english.nv.ua Open in urlscan Pro
2606:4700:10::6816:3749 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Submission: On April 14 via api (April 14th 2022, 5:32:17 pm UTC) from US — Scanned from DE

Summary HTTP 210 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 49 IPs in 9 countries across 36 domains to perform 210 HTTP transactions. The main IP is 2606:4700:10::6816:3749, located in United States and belongs to CLOUDFLARENET, US. The main domain is english.nv.ua. The Cisco Umbrella rank of the primary domain is 388465.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 3rd 2021. Valid for: a year.

This is the only time english.nv.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2606:4700:10:... 2606:4700:10::6816:3749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
5	45.133.44.4 45.133.44.4	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	89.184.81.35 89.184.81.35	28907 (MIROHOST ...) (MIROHOST Web hosting)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
11	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	185.187.81.40 185.187.81.40	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
4	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	146.59.30.100 146.59.30.100	16276 (OVH) (OVH)
1	2606:4700:303... 2606:4700:3030::ac43:8f51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:3649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 7	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 1	23.227.139.243 23.227.139.243	55081 (24SHELLS) (24SHELLS)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
2 6	185.33.220.100 185.33.220.100	29990 (ASN-APPNEX) (ASN-APPNEX)
1	146.0.227.110 146.0.227.110	20773 (GODADDY) (GODADDY)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
10	2602:803:c003... 2602:803:c003:200::31	26667 (RUBICONPR...) (RUBICONPROJECT)
1	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	216.52.2.48 216.52.2.48	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	23.32.59.34 23.32.59.34	16625 (AKAMAI-AS) (AKAMAI-AS)
2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:303... 2606:4700:3036::ac43:c9e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1 27	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
3 6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
3 5	69.192.160.245 69.192.160.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.36.109.186 54.36.109.186	16276 (OVH) (OVH)
1	142.250.74.194 142.250.74.194	() ()
210	49

19 2606:4700:10::6816:3749 (United States)

ASN13335 (CLOUDFLARENET, US)

english.nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.medidexs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.184.81.35 (Kyiv, Ukraine)

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: c.hit.ua

c.hit.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.187.81.40 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.zmctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.100 (France)

ASN16276 (OVH, FR)
PTR: ip100.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:8f51 (United States)

ASN13335 (CLOUDFLARENET, US)

images.weserv.nl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb1.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ghb2.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3649 (United States)

ASN13335 (CLOUDFLARENET, US)

counter.nv.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.139.243 (Piscataway, United States) 1 redirects

ASN55081 (24SHELLS, US)

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.33.220.100 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.0.227.110 (Ascension Island)

ASN20773 (GODADDY, DE)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

adtelligent-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.59.34 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-34.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:c9e4 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adnuntius.delivery	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.192.160.245 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-245.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.186 (France)

ASN16276 (OVH, FR)
PTR: p06.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.194 (None, )

ASN- ()

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128 ade.googlesyndication.com	278 KB
27	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 262	4 MB
20	nv.ua english.nv.ua — Cisco Umbrella Rank: 388465 static.nv.ua — Cisco Umbrella Rank: 240713 counter.nv.ua — Cisco Umbrella Rank: 261905	334 KB
18	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 stats.g.doubleclick.net — Cisco Umbrella Rank: 95 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 293	244 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	333 KB
13	adtelligent.com 1 redirects player.adtelligent.com — Cisco Umbrella Rank: 4664 ghb.adtelligent.com — Cisco Umbrella Rank: 5687 sync.adtelligent.com — Cisco Umbrella Rank: 3858 ghb1.adtelligent.com — Cisco Umbrella Rank: 6735 ghb2.adtelligent.com — Cisco Umbrella Rank: 10097	161 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com	332 KB
10	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 458	11 KB
8	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 4 adservice.google.com — Cisco Umbrella Rank: 77	1 KB
6	casalemedia.com 3 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 463 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 575	5 KB
6	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 248	5 KB
5	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 758 gum.criteo.com — Cisco Umbrella Rank: 383 mug.criteo.com — Cisco Umbrella Rank: 2668	1 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 46301 ls.hit.gemius.pl — Cisco Umbrella Rank: 11850	16 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1059	157 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 632	59 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	73 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	2 KB
2	adform.net adx.adform.net — Cisco Umbrella Rank: 3977	408 B
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 457	174 B
2	zmctrack.net s.zmctrack.net — Cisco Umbrella Rank: 177004	24 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	126 KB
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 699	620 B
1	google.ro adservice.google.ro — Cisco Umbrella Rank: 45236	792 B
1	adnuntius.delivery ads.adnuntius.delivery — Cisco Umbrella Rank: 81239	2 KB
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 607	744 B
1	creativecdn.com prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5993	175 B
1	openx.net adtelligent-d.openx.net — Cisco Umbrella Rank: 18101	378 B
1	admixer.net inv-nets.admixer.net — Cisco Umbrella Rank: 2574	503 B
1	trafmag.com t.trafmag.com — Cisco Umbrella Rank: 7547	351 B
1	google.de www.google.de — Cisco Umbrella Rank: 5383	501 B
1	medidexs.com sync.medidexs.com — Cisco Umbrella Rank: 39653	20 KB
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 381835	169 B
1	weserv.nl images.weserv.nl — Cisco Umbrella Rank: 56155	3 KB
1	hit.ua c.hit.ua — Cisco Umbrella Rank: 128943	310 B
0	adpartner.pro Failed a4p.adpartner.pro Failed
210	36

	Domain	Requested by
27	s0.2mdn.net	english.nv.ua s0.2mdn.net
27	tpc.googlesyndication.com	1 redirects english.nv.ua 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com cdn.ampproject.org tpc.googlesyndication.com s0.2mdn.net
16	english.nv.ua	english.nv.ua
15	cdn.ampproject.org	securepubads.g.doubleclick.net
11	pagead2.googlesyndication.com	english.nv.ua 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
10	fastlane.rubiconproject.com	player.adtelligent.com
8	securepubads.g.doubleclick.net	english.nv.ua securepubads.g.doubleclick.net
7	www.google.com	1 redirects english.nv.ua 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
6	ib.adnxs.com	2 redirects player.adtelligent.com googleads.g.doubleclick.net
6	ghb.adtelligent.com	player.adtelligent.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	www.google-analytics.com	www.googletagmanager.com english.nv.ua
4	gaua.hit.gemius.pl	1 redirects english.nv.ua gaua.hit.gemius.pl
4	player.adtelligent.com	english.nv.ua player.adtelligent.com
3	encrypted-tbn0.gstatic.com	9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
3	googleads.g.doubleclick.net	9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com english.nv.ua
3	9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	cdn.taboola.com	english.nv.ua cdn.taboola.com
3	static.nv.ua	english.nv.ua
2	mug.criteo.com	english.nv.ua
2	gum.criteo.com	1 redirects
2	static.criteo.net	player.adtelligent.com static.criteo.net
2	googleads4.g.doubleclick.net	english.nv.ua
2	encrypted-tbn3.gstatic.com	9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
2	www.googletagservices.com	9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	adx.adform.net	player.adtelligent.com
2	hbopenbid.pubmatic.com	player.adtelligent.com
2	s.zmctrack.net	english.nv.ua
2	www.googletagmanager.com	english.nv.ua www.googletagmanager.com
1	ade.googlesyndication.com	english.nv.ua
1	id5-sync.com	player.adtelligent.com
1	encrypted-tbn1.gstatic.com	9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
1	encrypted-tbn2.gstatic.com	9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
1	www.gstatic.com	9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.ro	securepubads.g.doubleclick.net
1	ads.adnuntius.delivery	player.adtelligent.com
1	bidder.criteo.com	player.adtelligent.com
1	ghb2.adtelligent.com	player.adtelligent.com
1	ghb1.adtelligent.com	player.adtelligent.com
1	htlb.casalemedia.com	player.adtelligent.com
1	ap.lijit.com	player.adtelligent.com
1	prebid-eu.creativecdn.com	player.adtelligent.com
1	adtelligent-d.openx.net	player.adtelligent.com
1	inv-nets.admixer.net	player.adtelligent.com
1	t.trafmag.com	english.nv.ua
1	sync.adtelligent.com	1 redirects
1	www.google.de	english.nv.ua
1	sync.medidexs.com	player.adtelligent.com
1	counter.nv.ua	english.nv.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	loadercdn.net	english.nv.ua
1	images.weserv.nl	english.nv.ua
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	c.hit.ua	english.nv.ua
0	a4p.adpartner.pro Failed	english.nv.ua
210	59

This site contains links to these domains. Also see Links.

