Requested by: Host: nv.ua
URL: https://nv.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 149.202.77.192 , France, ASN16276 (OVH, FR),
Reverse DNS: eu8.heatmap.it
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif
Date: Wed, 14 Dec 2022 15:26:06 GMT
Cache-Control: no-cache
Server: nginx
Connection: keep-alive
Content-Length: 0
Expires: Wed, 14 Dec 2022 15:26:05 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 263ms
65ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51943557-1&cid=733206321.1671031566&jid=1075797964&_u=YCDAgEABAAAAAEAAI~&z=1321616235

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 156ms
52ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-51943557-1&cid=733206321.1671031566&jid=1075797964&_u=YCDAgEABAAAAAEAAI~&z=1321616235

Requested by

Host: nv.ua
URL: https://nv.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 126ms
33ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Dec 2022 15:26:06 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 128ms
48ms XHR
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:06 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-16294"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 15 Dec 2022 15:26:06 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 249ms
84ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58cc5aa7f227b0a13dffde2d48ad926804c22f3e9f1aadcd218bb65da3c75d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11097
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame DB4C 15 KB
6 KB 139ms
16ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=nv.ua

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:26:06 GMT
server: Kestrel
server-processing-duration-in-ticks: 385574
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 85ms
75ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1219220989&t=event&ni=1&_s=1&dl=https%3A%2F%2Fnv.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9D%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%20%D1%82%D0%B0%20%D0%A1%D0%B2%D1%96%D1%82%D1%83.%20%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D1%96%20%D0%BE%D1%81%D1%82%D0%B0%D0%BD%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20-%20%D0%9D%D0%92&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=TTFB&el=https%3A%2F%2Fnv.ua%2F&ev=286&_u=aCDAgEABAAAAAEAAI~&jid=&gjid=&cid=733206321.1671031566&uid=0&tid=UA-51943557-1&_gid=1635475561.1671031566&gtm=2wgbu0WKM63L&cd2=0&cd4=not%20authorized&cd6=2000-01-01%2000%3A00%3A00&cd7=1000&cd11=0&cd12=none&cd16=A&z=275004728

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45815
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame DB4C
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=nv.ua&sn=ChromeSyncframe&so=0&topUrl=nv.ua&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=x8x693xtSVpiY3U0dGpycnZsY2FlQ3hUdnNVT3dzMXFQMXlUQVphSlQ0MjIxTmJxaGpIWksxWlhiZC9RQ0hCcFRIV1l3QXNjdCtPb09yTmlGYWFiWUZDVnFhQTI4MWR2VXlHd1gyTDRzQTBBNnBXMjRYbDJhempRUy9zcH...

433 B
650 B

144ms
13ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=x8x693xtSVpiY3U0dGpycnZsY2FlQ3hUdnNVT3dzMXFQMXlUQVphSlQ0MjIxTmJxaGpIWksxWlhiZC9RQ0hCcFRIV1l3QXNjdCtPb09yTmlGYWFiWUZDVnFhQTI4MWR2VXlHd1gyTDRzQTBBNnBXMjRYbDJhempRUy9zcHRiZDBwUGMyWE1EVGRuVGtsWk5raUhEQXhmZXVLSzF6d2NUKzBuNXBQNURqcUdYaDI3N25BbGxGdVFSbm5MRG10TUI2WEphbklUZUpJU2N3cmN1N09YVG9GSGNNYXdJcE5HUjk1UlZOZ21hRGFFd1U5R1VLWXp1ZGZRM0dva3RiTms1UTlyNFNCbTFNK1o2eUZzUGhWNzA2L0RGZlUrQT09fA&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e6ef0f519d21cafd0eba8cd15a3818a59ccf696aa9a16eca20ca6ea76106b115

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2296570
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=x8x693xtSVpiY3U0dGpycnZsY2FlQ3hUdnNVT3dzMXFQMXlUQVphSlQ0MjIxTmJxaGpIWksxWlhiZC9RQ0hCcFRIV1l3QXNjdCtPb09yTmlGYWFiWUZDVnFhQTI4MWR2VXlHd1gyTDRzQTBBNnBXMjRYbDJhempRUy9zcHRiZDBwUGMyWE1EVGRuVGtsWk5raUhEQXhmZXVLSzF6d2NUKzBuNXBQNURqcUdYaDI3N25BbGxGdVFSbm5MRG10TUI2WEphbklUZUpJU2N3cmN1N09YVG9GSGNNYXdJcE5HUjk1UlZOZ21hRGFFd1U5R1VLWXp1ZGZRM0dva3RiTms1UTlyNFNCbTFNK1o2eUZzUGhWNzA2L0RGZlUrQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 448995
content-length: 0
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 201ms
52ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 15:26:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B969 13 KB
5 KB 165ms
38ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:17:08 GMT
expires: Thu, 14 Dec 2023 15:17:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1EA1 783 B
535 B 175ms
49ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e1d0f9e82c9b21bed65b690dfeb80485cc935d36ae0c0aa9a9ef42c5807e8330