Domain
hit.ua
twitter.com
www.facebook.com
ua.depositphotos.com
interfax.com.ua
ukranews.com
nv.ua
forms.gle

Subject Issuer	Validity	Valid
nv.ua Cloudflare Inc ECC CA-3	`2021-06-03` - `2022-06-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
player.adtelligent.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.hit.ua R3	`2022-01-20` - `2022-04-20`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
s.zmctrack.net Sectigo RSA Domain Validation Secure Server CA	`2021-04-21` - `2022-04-25`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-21` - `2022-06-20`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-07` - `2022-07-06`	3 months	crt.sh
loadercdn.net R3	`2022-02-11` - `2022-05-12`	3 months	crt.sh
sync.medidexs.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.admixer.net Sectigo ECC Domain Validation Secure Server CA	`2021-11-16` - `2022-12-17`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-17` - `2023-04-12`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-04-12`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-12-12` - `2022-12-13`	a year	crt.sh
ghb1.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-10` - `2022-07-09`	3 months	crt.sh
ghb2.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2022-04-10` - `2022-07-09`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
*.google.ro GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-03-21` - `2022-06-13`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.id5-sync.com R3	`2022-03-08` - `2022-06-06`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Frame ID: 3E7447C2B04767C28420FE1864B33064
Requests: 87 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 0C22BB3DE54908EC61E0BD96A8ED69BD
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: C578F10B8ADC10CD48AD49EE819D7BFC
Requests: 1 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: C1008371BEFA3C0B93E3DEA20FAC7096
Requests: 1 HTTP requests in this frame

Frame: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E4747B54D0EBEBE4E10346C55EE4A65D
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: B64213BAD678DDC0C446A5BCD1E1EE2C
Requests: 18 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: C6F05655318C38CBE3D45C15EF868700
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 0A315FD72F21E311614AF0E4B8A68D8A
Requests: 15 HTTP requests in this frame

Frame: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 12DBC2185A43DEA5CDE25EBA91A89162
Requests: 16 HTTP requests in this frame

Frame: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3316DF75DE666E25519CB046FEA905C6
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGMH50rUBMAE&v=APEucNXyUQzo2S-px_pbQEZ08E3IRygSHNthe4aVAF1IZxHec2Xq5YFXE0PdVaOLkQmLDgDkC5gjtAmsjT5fVE5A0LucK4kNkGVvLz3iW81VLvvxD2En9mPXm1xHOPP_Z3UQ9YfqQY5iFVhsku688YbJqxZKGaZKSVa05MlTy5I2NKZr4AIOSKc
Frame ID: B2A939EDC3FE1762D5404EB9479A2DCA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js
Frame ID: 99DE2743EA5EAAF5D86FC35DCF2CEB3E
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
Frame ID: C2149D26713CF1C6597C2B93BE12C423
Requests: 28 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 62D162269B5731BC3704EA7EFC7ABB65
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js
Frame ID: 49F362683C3A30577BBC27F083127595
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Anonymous hacks Gazprom's website, publishes company's correspondence / The New Voice of Ukraine

Detected technologies

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

210
Requests

95 %
HTTPS

51 %
IPv6

36
Domains

59
Subdomains

49
IPs

9
Countries

5950 kB
Transfer

9768 kB
Size

32
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://hit.ua/?x=26009
Title: Cd=document;Cr="&"+Math.random();Cp="&s=1"; Cd.cookie="b=b";if(Cd.cookie)Cp+="&c=1"; Cp+="&t="+(new Date()).getTimezoneOffset(); if(self!=top)Cp+="&f=1"; if(navigator.javaEnabled())Cp+="&j=1"; if(typeof(screen)!='undefined')Cp+="&w="+screen.width+"&h="+ screen.height+"&d="+(screen.colorDepth?screen.colorDepth:screen.pixelDepth); new Image().src = "//c.hit.ua/hit?i=26009&g=0&x=2"+Cp+Cr+"&r="+escape(Cd.referrer)+"&u="+escape(window.location.href); <img src='//c.hit.ua/hit?i=26009&g=0&x=2' border='0'/>

Search URL Search Domain Scan URL

URL: https://twitter.com/NewVoiceUkraine
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheNewVoiceUkraine
Title: Facebook

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/?utm_source=NV&utm_medium=footer&utm_campaign=UA-brand

Search URL Search Domain Scan URL

URL: https://interfax.com.ua/
Title: "Interfax-Ukraine"

Search URL Search Domain Scan URL

URL: https://ukranews.com/
Title: “Ukrainian News”

Search URL Search Domain Scan URL

URL: https://nv.ua/new_landings/variant_1.html?utm_source=site&utm_medium=popup&utm_campaign=psubscription
Title: ПРОДОЛЖИТЬ ПОДПИСКУ

Search URL Search Domain Scan URL

URL: https://nv.ua/ukr/donate
Title: Додатково пітримати нас можна за посиланням

Search URL Search Domain Scan URL

URL: https://forms.gle/d7ZfpGoViDMRTRYeA
Title: https://forms.gle/d7ZfpGoViDMRTRYeA

Search URL Search Domain Scan URL

URL: https://nv.ua/new_landings/variant_1.html
Title: Подписаться

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://gaua.hit.gemius.pl/_1649957525021/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=426&lsdata=VhmF9vsimHpHHNFEi.ghh81QnUnl9VDSPLD1Hm8nLJ..a7BijVUSOaPJLCdWz099gqUFt5xm9HQ.xNn6LTtwm7bEZXY2/YXy3xpjzcpQ88/&fpdata=BkSLMCXDGZA5AwRKyFLanWb_tiUA_0G9x4L.h4N8fMz.G7&vis=1&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1649957525021/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=426&lsdata=VhmF9vsimHpHHNFEi.ghh81QnUnl9VDSPLD1Hm8nLJ..a7BijVUSOaPJLCdWz099gqUFt5xm9HQ.xNn6LTtwm7bEZXY2/YXy3xpjzcpQ88/&fpdata=BkSLMCXDGZA5AwRKyFLanWb_tiUA_0G9x4L.h4N8fMz.G7&vis=1&fpcap=

Request Chain 52

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=712fd8cf7060e96d

Request Chain 153

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr94DTFRC0ARi0ATIIDeOa_CQXdxw HTTP 301
https://tpc.googlesyndication.com/simgad/5163448701951345751

Request Chain 154

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 165

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJHNLK_PGUYHMAUI48M-1pw&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJHNLK_PGUYHMAUI48M-1pw&google_cver=1&C=1

Request Chain 166

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlhaloU9rJzokCEHQZoP0wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJHNLK_PGUYHMAUI48M-1pw&google_cver=1

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAR2BtumG4cDqDHXcsof28Q&google_cver=1

Request Chain 168

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxNzk4MjEwMTAyNjQ4NDM0OA%3D%3D

Request Chain 197

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fenglish.nv.ua%2F&domain=english.nv.ua&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=tipDHnxlYjlVRHpQcnJNdndNSFkvMEpncU1iVXVmQlY4OVRGR2xpcUsrWitRbTNjRm8vdkpqdjlJdjRWMXFGb3RicXE3L3Bqc3RSQ1lxcDVrbVZJSURXNzlCcisrZVVoYTUxcW4rY3dFNWlWYzl6ekVLZ05jWEgvYnFJR3crTlZtWVZTK01BdVVLZVoveU1CZ2dWT1FZcEhzbmRlY2srVDNvU3JXbkN0dVVZVUxKUDdhWEdlTnhSdXY2eUJHeHFtSEtZNzd0NDhXRzlwcG9CV2ZXY2JQK3J4Z0JrQzdjakV6ekJTaUZ3Sk54ZHhrVGpzPXw&cppv=2

210 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html Show response
english.nv.ua/nation/ 77 KB
22 KB 140ms
61ms Document
text/html 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: feaf7a60de1a6364aae57567f508c57d85876c42c8d15699261dd8de1390f5f8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 14145
cf-cache-status: DYNAMIC
cf-ray: 6fbe2dbd2e773744-MXP
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 14 Apr 2022 17:32:04 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Thu, 14 Apr 2022 16:36:12 GMT
nv-cache: 432000s
server: cloudflare
varnish-ttl: 432000.000
vary: Accept-Encoding
x-cache: hit cached
x-cacheable: 1
x-varnish-hash: GET:english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html:desktop

GET
H2 200 article.css
english.nv.ua/css/ 129 KB
21 KB 68ms
65ms Stylesheet
text/css 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/css/article.css?4.17
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24b054d15550e51876a7b4a869f6cd7db552c1d4dc76976ea25dd36fe958cb46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 11 Apr 2022 12:45:41 GMT
server: cloudflare
age: 274669
etag: W/"625422f5-20433"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Wed, 12 Apr 2023 13:14:15 GMT
cache-control: max-age=31557600
cf-polished: origSize=132147
cf-ray: 6fbe2dbdc8173744-MXP
cf-bgj: minify

GET
H2 200 95d007a895b4a96ac86d8f87a7417aae.jpg
static.nv.ua/shared/system/Article/posters/002/490/378/900x450/ 12 KB
12 KB 89ms
58ms Image
image/webp 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/Article/posters/002/490/378/900x450/95d007a895b4a96ac86d8f87a7417aae.jpg?q=85&stamp=20220414162340&f=webp
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b518f44abe6f5287b9141e121ffa32644a45644183ef3a8a194a021a381faf4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: public
date: Thu, 14 Apr 2022 17:32:04 GMT
cf-cache-status: HIT
last-modified: Thu, 14 Apr 2022 13:34:49 GMT
server: cloudflare
age: 9728
etag: "c43143e78e299b9bfbf966860f4755bd"
x-cache-status: HIT
vary: Accept-Encoding
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6fbe2dbe08ac3744-MXP
expires: Sat, 14 May 2022 14:49:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
61 KB 110ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fa5599ff48b4b9ef3b7169f442e442d6a8b4eee0812a9ff013056c6069cfd49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61770
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 17:06:39 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 14 Apr 2022 17:32:04 GMT

GET
H2 200 wrapper_hb_285119_882.js Show response
player.adtelligent.com/prebidlink/458321/ 785 B
747 B 63ms
16ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/458321/wrapper_hb_285119_882.js
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: a493c1587354a72f2e7810ada3fb73bab23de3e41f5725ba8a3620b6cbd263f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 10:34:48 GMT
server: nginx
etag: W/"6257f8c8-311"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 16 Apr 2022 17:32:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/mediadk-nvuaen/ 130 KB
22 KB 63ms
17ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/mediadk-nvuaen/loader.js
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8415306a69cba6d6a7dfbf9b25c209ea7c3bdc91d944bb6b4798242374066fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: DQU.qIQcjpioQ.hCGZZFH3Tk.KiXrAbz
content-encoding: gzip
age: 7402
via: 1.1 varnish
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 6
content-length: 22552
x-amz-id-2: Bco9UPJP7hA8Igp21+htpYpdbsDUYVrtnaeMGry3DmvHQLgfrYV+Ojd0+D6NuoKS0oxL4pzOp6o=
x-served-by: cache-hhn4046-HHN
last-modified: Thu, 14 Apr 2022 12:05:39 UTC
server: nginx
x-timer: S1649957524.184401,VS0,VE2
etag: "c66b0c9e158879f0ec8e56661e2f3831a14488ca"
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: 2VVAKP1JFXAD99PC
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
date: Thu, 14 Apr 2022 17:32:04 GMT
abp: 4
x-cache-hits: 1

GET
H2 200 tablet-fixes-768.css
english.nv.ua/css/ 2 KB
722 B 61ms
56ms Stylesheet
text/css 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/css/tablet-fixes-768.css?4.17
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 64a9185d11765f5032214324cdf7d4c99cd2e6c291d9bd2239868f980539a9d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 09:35:45 GMT
server: cloudflare
age: 274669
etag: W/"618b9271-67d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Wed, 12 Apr 2023 13:14:15 GMT
cache-control: max-age=31557600
cf-polished: origSize=1661
cf-ray: 6fbe2dbe08b13744-MXP
cf-bgj: minify

GET
H2 200 tablet-fixes-1024.css
english.nv.ua/css/ 2 KB
649 B 61ms
57ms Stylesheet
text/css 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/css/tablet-fixes-1024.css?4.17
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f818456ece89fb5cbb7592ef428593c9f32c318fe3e676ec3c372e53e9af4a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Nov 2021 09:35:45 GMT
server: cloudflare
age: 274669
etag: W/"618b9271-700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
expires: Wed, 12 Apr 2023 13:14:15 GMT
cache-control: max-age=31557600
cf-ray: 6fbe2dbe08b23744-MXP
cf-bgj: minify

GET
H2 200 hit
c.hit.ua/ 43 B
310 B 199ms
41ms Image
image/gif 89.184.81.35
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.hit.ua/hit?i=26009&g=0&x=2&s=1&c=1&t=0&w=1600&h=1200&d=24&0.3439206864925517&r=&u=https%3A//english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 89.184.81.35 Kyiv, Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: c.hit.ua
Software: nginx/1.17.9 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:04 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
server: nginx/1.17.9
p3p: policyref="/w3c/p3p.xml", CP="UNI"
expires: 0

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-700.woff2
english.nv.ua/fonts/noto/ 37 KB
37 KB 91ms
89ms Font
font/woff2 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-700.woff2
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/css/article.css?4.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c

Request headers

Referer: https://english.nv.ua/css/article.css?4.17
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 3475225
etag: "60e41fd8-944c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 6fbe2dbe79e23744-MXP
content-length: 37964
expires: Mon, 06 Mar 2023 12:11:39 GMT

GET
H2 200 icons.ttf
english.nv.ua/fonts/ 14 KB
14 KB 61ms
59ms Font
application/octet-stream 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/fonts/icons.ttf?a1cca35a7cff126c89b48684aee63b69
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/css/article.css?4.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3