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-38DVIcVidNr7C_vARl0WJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-38DVIcVidNr7C_vARl0WJw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 14 Dec 2022 15:26:07 GMT
expires: Wed, 14 Dec 2022 15:26:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1EA1 0
0 235ms
136ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=1436008079542206&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H3 200 Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js Show response
pagead2.googlesyndication.com/bg/ Frame B969 36 KB
16 KB 136ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jk7fixpOLBqPs8Ll1CI4HFyikeoml7Ub_Y2jZpe5d_o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:14:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 687
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15923
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Dec 2023 15:14:40 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B969 0
10 B 88ms
76ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?YN2--Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:08 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 190ms
151ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=1436008079542206&bg=!QUKlQgbNAAYgquz3AKo7ACkAdvg8WoGrUIL6rE85Q48wKAzilsKTtpboOTmjYYGHk9RIpixtgfkMiQIAAAFKUgAAAAhoAQcKADUdxxjjXZVnbkyEazi3h7rwHItAAhPWugtRCIaEKhBlEbcjHHuQXFdOCSRGezVP6QfE0aEBvJkCxyOpht2Gb-pDM7PD-aT6snlpsT5r6oRQ9b03iEV3GeIMIHoMIquv4_xZ83ggt5Sir5jZUeTEPH6eHY9YsFNZSlMariJV33dmxZgjVk8MN3xwWFQePLb0L0ioKQ8y45yeppKczoImrbAY2Qw7Au_5QIP2Un3T_uo2FH6DXhau0lcDGNykHkDpiyv98V1TXwHdnS9t3TzwSuUvJ5et23CWlV89kej5XXPeaHtB9SR6pWzKGiMO3_RdvezdzEVnoVdJV13X2hjg-lBy2GbJe446sUg5IoV68YX_2RbHchf_jJeJcxbLeDw8LZGrR3lUyyzF9wGF1y-TDy8GLC0cHDhoR3LwVWG9Jw_ZAxutcp8G0jWWntA9iDi-xPDrEUxiZoLkeqRi-5phQ6TMOQwJjAT04ceDxIb9Ahq0OB0xajXfG9Op3iQdmZBxADo-Ot_MR7mlcjEqynXGEoqhQTZS2ehrVuPmBOMqxGqEqc9rcN_GX5HPE8UChxF88k4fvX843yV6c5_EV-XkvkgMd-Ng9oZvdIWynDkioqbsB-JzosuNaPz2bhrL6CT97e0cJP2PEpoMzZq5meyqxiWhsTGDEAg5C0KLw2-2U_lS8YkPHcW53FOmiD0L--l_jW_GYRTX7m2cNPBtfYd_Ks8tDgbePOljcuWLYfKZaiu11fMX2zHQaxFlRGvmUcDGo7mu4LWmmdP9qSWeNpU6wUqr60t7UGUfy_ugnbby307BHZxo_YXQRmJPOcQH16yYQ_ittE-G4cv3kICYOM2S0p4kj5gLnJNqf7MLbQWvcTpbkENvB7XCf5r0N7Kx41in5COmDzud7c_0_lHUJof9dc9o6eDjAAQ6LP_e7TIsRCWAQkaQC2yG8QF7KS7jpPcaWU5hCHickaMnf2da1IX1WwckS5WHTYk1gPPAFcMMno62HDym2SrhfFwrzVfweCHyIQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

GET
H2 200 sync Show response
eb2.3lift.com/ Frame A256 37 B
140 B 81ms
11ms Document
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif
date: Wed, 14 Dec 2022 15:26:09 GMT