Request headers

Referer: https://english.nv.ua/css/article.css?4.17
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
cf-cache-status: HIT
last-modified: Tue, 19 Oct 2021 11:43:45 GMT
server: cloudflare
age: 3475225
etag: "616eaf71-3914"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 6fbe2dbe79e63744-MXP
content-length: 14612
expires: Mon, 06 Mar 2023 12:11:39 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-700.woff2
english.nv.ua/fonts/noto/ 58 KB
58 KB 66ms
63ms Font
font/woff2 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-700.woff2
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/css/article.css?4.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5

Request headers

Referer: https://english.nv.ua/css/article.css?4.17
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 3475225
etag: "60e41fd8-e8b8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 6fbe2dbe79ea3744-MXP
content-length: 59576
expires: Mon, 06 Mar 2023 12:11:39 GMT

GET
H2 200 noto-sans-v12-latin_cyrillic-ext-regular.woff2
english.nv.ua/fonts/noto/ 37 KB
38 KB 60ms
58ms Font
font/woff2 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/fonts/noto/noto-sans-v12-latin_cyrillic-ext-regular.woff2
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/css/article.css?4.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70

Request headers

Referer: https://english.nv.ua/css/article.css?4.17
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 47772
etag: "60e41fd8-9578"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 6fbe2dbe79ec3744-MXP
content-length: 38264
expires: Sat, 15 Apr 2023 04:15:52 GMT

GET
H2 200 noto-serif-v9-latin_cyrillic-ext-regular.woff2
english.nv.ua/fonts/noto/ 53 KB
53 KB 95ms
80ms Font
font/woff2 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/fonts/noto/noto-serif-v9-latin_cyrillic-ext-regular.woff2
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/css/article.css?4.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5

Request headers

Referer: https://english.nv.ua/css/article.css?4.17
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
cf-cache-status: HIT
last-modified: Tue, 06 Jul 2021 09:18:16 GMT
server: cloudflare
age: 3475225
etag: "60e41fd8-d430"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 6fbe2dbeeadb3744-MXP
content-length: 54320
expires: Mon, 06 Mar 2023 12:11:39 GMT

GET
H2 200 nv_en_logo.png
static.nv.ua/images/main/ 8 KB
8 KB 55ms
52ms Image
image/webp 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/images/main/nv_en_logo.png?q=85&f=webp&stamp=4.17
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d76c0de81daa83a186eb4607d36d518d27045937fc36819c858576387d744ba4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
cf-cache-status: HIT
age: 5529
cf-polished: origFmt=png, origSize=12751
content-disposition: inline; filename="nv_en_logo.webp"
content-length: 8072
pragma: public
last-modified: Thu, 03 Feb 2022 13:52:33 GMT
server: cloudflare
etag: "61fbde21-31cf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6fbe2dbeeae13744-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 get_right_column_english.html Show response
english.nv.ua/ 9 KB
2 KB 68ms
64ms XHR
text/html 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/get_right_column_english.html?browser_id=null
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f2fb66cd232ecbef930d690546b5ab30feda30db4ac234c9745b04b579bbff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
x-varnish-hash: GET:english.nv.ua/get_right_column_english.html:desktop
x-cacheable: 1
server: cloudflare
age: 8
varnish-ttl: 300.000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: hit cached
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
nv-cache: 300s
cf-ray: 6fbe2dbefb153744-MXP

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 43 KB
12 KB 100ms
33ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 42524ce07f6ab05f27342edc02440b28590a7fe433adae3133a7e6bef2482e41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 12:02:11 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11707
expires: Fri, 15 Apr 2022 05:32:04 GMT

GET
H2 200 800%D1%8580.png
english.nv.ua/images/ 6 KB
6 KB 65ms
63ms Image
image/webp 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://english.nv.ua/images/800%D1%8580.png
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a590006544400f77507234925a9bbea357265b053d2de4b6ed371149c285ebe7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
cf-cache-status: HIT
age: 40351
cf-polished: qual=85, origFmt=jpeg, origSize=52495
content-disposition: inline; filename="800%D1%8580.webp"
content-length: 6014
last-modified: Tue, 12 Apr 2022 13:40:04 GMT
server: cloudflare
etag: "62558134-cd0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Sat, 15 Apr 2023 06:19:33 GMT
cache-control: max-age=31557600
accept-ranges: bytes
cf-ray: 6fbe2dbf0b613744-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 author-arrow.svg
english.nv.ua/images/ 419 B
451 B 75ms
75ms Image
image/svg+xml 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://english.nv.ua/images/author-arrow.svg
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/css/article.css?4.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/css/article.css?4.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Mar 2020 21:45:05 GMT
server: cloudflare
age: 47768
etag: W/"5e6ff361-1a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31557600
cf-ray: 6fbe2dbf0b643744-MXP
expires: Sat, 15 Apr 2023 04:15:56 GMT

GET
H2 200 4571a3895efd042970916fb028246d5d.png
static.nv.ua/shared/system/opinion_authors/avatars/000/018/663/original/ 11 KB
11 KB 69ms
67ms Image
image/png 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nv.ua/shared/system/opinion_authors/avatars/000/018/663/original/4571a3895efd042970916fb028246d5d.png?q=85&stamp=1&w=115
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9d6824de39593de8fd9abd5d8f3a87520f7e82d26889fd199109d4a4373d15a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
cf-cache-status: HIT
age: 95335
cf-polished: status=cannot_optimize
x-cache-status: HIT
pragma: public
last-modified: Mon, 11 Apr 2022 19:55:34 GMT
server: cloudflare
etag: "f9717f314b477060014d263e21e14486"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
expires: Fri, 13 May 2022 15:03:09 GMT
cache-control: public, max-age=31536000
cf-ray: 6fbe2dbf3c203744-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 hbw_master_285119_882.js Show response
player.adtelligent.com/prebidlink/458321/ 232 KB
35 KB 20ms
18ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/458321/hbw_master_285119_882.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458321/wrapper_hb_285119_882.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 57fa3fd4a65322659944ca03e975fdc031addd892ded4a1809c8f055e75942d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 10:34:48 GMT
server: nginx
etag: W/"6257f8c8-3a12a"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 16 Apr 2022 17:32:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 84 KB
29 KB 71ms
26ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

9b5b0bb3e5bb4b5362395f02def04a1389abe2b88c0883a3b63f60c79437a771

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28614
x-xss-protection: 0
server: sffe
etag: "1186 / 490 of 1000 / last-modified: 1649934465"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 14 Apr 2022 17:32:04 GMT

HEAD
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 0
0 74ms
43ms Fetch
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
etag: 6385064579468866337
vary: Accept-Encoding, Origin
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Thu, 14 Apr 2022 17:32:04 GMT

GET
H2 200 impl.20220414-6-RELEASE.es5.js Show response
cdn.taboola.com/libtrc/ 699 KB
134 KB 9ms
7ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20220414-6-RELEASE.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/mediadk-nvuaen/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 53c0dcd72001f384774c1c82956fb4f2b105dee21251b942ee6c8ba1f46b1be9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-amz-version-id: z9Xpvt4Rj1lDSCH3hwmO0wlqFzTuv4T6
content-encoding: br
etag: "b5ad4a46ba4ec36ede5891c70a11e04e"
age: 2070
x-cache: HIT
content-length: 137245
x-amz-id-2: l11zg3PX+y1TKBIuX3CxyS92FzYfjusJp2Pf97/l9Ak0iJqLXCl+kgSM6X5I1mzk3nhEmKKQN1HsiEtTX7T8tQ==
x-served-by: cache-hhn4046-HHN
last-modified: Thu, 14 Apr 2022 08:56:24 GMT
server: AmazonS3-br
x-timer: S1649957524.435429,VS0,VE0
date: Thu, 14 Apr 2022 17:32:04 GMT
vary: Accept-Encoding
x-amz-request-id: NY3CNG1ZSY8MB3VE
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 35
x-cache-hits: 941

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
78 B 20ms
18ms Image
text/html 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=inc_video_ctrl
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1649957524.435715,VS0,VE0
x-served-by: cache-hhn4046-HHN
x-cache: HIT
content-type: text/html
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 all_scripts.min.js Show response
english.nv.ua/scripts/ 131 KB
45 KB 47ms
44ms Script
application/javascript 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/scripts/all_scripts.min.js?4.17
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65e20cb2d247d583efe3b20202f739f2c42dea3424705f8a41d4e5065c9c77ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 10:18:44 GMT
server: cloudflare
age: 274669
etag: W/"62500c04-20b66"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31557600
cf-ray: 6fbe2dbffe1a3744-MXP
expires: Wed, 12 Apr 2023 13:14:15 GMT

GET
H2 200 237.html Show response
english.nv.ua/get_additional_blocks/ 10 KB
3 KB 64ms
63ms XHR
text/html 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/get_additional_blocks/237.html
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 572350c5da7a17006b84f16eed1e8a4610874a855415fd85164e8712c58f638f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
x-varnish-hash: GET:english.nv.ua/get_additional_blocks/237.html:desktop
x-cacheable: 1
server: cloudflare
age: 780
varnish-ttl: 900.000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: hit cached
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
nv-cache: 900s
cf-ray: 6fbe2dbffe1d3744-MXP

POST
H2 200 z Show response
s.zmctrack.net/ Frame 0C22 53 KB
24 KB 184ms
72ms XHR
text/javascript 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: d9f493597b175e7ac223e3eba044146d970605f001ff549d3838fdf344f913a6

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23861
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 39ms
29ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

06883262e4cd116942c21b87f764ccd8f4b21ea67f38510d620e414fd843bf81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66711
x-xss-protection: 0
expires: Thu, 14 Apr 2022 17:32:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 47ms
14ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WKM63L

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4493
date: Thu, 14 Apr 2022 16:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 14 Apr 2022 18:17:11 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 274 B
388 B 30ms
29ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=english.nv.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: ff84e434d34789f9bf332b6cbcb305b3b94ddafb7013a22f3fc7a33abf6b9147

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 274
expires: Sat, 14 May 2022 17:32:04 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame C578 5 KB
3 KB 98ms
28ms Document
text/html 146.59.30.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.100 , France, ASN16276 (OVH, FR),
Reverse DNS: ip100.ip-146-59-30.eu
Software: GHC /
Resource Hash: c5ebdae615537e7a35988b6836ef24b227e786cd143b77d780a041b2d76f5bc4

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2708
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 17:32:04 GMT
etag: PRIVATE7520710249
expires: Sat, 14 May 2022 17:32:04 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H2 200 /
images.weserv.nl/ 2 KB
3 KB 137ms
72ms Image
image/webp 2606:4700:3030::ac43:8f51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.weserv.nl/?url=https://english.nv.ua/images/new-markup-images/depositphotos.png&q=75&output=webp&stamp=4.17123

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::ac43:8f51 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b697a3d48705444c3234c577ac86ec0adcad410c3e4515afcfcaf0bb08ac4978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

x-images-api: 5
date: Thu, 14 Apr 2022 17:32:04 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 255701
x-cache-status: MISS
x-upstream-response-length: 2226
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename=image.webp
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1744
timing-allow-origin: *
last-modified: Mon, 11 Apr 2022 12:55:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QrCu%2BsHJ1BI5Bsid%2BvfYMd18xd6v4J%2FAGuLrvGuHWqfF%2FU9feKigVXqMeoyI5QxpyPpBGZll%2F7s49L2mrw9l%2F3DcxokXbxZY0vNev1WvwL0qpC1cExHfJlPUcGtSQ1Qw%2F0GqrVHiPTANzZEuIRgU"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6fbe2dc16809e8ff-MXP
link: <https://english.nv.ua/images/new-markup-images/depositphotos.png>; rel="canonical"
expires: Tue, 11 Apr 2023 12:55:46 GMT

GET
H3 200 pubads_impl_2022041101.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 46ms
17ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

e522221082f0e3d37056ae77e5e8e6d21622053fc3f25ee5b9d15a0969f073b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:52:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16772
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127597
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 08:34:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Apr 2023 12:52:32 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 246 B
163 B 45ms
22ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=english.nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

2a196663e6de25157d32fac32772ead483ce491370e7138bbe7587b741755740

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 138
x-xss-protection: 0
expires: Thu, 14 Apr 2022 17:32:04 GMT

GET
H2 200 hb_285119_882.js Show response
player.adtelligent.com/prebidlink/ex19097/ 388 KB
117 KB 111ms
96ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458321/hbw_master_285119_882.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: e1a32081e8be1dcbc0ab8b4dca8b47e659609ae9b005c075fecd81da7a7d6eca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 11:57:39 GMT
server: nginx
etag: W/"624c2eb3-60e64"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Sat, 16 Apr 2022 17:32:04 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 139 B
385 B 108ms
27ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458321/hbw_master_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: bb5d4883b68a1e1586bfb36fb34aad640800efcf05b6eb0dabf30a8f4bb17c81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://english.nv.ua
Date: Thu, 14 Apr 2022 17:32:04 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 139
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
407 B 91ms
18ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=285119&site_id=882&full_page_url=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&adid=za3xyh.vr&features=16416&vpbv=N056&lifecycle_tte=841
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458321/hbw_master_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://english.nv.ua
Date: Thu, 14 Apr 2022 17:32:04 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 /
loadercdn.net/ 0
169 B 157ms
41ms Image
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=b9d90217ec4ca465&d=english.nv.ua
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 14 Apr 2022 17:32:04 GMT
server: openresty

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 71ms
24ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-51943557-1&cid=1814978448.1649957525&jid=968248605&gjid=1296034954&_gid=105963544.1649957525&_u=YGBAgEABAAAAAE~&z=1121301356

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 14 Apr 2022 17:32:04 GMT
content-type: text/plain
access-control-allow-origin: https://english.nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 27ms
2ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=832744887&t=pageview&_s=1&dl=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&ul=en-us&de=UTF-8&dt=Anonymous%20hacks%20Gazprom%27s%20website%2C%20publishes%20company%27s%20correspondence%20%2F%20The%20New%20Voice%20of%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=968248605&gjid=1296034954&cid=1814978448.1649957525&uid=0&tid=UA-51943557-1&_gid=105963544.1649957525&gtm=2wg460WKM63L&cd2=0&cd3=79725&cd4=not%20authorized&cd6=2022-04-14%2016%3A36%3A00&cd7=237&cd8=0&cd9=0&cd10=0&cd11=0&cd12=none&z=983246408

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16525
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 14ms
14ms Ping
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-52RSPD3WMK&gtm=2oe460&_p=832744887&sr=1600x1200&_z=ccd.EKB&ul=en-us&cid=1814978448.1649957525&_s=1&dl=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&dt=Anonymous%20hacks%20Gazprom%27s%20website%2C%20publishes%20company%27s%20correspondence%20%2F%20The%20New%20Voice%20of%20Ukraine&sid=1649957524&sct=1&seg=0&en=page_view&_fv=1&_ss=1&epn.is_paywall=0&epn.top_category_id=237&ep.is_infinite=false&epn.is_evergreen=0&epn.paywall_user_id=0&ep.paywall_subscription=none&ep.EditorId=79725&ep.allowLinker=true&upn.paywall_user_id=0&up.paywall_subscription=none
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-52RSPD3WMK&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:04 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://english.nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 set
counter.nv.ua/ Frame 0
0 110ms
55ms Preflight
text/html 2606:4700:10::6816:3649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://counter.nv.ua/set?a=50233871
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://english.nv.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 6fbe2dc36e12f937-MXP
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 14 Apr 2022 17:32:05 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare

GET
H2 200 50233871.html Show response
english.nv.ua/get_article_views/ 3 B
166 B 132ms
131ms XHR
text/html 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://english.nv.ua/get_article_views/50233871.html
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/scripts/all_scripts.min.js?4.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b871512327c09ce91dd649b3f96a63b7408ef267c8cc5710114e629730cb61f

Request headers

Referer: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:05 GMT
content-encoding: gzip
x-varnish-hash: GET:english.nv.ua/get_article_views/50233871.html:mobile
x-cacheable: 1
server: cloudflare
age: 0
varnish-ttl: 300.000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-cache: miss cached
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
nv-cache: 300s
cf-ray: 6fbe2dc32d943744-MXP

GET set
counter.nv.ua/ 0
0

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 448 B
567 B 28ms
28ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=380897&aid2=380898&aid3=587777&aid4=undefined
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458321/hbw_master_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 6d133cde47581a7585136a8f60870d85c16f83fafb613d2fc6e180e534e403b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 17:32:04 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://english.nv.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 282

GET
H2 200 5av.js Show response
sync.medidexs.com/ps/10/ 53 KB
20 KB 71ms
17ms Script
application/javascript 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.medidexs.com/ps/10/5av.js
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458321/hbw_master_285119_882.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 4074f32d83141b649e3fa117575294977fc03d7376f6177b62ff3d866b25b880

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:05 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 18:06:16 GMT
server: nginx
etag: W/"623cb318-d571"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=172800
expires: Sat, 16 Apr 2022 17:32:05 GMT

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1649957525021/
Redirect Chain

https://gaua.hit.gemius.pl/_1649957525021/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fenglish.nv....
https://gaua.hit.gemius.pl/__/_1649957525021/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fenglish....

169 B
425 B

28ms
28ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1649957525021/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=426&lsdata=VhmF9vsimHpHHNFEi.ghh81QnUnl9VDSPLD1Hm8nLJ..a7BijVUSOaPJLCdWz099gqUFt5xm9HQ.xNn6LTtwm7bEZXY2/YXy3xpjzcpQ88/&fpdata=BkSLMCXDGZA5AwRKyFLanWb_tiUA_0G9x4L.h4N8fMz.G7&vis=1&fpcap=
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 2930f4072ddb47d2304c1444bbe5254d3b9b57bc2968c5bc2a3b1c66d0c90f27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:05 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Wed, 13 Apr 2022 17:32:05 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:05 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1649957525021/rexdot.js?l=100&id=bP1LyUd8vEolEOrZhSdqarRHfcBKuIeKw9GC.6Mtx33.67&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=426&lsdata=VhmF9vsimHpHHNFEi.ghh81QnUnl9VDSPLD1Hm8nLJ..a7BijVUSOaPJLCdWz099gqUFt5xm9HQ.xNn6LTtwm7bEZXY2/YXy3xpjzcpQ88/&fpdata=BkSLMCXDGZA5AwRKyFLanWb_tiUA_0G9x4L.h4N8fMz.G7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Wed, 13 Apr 2022 17:32:05 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 79ms
31ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51943557-1&cid=1814978448.1649957525&jid=968248605&_u=YGBAgEABAAAAAE~&z=305212988

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 72ms
34ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-51943557-1&cid=1814978448.1649957525&jid=968248605&_u=YGBAgEABAAAAAE~&z=305212988

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
26ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=832744887&t=event&ni=1&_s=2&dl=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&ul=en-us&de=UTF-8&dt=Anonymous%20hacks%20Gazprom%27s%20website%2C%20publishes%20company%27s%20correspondence%20%2F%20The%20New%20Voice%20of%20Ukraine&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=FCP&el=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&ev=383&_u=YHBAgEABAAAAAE~&jid=&gjid=&cid=1814978448.1649957525&uid=0&tid=UA-51943557-1&_gid=105963544.1649957525&gtm=2wg460WKM63L&cd2=0&cd3=79725&cd4=not%20authorized&cd6=2022-04-14%2016%3A36%3A00&cd7=237&cd8=0&cd9=0&cd10=0&cd11=0&cd12=none&z=858219484

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16526
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 z Show response
s.zmctrack.net/ Frame C100 102 B
450 B 51ms
51ms XHR
text/plain 185.187.81.40
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.40 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: c2f3a5a13122f87c41184e7fb2b039c8af3201aa00617aac16e691991d7b5864

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 14 Apr 2022 17:32:05 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://english.nv.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/285082/ 6 KB
3 KB 29ms
7ms XHR
application/json 45.133.44.4
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/285082/config.json?cb=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: c14cb624d43fe734fd4c844bf77cb5dc398137f7b222c6fc16b594c26f603d25

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Apr 2022 17:32:05 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 00:02:11 GMT
server: nginx
etag: W/"62576483-1999"
content-type: application/json
access-control-allow-origin: https://english.nv.ua
expires: Sat, 16 Apr 2022 17:32:05 GMT
cache-control: max-age=172800
x-proxy-cache: HIT

GET
H/1.1

200
OK

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=712fd8cf7060e96d

35 B
351 B

48ms
14ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=712fd8cf7060e96d
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: HTTP/1.1
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Thu, 14 Apr 2022 17:32:05 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=712fd8cf7060e96d
Date: Thu, 14 Apr 2022 17:32:05 GMT
Server: VertaMedia 1.0
Etag: 712fd8cf7060e96d
Content-Length: 0

GET match
a4p.adpartner.pro/ssp/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
707 B 76ms
27ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:05 GMT
X-Proxy-Origin: 146.70.117.69; 146.70.117.69; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bc8109ff-943e-4567-b67f-9a10d14a58a5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 580 B
991 B 76ms
28ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

981672a5e4651f68a1f33ccb5a02e3f53460b851b8d38a143e96d5d390b2c162

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 14 Apr 2022 17:32:05 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 146.70.117.69; 146.70.117.69; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 069cebfb-d68a-4ad4-820f-76772fa1bebd
Server: nginx/1.21.3
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 99 B
359 B 20ms
20ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 9b8fdb55750c6931cb3eff4f06daa56366e40426d7727f165ed41bb52ad4335f

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://english.nv.ua
Date: Thu, 14 Apr 2022 17:32:04 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive
Content-Length: 99
Content-Type: application/json; charset=UTF-8

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
503 B 54ms
7ms XHR
text/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 14 Apr 2022 17:32:05 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://english.nv.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 231ms
120ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://english.nv.ua
date: Thu, 14 Apr 2022 17:32:04 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 19 B
707 B 59ms
17ms XHR
application/json 185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:05 GMT
X-Proxy-Origin: 146.70.117.69; 146.70.117.69; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c72603e0-ca5e-4235-9f60-ff16fe8db3c2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 19
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
adtelligent-d.openx.net/w/1.0/ 73 B
378 B 88ms
46ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adtelligent-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=aaf99005-e49a-41e8-876c-0dbefb631afe%2Ce32d15e5-ef8e-4db5-8f75-2217b9c74a27%2C08e6ff20-d2d9-4443-8147-dc38c0c5dfae%2C46457c20-b315-4874-9425-4493ae8029f4%2Cfa7b290b-708f-400e-8298-c832665e12ad&nocache=1649957525143&pubcid=c66bdd0c-2e6d-4a42-a385-0a4388fd3d32&schain=1.0%2C1!adtelligent.com%2C285119%2C1%2C%2C%2C&aus=240x400%2C240x350%2C300x600%2C240x600%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C728x90%2C750x100%2C750x200%2C810x30%2C810x60%7C300x250%2C336x280%2C468x60%2C480x320%2C600x300%2C600x350%2C728x90%2C728x480&divids=div-gpt-ad-1536739319652-0%2Cdiv-gpt-ad-1536828443963-health5%2Cdiv-gpt-ad-1536828443963-health15%2Cdiv-gpt-ad-1536826412405-article_content-0%2Cdiv-gpt-ad-1564399246752-0&aucs=%2C%2C%2C%2C&auid=541177132%2C541177132%2C541177132%2C541177132%2C541177132
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 0fd708301cca4705f88f0b89dd8efa7e98515857023012413fea964286f6c5e7