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 89BE 281 B
554 B 428ms
36ms Document
text/html 23.51.120.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.120.104 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-120-104.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 14 Dec 2022 15:26:09 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 ixmatch.html Show response
js-sec.indexww.com/um/ Frame D925 3 KB
2 KB 503ms
13ms Document
text/html 104.18.36.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1028
cache-control: public, max-age=14400
cf-cache-status: HIT
cf-ray: 7797f4ce7c71693d-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 14 Dec 2022 15:26:09 GMT
expires: Wed, 14 Dec 2022 19:26:09 GMT
last-modified: Mon, 25 Jul 2022 19:18:26 GMT
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8EA3 52 KB
17 KB 78ms
9ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Wed, 14 Dec 2022 15:26:09 GMT
ETag: "623de86a-cf34"
Expires: Thu, 15 Dec 2022 15:26:11 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Unused62: 8096267
Vary: Accept-Encoding

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame CD1F 0
0 44ms
17ms Document
text/plain 216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13408038
Requested by: Host: cdn.membrana.media
URL: https://cdn.membrana.media/nvr/ym.js?3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Date: Wed, 14 Dec 2022 15:26:09 GMT
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
Pragma: no-cache
X-Sovrn-Pod: ad_ap6ams1

GET
H/1.1

200
OK

bounce Show response
ib.adnxs.com/ Frame 8EA3
Redirect Chain

https://ib.adnxs.com/async_usersync?cbfn=queuePixels
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

0
820 B

28ms
7ms

Script
text/html

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:26:09 GMT
AN-X-Request-Uuid: ffd58199-0114-4096-aee8-3ba403f902d0
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:26:09 GMT
AN-X-Request-Uuid: e71be12d-cf25-447b-9e8c-71026f598a7c
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 89BE 34 KB
10 KB 58ms
13ms Script
text/html 23.51.120.104
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.120.104 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-120-104.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 4704ac51707a67a6bac885d7b9ee54e4e9905285945fe9617e87ddb9a5eb5541

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Wed, 14 Dec 2022 15:26:09 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Dec 2022 19:31:49 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=14702
Connection: keep-alive
Content-Length: 10066
Expires: Wed, 14 Dec 2022 19:31:11 GMT

GET
H3

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 69C4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

2 KB
1 KB

187ms
131ms

Document
text/html

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d785cd75ef3955852e89c00fdebe52ebecdeb06b733c3ebaa42b150a0bfb6040

Request headers

Referer: https://js-sec.indexww.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7797f4d09abb5be5-FRA
content-encoding: br
content-type: text/html
date: Wed, 14 Dec 2022 15:26:10 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tP4VbMS4Xj35j7MG5T0krgn7NzPGyJno4oQg5CAOk4Y8UyJAlM7343C00Mid8JxLlnI13FHfG4nPJokdg4sH22Uib4X3nQCNSUR3Qu8gIzKNsteC8EgWjyDcP%2BuD5qXz6Sy7z%2BOjnazung%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7797f4cfcab292b1-FRA
content-length: 0
date: Wed, 14 Dec 2022 15:26:09 GMT
expires: 0
location: /usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hWhlG6Ikc%2BNQ8bf74wST0KlzRGyS1iH6jTbRaYsw3oWaKWchVaxvgwpJOHLAfb1AnDWq2w9r5JARqg5gEWijxfam3juCSCwDR9T545Pv9aUuFym4tOjhcfXg4g2IK6MnkW7OSanR8%2FkzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 89BE
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOVDFTQkItMTUtSEQxNQ==

170 B
243 B

79ms
44ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOVDFTQkItMTUtSEQxNQ==

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEJOVDFTQkItMTUtSEQxNQ==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 89BE
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/VEFBhhwlz7ly9Phel6Z8fcn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4.QCdNNE2oK3J8wUrLqPRgr34aIyS6bIopq80A--~A

0
239 B

113ms
8ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4.QCdNNE2oK3J8wUrLqPRgr34aIyS6bIopq80A--~A
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 14 Dec 2022 15:26:10 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-4.QCdNNE2oK3J8wUrLqPRgr34aIyS6bIopq80A--~A
content-length: 0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 89BE 70 B
265 B 215ms
14ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 14 Dec 2022 15:26:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame 89BE
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=50ddaVUGQ6S1heTkeVIoIA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=50ddaVUGQ6S1heTkeVIoIA

43 B
479 B

46ms
43ms

Image
image/gif

52.94.223.167
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=50ddaVUGQ6S1heTkeVIoIA

Protocol

HTTP/1.1

Server

52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:26:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: T57YC8981EJ5BTXP4JCK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=50ddaVUGQ6S1heTkeVIoIA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame 89BE
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBNT1SBB-15-HD15

0
707 B

319ms
217ms

Image
text/plain

2620:1ec:22::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBNT1SBB-15-HD15
Protocol: H2
Server: 2620:1ec:22::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:10 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 879ACA374741455987C544AF90DA7383 Ref B: VIEEDGE2713 Ref C: 2022-12-14T15:26:10Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXvy1snRhZRY1DxtVoX+w==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LBNT1SBB-15-HD15
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 89BE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFVbIvSJW6OsU0tWQOe8LuU&google_cver=1

0
239 B

96ms
24ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFVbIvSJW6OsU0tWQOe8LuU&google_cver=1
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFVbIvSJW6OsU0tWQOe8LuU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 89BE
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWFjNmE0Yzc1ZTNjNzE5NTQ4N2QwNmFlZjc4ZGNjNmJkMGNkYmRiNw

170 B
232 B

66ms
54ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWFjNmE0Yzc1ZTNjNzE5NTQ4N2QwNmFlZjc4ZGNjNmJkMGNkYmRiNw

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWFjNmE0Yzc1ZTNjNzE5NTQ4N2QwNmFlZjc4ZGNjNmJkMGNkYmRiNw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame 89BE
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=2Zz1Mp2VR76fjXenI6RRQg&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2Zz1Mp2VR76fjXenI6RRQg

43 B
479 B

134ms
115ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2Zz1Mp2VR76fjXenI6RRQg

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:26:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: B6NTFEBWW1NDQRGYQGZW
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=2Zz1Mp2VR76fjXenI6RRQg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

usermatchredir
ssum-sec.casalemedia.com/ Frame 69C4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y5nrEUNrKL0Cuskw-Bc6BgAAFB0AAAAB&gdpr_consent=&us_privacy=&gdpr=
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIeuvzLacDDMoBjc49H4Lq0&google_cver=1

43 B
843 B

118ms
104ms

Image
image/gif

172.64.154.237
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIeuvzLacDDMoBjc49H4Lq0&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H3
Server: 172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0F4z6iWnTO5lyGmV1lSIZl5TeNsayj9Pfq3P3fH1gwD13kMHE2gpjxhf5R3Omiuh%2FBnjvaOaNZ%2FLdzPVqUTsVjPYEazgu3AlUZdlkOnXMwN9PS4uwxfrDqkZg3N6XmUR%2BF4HWAP3Wejaw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 7797f4d2fe715be5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEIeuvzLacDDMoBjc49H4Lq0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dcm
s.amazon-adsystem.com/ Frame 69C4 43 B
855 B 349ms
124ms Image
image/gif 52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y5nrEUNrKL0Cuskw-Bc6BgAAFB0AAAAB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:26:10 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MFTQPJMY44Y1T9BT997S
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 69C4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y5nrEUNrKL0Cuskw.Bc6BgAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA9D6YxdYOY8yQyY-FOTrhI&google_cver=1&google_hm=2

43 B
766 B

15ms
13ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA9D6YxdYOY8yQyY-FOTrhI&google_cver=1&google_hm=2
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:26:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEA9D6YxdYOY8yQyY-FOTrhI&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 69C4 70 B
264 B 49ms
46ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 14 Dec 2022 15:26:10 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 69C4
Redirect Chain

https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=QFCFARMBjQpbV98LTwGRAURW3lxbV44AR1GDdDcy

43 B
766 B

36ms
12ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=QFCFARMBjQpbV98LTwGRAURW3lxbV44AR1GDdDcy
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:26:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 14 Dec 2022 15:26:10 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=QFCFARMBjQpbV98LTwGRAURW3lxbV44AR1GDdDcy
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 69C4
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ie
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADkDk7HM9YAAB86x1tRMw&expiration=1672241170

43 B
766 B

13ms
12ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADkDk7HM9YAAB86x1tRMw&expiration=1672241170
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:26:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AADkDk7HM9YAAB86x1tRMw&expiration=1672241170
Date: Wed, 14 Dec 2022 15:26:10 GMT
strict-transport-security: max-age=2592000; includeSubDomains
Server: gunicorn
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 69C4
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=uXP2bqw11P5tE65

43 B
766 B

60ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=uXP2bqw11P5tE65
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:26:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:26:09 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-01cc22a724fa3318b@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=uXP2bqw11P5tE65
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 69C4 42 B
181 B 249ms
29ms Image
image/gif 2a05:d018:cc3:fe05:c40a:eeeb:93e7:6fa1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe05:c40a:eeeb:93e7:6fa1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:10 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.0
content-length: 42
vary: Cookie
content-type: image/gif