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:05 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://english.nv.ua
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 152ms
56ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1584412&size_id=15&alt_size_ids=10%2C17&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c66bdd0c-2e6d-4a42-a385-0a4388fd3d32%5E1&rf=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=aaf99005-e49a-41e8-876c-0dbefb631afe&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.059757366520338806
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1a06f0bcea8f092f4509a070717a766aec111106cb2d97513406564d1126c2eb

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 195ms
100ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1584412&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c66bdd0c-2e6d-4a42-a385-0a4388fd3d32%5E1&rf=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=e32d15e5-ef8e-4db5-8f75-2217b9c74a27&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.24936182287987396
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 817d9335590ca0885bf13ef39d8bde5aca244d665eb3c311408529edcff950ce

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
1 KB 150ms
55ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1584412&size_id=15&alt_size_ids=10&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c66bdd0c-2e6d-4a42-a385-0a4388fd3d32%5E1&rf=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=08e6ff20-d2d9-4443-8147-dc38c0c5dfae&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9745253072470259
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c565d6a34aa90e196a4f50b1ee73a5bd6722666813e9681607eb608fdc3ec88c

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 239 B
1 KB 159ms
64ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1584412&size_id=2&alt_size_ids=39%2C40&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c66bdd0c-2e6d-4a42-a385-0a4388fd3d32%5E1&rf=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=46457c20-b315-4874-9425-4493ae8029f4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4484392052415467
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bcbcd83de6b8f6891406ac45df0ee6e6c3352932104eb4559eb2ed8c675fc35f

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 264 B
1 KB 151ms
56ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12398&site_id=48254&zone_id=1584412&size_id=15&alt_size_ids=2%2C1%2C16%2C101%2C195&rp_schain=1.0,1!luponmedia.com,1994122,1,,,&eid_pubcid.org=c66bdd0c-2e6d-4a42-a385-0a4388fd3d32%5E1&rf=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=fa7b290b-708f-400e-8298-c832665e12ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.14941521639186117
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 8f686801f351cbffd4cd174b7e6baaf6d7f250561b3843ae227b3e5ea9c2b077

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 264
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 197ms
97ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://english.nv.ua
date: Thu, 14 Apr 2022 17:32:05 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
175 B 69ms
26ms XHR
text/plain 185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://english.nv.ua
date: Thu, 14 Apr 2022 17:32:05 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 94 B
744 B 126ms
85ms XHR
application/json 216.52.2.48
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.7.0-pre
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: bd1286dafec46757624ab86823a12c8b4d4ad5fb5c6661cbd05ad7b1758a4aee

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 14 Apr 2022 17:32:05 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://english.nv.ua
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap5ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 99

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 37 B
330 B 104ms
32ms XHR
application/json 23.32.59.34
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%227458e7f045e81ba%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.7.0-pre%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22756920de8b26fb9%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A240%2C%22h%22%3A400%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22240x400%22%7D%7D%2C%7B%22w%22%3A240%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22240x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%227964bee27ef325b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2281efbdf363419b8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22832c10f6bf63dd7%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A750%2C%22h%22%3A200%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22750x200%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22855adedf4bbfd5%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22336x280%22%7D%7D%2C%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22468x60%22%7D%7D%2C%7B%22w%22%3A480%2C%22h%22%3A320%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22480x320%22%7D%7D%2C%7B%22w%22%3A600%2C%22h%22%3A300%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22600x300%22%7D%7D%2C%7B%22w%22%3A600%2C%22h%22%3A350%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22600x350%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A480%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22728x480%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22356568%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22c66bdd0c-2e6d-4a42-a385-0a4388fd3d32%22%7D%5D%7D%5D%7D%7D
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.32.59.34 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-32-59-34.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a2770e1666e4fd3a32cf87e44f5254a09a754e5bdf317218e8706fc65faefcb4

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:05 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[146.70.117.69], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://english.nv.ua
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 37
x-ak-client-geo: 12
expires: Thu, 14 Apr 2022 17:32:05 GMT

POST
H/1.1 200
OK / Show response
ghb1.adtelligent.com/v2/auction/ 4 KB
757 B 220ms
124ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb1.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: 45ab9e7b0e794c83734cabbf56eed01300e4d2829837cacf44dfbd959b819a2a

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 14 Apr 2022 17:32:04 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://english.nv.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 472

POST
H/1.1 200
OK / Show response
ghb2.adtelligent.com/v2/auction/ 4 KB
749 B 111ms
37ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb2.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e8c725b6914acb76ce4adce73ee529a18b7864412656254da86db0aeeca6b2aa

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 14 Apr 2022 17:32:04 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://english.nv.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 464

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ 2 KB
643 B 48ms
34ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: a8f20f756294872f4cd2f84e721c1047cfb6ab40611da0bc3e5a1a2c50a333c2

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 14 Apr 2022 17:32:04 GMT
Content-Encoding: gzip
Server: Adtelligent
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://english.nv.ua
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 358

POST
H2 204 openrtb Show response
adx.adform.net/adx/ 0
408 B 88ms
46ms XHR
text/plain 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:05 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://english.nv.ua
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
215 B 61ms
19ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.7.0-pre&cb=98136812053

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Apr 2022 17:32:04 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://english.nv.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 i Show response
ads.adnuntius.delivery/ 20 KB
2 KB 249ms
173ms XHR
application/json 2606:4700:3036::ac43:c9e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adnuntius.delivery/i?tzo=0&format=json
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:c9e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df7fff0720ee9f3d1c3d2f1abb97385bf79b99949a5912bcf692dee6da59716b

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 14 Apr 2022 17:32:05 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-adn-diagnostic-request-id: b2f63ea6e6b4da15e894203f9314ecb4
x-adn-backend-server-id: sfd3bb79
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1646
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wigr%2BXns0vL5l41YyHpierhRHzWGP%2BGm1LePsIf74vuyPHGIb8TVNFrAb76h4yoxcLmAYeuYZG87EJH4WsSqF%2B0uM%2BOCIhBjyzI7ViEuGgkyNUhS7DhF8ULeMejqLvF6NlRM7lnXNAHXxbgCdE22XfG3jN%2Br"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://english.nv.ua
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 6fbe2dc4eb680fee-MRS
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 192ms
90ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10%2C17&eid_pubcid.org=c66bdd0c-2e6d-4a42-a385-0a4388fd3d32%5E1&rf=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=aaf99005-e49a-41e8-876c-0dbefb631afe&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4329808052227242
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: bfabce7939c2e54fe677105273157300c7cc7d0ece61b02df942a7d31c66cc34

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 198ms
71ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&eid_pubcid.org=c66bdd0c-2e6d-4a42-a385-0a4388fd3d32%5E1&rf=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=e32d15e5-ef8e-4db5-8f75-2217b9c74a27&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6869336637747383
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 50cd98c691a301517044b441f50d0650cf2d0955717749c276efdd5089f01d7b