GET
H2 200 htw-pixel.gif
cdn.indexww.com/ht/ Frame 69C4 43 B
353 B 153ms
16ms Image
image/gif 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.indexww.com/ht/htw-pixel.gif?Y5nrEUNrKL0Cuskw.Bc6BgAA%265149
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fnv.ua%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 15:26:10 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 60830
etag: "761e21-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7797f4d26e609b9a-FRA
content-length: 43
expires: Thu, 15 Dec 2022 15:26:10 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8EA3 0
748 B 28ms
9ms Script
text/html 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Dec 2022 15:26:10 GMT
AN-X-Request-Uuid: 4f7edb55-b03a-4a7d-8c2d-03243f1631ca
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.nv.ua/	1970-01-20 08:10:32	Name: XSRF-TOKEN Value: eyJpdiI6Ik9qYnlsZUJ1REhvVDI5Y2dFVHh5a3c9PSIsInZhbHVlIjoiL2JSdG9SYmcyR0pON2JiWW9YL3BTM1FVSGE1Y0l0ZUo4SGMwbERodGVYcjJDaEVSUDBZTlhuUjBWNkgrZHIrUUpkN1dtMG00VW05ZTZEVDZ3VFJZVjdpTk5FNWIycDY5RkoyMkppYVp1LzBaRGdUb25vUEpTWFhEbHJhWTFWV08iLCJtYWMiOiI0NmU3YmNjOTc2MmFjYTRiNjgxZDRlMDczYTNiNWQ1YjE4NzA3NjI4NDAwM2Q4MTVmYzdmZDczNjM1NjIxYzZkIiwidGFnIjoiIn0%3D
.nv.ua/	1970-01-20 08:10:32	Name: nvnew_session Value: eyJpdiI6Ii9vN3BITCtjMkZZamJqaFNTZHl5c1E9PSIsInZhbHVlIjoiWGg3Sk51TkJhenJnc3QyZFNJa3R2TThWZlNzRjVsaWFWV3lpRFd0UlQ5UldCcVFDMUMxTnlrYVFROW9NSi9Ub3daZzk4U1BDY3dhcUVjUmVLQUtZNmdqVDhpQ1p1Yzl1SjdSYjVTUGtlalRTYjhMUEtjL3FZR25sMXFVTTNlSHIiLCJtYWMiOiJjY2VhYjIxMmFjZTk3MTE3MmZlNGUxOGRjZjdjZjQwM2Q3ZmNkMTFjYjJjODEwNDVjMzY3MzVlMmQ0MWI5ZWU2IiwidGFnIjoiIn0%3D
.nv.ua/	1970-01-20 08:10:32	Name: device_type Value: desktop
.nv.ua/	1969-12-31 23:59:59	Name: test_variant_session Value: A
nv.ua/	1969-12-31 23:59:59	Name: b Value: b
.hit.ua/	1970-01-20 17:46:31	Name: uid Value: 3350491106.1671031565.2016441477
.nv.ua/	1970-01-20 08:13:24	Name: dont_show_new_form Value: 1
.nv.ua/	1970-01-20 10:20:07	Name: _gcl_au Value: 1.1.1286113467.1671031566
.nv.ua/	1970-01-20 17:39:19	Name: __gfp_64b Value: YQhniB6jFE6z71LoPG78mX52VoYz7aGbUCpGtl38_4v.U7\|1671031565
.hit.gemius.pl/	1970-01-20 08:20:36	Name: Gtest Value: KlxghRaGQMQG16oRi1mlr4XissGMXP8c25nSG950VCHWXBG.
.rubiconproject.com/	1970-01-20 16:56:07	Name: khaos Value: LBNT1SBB-15-HD15
.rubiconproject.com/	1970-01-20 16:56:07	Name: audit Value: 1\|naVuGyos1qrlmdUyzXuXrT5APvdogVCbaTd6KyMQnaub55ZO9yeic3nxNk66vZ3OvUEsRtR0mOYx+FptCLf6SvFQ4EfZO4/2
a4p.adpartner.pro/	1970-01-20 09:36:55	Name: apuid Value: bb36d8e2-21de-4be0-8d55-dc9ad69fe639
.hit.gemius.pl/	1970-01-20 17:39:19	Name: Gdyn Value: KlxIwMXGQMQG16oRi1mlr4XissGMj1scL6nxmGBeCWhDwOaiGsRPtP7iGKGGqay5gGllle82GGUrxFs_EFyGsG..
.nv.ua/	1970-01-20 17:46:31	Name: _ga_52RSPD3WMK Value: GS1.1.1671031566.1.0.1671031566.60.0.0
.nv.ua/	1970-01-20 17:46:31	Name: _ga Value: GA1.2.733206321.1671031566
.nv.ua/	1970-01-20 08:11:57	Name: _gid Value: GA1.2.1635475561.1671031566
.nv.ua/	1970-01-20 08:10:31	Name: _dc_gtm_UA-51943557-1 Value: 1
.nv.ua/	1970-01-20 17:32:07	Name: __gads Value: ID=c9f99ad0ff70241d:T=1671031566:S=ALNI_MZd0lStjVeUEl5uQKUurLkNvNP33w
.nv.ua/	1970-01-20 17:32:07	Name: __gpi Value: UID=00000b927adc7053:T=1671031566:RT=1671031566:S=ALNI_MamdnZN9enNZr-Q8IdndGDClM84DA
.criteo.com/	1970-01-20 17:32:07	Name: uid Value: b7b0e34b-9fbf-43b2-ad4e-d67030ad1ae5
.nv.ua/	1970-01-20 17:32:07	Name: cto_bundle Value: TNtja19iS0tTdVczbSUyRkxIYU9ubVFoSmZkaVRCVkQlMkZLdFdQVlZ4TURocnBlRHdXSHBHck1aN09pZkI5Y3JPZnFtZTJ4MXVBVVdoJTJGZjFtSUNXZUZEYXZJazZaMUV2NFBYZFp2cHlsaURUOEI5d01xaTVuS1c5eWd1ajUzWUNqVWdCOHJEODR6UDN4Zzg3SDQzZE96Q2RzaW53emclM0QlM0Q
.adnxs.com/	1970-01-20 10:20:07	Name: uuid2 Value: 8605904383069871278
.casalemedia.com/	1970-01-20 16:56:07	Name: CMID Value: Y5nrEUNrKL0Cuskw.Bc6BgAA
.casalemedia.com/	1970-01-20 10:20:07	Name: CMPS Value: 5149
.casalemedia.com/	1970-01-20 10:20:07	Name: CMPRO Value: 5149
.doubleclick.net/	1970-01-20 17:32:07	Name: IDE Value: AHWqTUmtN0NC1nZ1MTPIInK9yG4sfNMg_0UXiGJ4uaX0DGnZ_MfBiZYIWijYDHmEFVo
.yahoo.com/	1970-01-20 16:56:29	Name: A3 Value: d=AQABBBLrmWMCEMhF6N78M1iWf2RVl2OEi1oFEgEBAQE8m2OjYwAAAAAA_eMAAA&S=AQAAAhCD2_yG8-6t_c4RmMegGBI
.w55c.net/	1970-01-20 17:40:45	Name: wfivefivec Value: uXP2bqw11P5tE65
.quantserve.com/	1970-01-20 10:20:07	Name: d Value: EDsBDQHnJ7jvsQA
.quantserve.com/	1970-01-20 17:40:45	Name: mc Value: 6399eb12-4c39b-925bd-42812
.w55c.net/	1970-01-20 08:53:43	Name: matchcasale Value: 5
.amazon-adsystem.com/	1970-01-20 17:46:31	Name: ad-privacy Value: 0
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 16:56:07	Name: bcookie Value: "v=2&cb95d6fa-f583-4b09-8ae9-70b93eef57a7"
.linkedin.com/	1970-01-20 12:29:43	Name: li_gc Value: MTswOzE2NzEwMzE1NzA7MjswMjGrSb+Oq1gEOrznwMLSEvUdk42eRqH1oFMd1yw7N8HhiQ==
.linkedin.com/	1970-01-20 08:11:57	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2771:u=1:x=1:i=1671031570:t=1671117970:v=2:sig=AQHQofz1GHpgBdFhOZntw8TbBPz7psLQ"
.bidr.io/	1970-01-20 17:39:01	Name: bito Value: AADkDk7HM9YAAB86x1tRMw
.bidr.io/	1970-01-20 17:39:01	Name: bitoIsSecure Value: ok
.casalemedia.com/	1970-01-20 10:20:07	Name: CMTS Value: 3368
.amazon-adsystem.com/	1970-01-20 12:57:05	Name: ad-id Value: A8hoDxLsbUqUm7UUXKA6sAk

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

80841b26ec44483329df41eeb27c08a7.safeframe.googlesyndication.com
a4p.adpartner.pro
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
bidder.criteo.com
c.amazon-adsystem.com
c.hit.ua
cdn.indexww.com
cdn.membrana.media
cm.g.doubleclick.net
cms.quantserve.com
d.adroll.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu8.heatmap.it
eus.rubiconproject.com
fastlane.rubiconproject.com
gaua.hit.gemius.pl
ghb.adtelligent.com
gum.criteo.com
htlb.casalemedia.com
ib.adnxs.com
js-sec.indexww.com
ls.hit.gemius.pl
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
nv.ua
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
px.ads.linkedin.com
region1.analytics.google.com
s.amazon-adsystem.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.criteo.net
static.nv.ua
stats.g.doubleclick.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
u.heatmap.it
unpkg.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
ym-tack.b-cdn.net
104.18.33.19
104.18.36.94
13.224.191.98
13.224.195.78
13.248.245.213
142.250.185.66
146.59.30.108
149.202.77.192
15.197.193.217
172.64.151.162
172.64.154.237
178.250.0.157
185.80.39.216
2.18.232.130
2001:4860:4802:34::178
2001:4860:4802:34::36
216.52.2.30
23.51.120.104
2400:52e0:1e00::864:1
2602:803:c003:200::51
2606:4700:10::6816:3649
2606:4700::6810:7caf
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:22::14
2a00:1450:4001:806::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:830::2002
2a00:1450:400c:c09::9b
2a02:2638:1::13
2a02:2638::24
2a02:2638::3
2a05:d018:cc3:fe05:c40a:eeeb:93e7:6fa1
2a05:d018:d29:3605:4483:92fd:9ae4:d5c
2a0c:5c81:5142::2
3.68.131.166
37.157.3.28
37.252.171.53
46.105.202.39
51.83.220.94
52.46.143.56
52.50.17.128
52.57.177.80
52.94.223.167
54.37.238.28
69.173.144.138
89.184.81.35
008702ed20b35006a694d4dc03dbb3f38c759a7db77b016857bd3641e7b54ce7
010a781c5b20d6c0db56133540f242e59e4510689fb0a1587ff30b390c510855
03676a44ba850fc209a733f9a6642252df84eb907d6fc113fb415d2283f2cbc4
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0e96fcb6892f18be36182e444084291dcfd03b90f66c4a8780ecdd0d616b28e9
10bbc037d581563fe1406f75b8a7d30bd8d1a94f4807064640d588b3cee0ea93
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
2269f96faf1d2f9a6b328ccde2f87316306c48eab677d112c03595838cb188ff
22c246a8c56174804c5b51311527dce73ffaba639d168dcb6b20674ee77c1c92
233b1cb59370e7b723d84ccb974e6742b3312566fcdcb7c4e14c26e6a0dc329c
264edf8b1a4e2c1a8fb3c2e5d422381c5ca291ea2697b51bfd8da36697b977fa
2a2da8f81c8efe9e4e54fed45b1b5ead9b4d8008fa32783e8d432272169dc593
2d14393252c06ed0054dcfd644b50ada8a7593bf8128f27c2d345910ba5db458
38686f8707bbd69234f4e5ca06d98dd1efcce6fbae46e714b1ded7e8be185b0e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
45d8ecd032e7435debe3cb3dd069dd1c81dac22846aaa038efc979a1c1af6fe8
46657b741f02aa03f86d68beadd6eaed69044e30583a3d48496bfe7a21c4b995
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4704ac51707a67a6bac885d7b9ee54e4e9905285945fe9617e87ddb9a5eb5541
48c97b0cfa2e71392fa58921505b2b8aad8f7496cd049ba4331fca8e8db8c485
4976340def2fb203b3eeca3f8b34480265f8c0b08e276e26f1a175497cb6704b
4b8398f71ca259546ec6e8c9c8b486b725dba9f09f1d7c70be5260e205786b7d
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
504ee67f8ae03b4bce255b4ef14695b9f7e15ad218adcc8fe558069c5fdeda8e
51afe72fed4de05e1dd5c6e490ef15c8c4d2630c0bef3088108b971f562a92de
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566f1f7d64379342927e78274c526e634c394fda54cf4145d698b815952d01f8
569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c
58cc5aa7f227b0a13dffde2d48ad926804c22f3e9f1aadcd218bb65da3c75d40
60a8914b38f3dd0deaa4f9db844a3356aee5e111e2aceaca946fb40c9d325917
61c1317e433c125a2ebbbdaf22fc3a0b3606bcb0c9cfea151425adf7b5195f48
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
653e544762ef3579e27972e6c26c8d1e8d6cbeae3f0ea229a226826276cf6ec8
671561c7b5807ce1f525b581bd2bc762e43504e0f6f6b09ef2c1f8ba98da7ada
69632316ada5c95cb5c5ff8fb734655e60292f0cf4aa1349a900d07a34b66657
6e5b89c63dfcddcf721da712eecc6eee483deb782118123e3e0215d7ec3085dc
6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70
6feb4bdd30394f5a053a39cd546e2a7770196bd5a3e9fff704fd2f40aa929d74
7207c1161b18365488468eb3fde9e4a686b97af51da21daf2ccade2bb251efb7
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74bd2c23a8ff454df4010d3b6b6c03c92c3e1e1a4e95ddd0d5983a55d1677ca6
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
81c4b78d19684375727d55e5f6239442b097a787c8babc84b3bc29cee953f207
826ddb2baf7e76e4604749657086940e717da6125535230a76def99c5101bc1d
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87f3fd56c5b953ac77a80cdd7d5274b9ba0222e499ad29831822f70f9fbd111e
8b1f07ec89987326cf9b3cddb72c9705972e73b79c9b34bb2fd86a48b1ca9dc1
8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90759d70a2278d4dc8930724f5d108e7b417d49aa1ea4e1487836f62f6dec557
92e929e4f5dbd52fdd482d523fb7fdda2876d663e86bf588edbf25fa79f6a532
99fecfebe46b4881fa4378760afbcc571822391abcd02aaee3078e25cedc90ea
9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5
a304013cfa14d9dc1fad6307a353f82447636bb18272b4bd0201c1fb4c916c29
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa00bdc74cdf124e45f545f927f91ed9c9c1af8db39769fa302d4dbdb195a546
acaf99ca95c98b2bc0bead4486a8c50536373001577a9e9ae3677fb0cdacaee9
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
ad9fbb7f560e1352e93e09cc730192d449a86868b4fab2ac19411f03bedda165
b11052fdbdfa44b0a1d8fe05cd3621f99073b58aa81f5c2374f91ecb2405c541
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4a9996cecdbf07daca5c9731ebaf39888a7ddda1ee84fb54f16ac91d5c30498
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
be9806282d457c3b1559375d8ebf042404688b16fdb4dca453d860084aec9a7b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c587a401813db636d706569da8233e4789e71891c0e84c973e28f00e872dc3cc
cc225bafb6cd2df3bbe1617e21d67282254660a72307d254c99e4456ecd7e154
cd78f6ef496e447892244a717eb3f4363ee0471cf17992803f39267d035bb204
cfa4a45ae5e4499d47330191a4a195186a806d6c60885342fec57160efc94112
d0db77be22a10b591b968cf1edb09c5bc49f7f6195219e33e61e98a0b493a4a6
d0f07190791630edc058ad6e5a33a3cda6a8f85c470e593ce0bbed46ffec148b
d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3
d575ba6c5411ab6e49743d328f4bd4491ca78afaa841e58cbf8f2b5bd2ddb169
d70de3ebde75723649d080f04a48c700526affa51b5446522db333b42aafbce4
d785cd75ef3955852e89c00fdebe52ebecdeb06b733c3ebaa42b150a0bfb6040
db841e58b00b05dc5018b59c86695fe31470b231d086ac113623d1a4be55a73b
ddeca2f06cc5e62724bea27d4b3253f1a0720eabc539f2768f4f97aeb873e38a
dfedd92697f13384c3ef9f6f21cd359d6685a6562020ad99b1de4db6d0c5fc72
e1d0f9e82c9b21bed65b690dfeb80485cc935d36ae0c0aa9a9ef42c5807e8330
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ef0f519d21cafd0eba8cd15a3818a59ccf696aa9a16eca20ca6ea76106b115
ee02cbf38a563a6515d35416d464be844c93080aaabbf48c0fee7947bd02b3c1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c68a9d2396b3186796024e4dcccae352ba22e0e3278c1a1e775fd068270bb6

nv.ua Open in urlscan Pro 2606:4700:10::6816:3649 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

122 Requests

87 %HTTPS

47 %IPv6

33 Domains

56 Subdomains

49 IPs

13 Countries

1806 kBTransfer

3602 kBSize

41 Cookies

118 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

nv.ua Open in urlscan Pro
2606:4700:10::6816:3649 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

87 %
HTTPS

47 %
IPv6

33
Domains

56
Subdomains

49
IPs

13
Countries

1806 kB
Transfer

3602 kB
Size

41
Cookies

122 HTTP transactions
0 data transactions