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 261 B
1 KB 220ms
96ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=10&eid_pubcid.org=c66bdd0c-2e6d-4a42-a385-0a4388fd3d32%5E1&rf=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=08e6ff20-d2d9-4443-8147-dc38c0c5dfae&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.5460504641607726
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: c06a5c912be41b7ba022a2e4635ad1fe54cddf04d7717448f3077d5b4840dcf4

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 261
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
1 KB 216ms
92ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=2&alt_size_ids=39%2C40&eid_pubcid.org=c66bdd0c-2e6d-4a42-a385-0a4388fd3d32%5E1&rf=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=46457c20-b315-4874-9425-4493ae8029f4&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4044441299531647
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 81fb0be281dd4a4c81b2780d5ebb874244029fd2494c66c3be03630b30f4d05a

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 269 B
1 KB 220ms
90ms XHR
application/json 2602:803:c003:200::31
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=2126352&size_id=15&alt_size_ids=2%2C1%2C16%2C101%2C195&eid_pubcid.org=c66bdd0c-2e6d-4a42-a385-0a4388fd3d32%5E1&rf=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&tk_flint=pbjs_lite_v6.7.0-pre&x_source.tid=fa7b290b-708f-400e-8298-c832665e12ad&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.7799620832879446
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 96cd8db302b43bec12e41f290345950790ec22bde5c9c843cbc0d3c129b0e87d

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:05 GMT
Server: nginx/1.21.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://english.nv.ua
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 269
Expires: Wed, 17 Sep 1975 21:32:10 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 105ms
21ms Preflight 37.157.4.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://english.nv.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://english.nv.ua
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Thu, 14 Apr 2022 17:32:05 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 spinner.svg
english.nv.ua/images/ 351 B
355 B 40ms
36ms Image
image/svg+xml 2606:4700:10::6816:3749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://english.nv.ua/images/spinner.svg
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/css/article.css?4.17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3749 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ac5a55227dbb54e7d3dcb2f172ad9aa0088b749ae04b7cd9ccad8ab4752c67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/css/article.css?4.17
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:05 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 16 Mar 2020 21:45:05 GMT
server: cloudflare
age: 3475225
etag: W/"5e6ff361-15f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31557600
cf-ray: 6fbe2dc4893f3744-MXP
expires: Mon, 06 Mar 2023 12:11:40 GMT

GET
H2 200 integrator.js Show response
adservice.google.ro/adsid/ 107 B
792 B 60ms
17ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ro/adsid/integrator.js?domain=english.nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 17:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=english.nv.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 17:32:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 266 KB
55 KB 489ms
488ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4258856417947093&correlator=627618550762753&eid=31063378%2C31067089%2C31065401&output=ldjh&gdfp_req=1&vrg=2022041101&ptt=17&impl=fifs&iu_parts=271925883%2Cnew_nv_premium%2Cnew_nv_informer%2Cnew_nv_top%2Cnew_nv_under_article&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=240x400%7C240x350%7C300x600%7C240x600%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250%2C728x90%7C750x100%7C750x200%7C810x30%7C810x60%2C300x250%7C336x280%7C468x60%7C480x320%7C600x300%7C600x350%7C728x90%7C728x480&ifi=1&adks=1542901095%2C2366793849%2C142852489%2C853575096%2C2779769419&sfv=1-0-38&ecs=20220414&fsapi=false&prev_scp=article%3D50233871%26lang%3Den%26razdel%3D237%26section%3D237%26url%3Dhttps%253A%252F%252Fenglish.nv.ua%252Fnation%252Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html%26newnv%3D1%26only_selfpromo%3D0%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Carticle%3D50233871%26lang%3Den%26razdel%3D237%26section%3D237%26url%3Dhttps%253A%252F%252Fenglish.nv.ua%252Fnation%252Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html%26newnv%3D1%26only_selfpromo%3D0%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Carticle%3D50233871%26lang%3Den%26razdel%3D237%26section%3D237%26url%3Dhttps%253A%252F%252Fenglish.nv.ua%252Fnation%252Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html%26newnv%3D1%26only_selfpromo%3D0%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Carticle%3D50233871%26lang%3Den%26razdel%3D237%26section%3D237%26url%3Dhttps%253A%252F%252Fenglish.nv.ua%252Fnation%252Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html%26newnv%3D1%26only_selfpromo%3D0%26hb_rfBid%3D0%26excl_cat%3DPREPOST%7Carticle%3D50233871%26lang%3Den%26razdel%3D237%26section%3D237%26url%3Dhttps%253A%252F%252Fenglish.nv.ua%252Fnation%252Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html%26newnv%3D1%26only_selfpromo%3D0%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1649957525457&lmt=1649954172&dlt=1649957524074&idt=904&biw=1600&bih=1200&adxs=1151%2C1117%2C1117%2C279%2C493&adys=134%2C1322%2C2261%2C175%2C2515&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fenglish.nv.ua%2Fnation%2Fanonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html&frm=20&vis=1&scr_x=0&scr_y=0&psz=306x600%7C274x-1%7C274x-1%7C852x90%7C852x0&msz=306x600%7C300x-1%7C300x-1%7C852x90%7C300x0&fws=0%2C132%2C132%2C0%2C128&ohw=0%2C306%2C306%2C0%2C0&ga_vid=1814978448.1649957525&ga_sid=1649957525&ga_hid=832744887&ga_fc=true&btvi=0%7C1%7C2%7C0%7C3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

95a0e658fd10ff677106d2b96727957dd231d94a06e9bfc912615843521d8276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56479
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://english.nv.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E474 6 KB
4 KB 98ms
50ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 17:32:05 GMT
expires: Fri, 14 Apr 2023 17:32:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame B642 222 KB
62 KB 73ms
4ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame B642 16 KB
6 KB 93ms
25ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame B642 96 KB
29 KB 93ms
25ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame B642 5 KB
2 KB 100ms
32ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame B642 42 KB
13 KB 101ms
32ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B642 6 KB
1 KB 40ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 17:21:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Apr 2022 17:32:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Apr 2022 17:32:06 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame C6F0 222 KB
61 KB 80ms
16ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame C6F0 16 KB
6 KB 36ms
33ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame C6F0 96 KB
29 KB 37ms
34ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame C6F0 5 KB
2 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame C6F0 42 KB
13 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C6F0 6 KB
743 B 37ms
15ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 14 Apr 2022 17:24:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 14 Apr 2022 17:32:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 14 Apr 2022 17:32:06 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 0A31 222 KB
61 KB 79ms
19ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 0A31 16 KB
6 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 0A31 96 KB
29 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 0A31 5 KB
2 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 0A31 42 KB
13 KB 48ms
45ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 10325
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Thu, 14 Apr 2022 14:40:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 14 Apr 2023 14:40:01 GMT

GET
DATA 200
OK truncated
/ Frame 0A31 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4dd2dad15b5ff4f376070d3d6c66b47c9b87f99ab4c6f21882980f61c9036b32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 12DB 6 KB
3 KB 27ms
8ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 17:32:05 GMT
expires: Fri, 14 Apr 2023 17:32:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B642 3 KB
3 KB 57ms
13ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 07:29:49 GMT
x-content-type-options: nosniff
server: cafe
age: 36137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Fri, 15 Apr 2022 07:29:49 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B642 344 B
806 B 49ms
5ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 15 Apr 2022 16:59:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B642 0
0 40ms
22ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTv-EBbYNWCQRX6zVFUXL_qoqu8mhz_Bx5LKORVhU-8PUMEuYVGDuoX6gOb3xRSSIL-t1w3-2eHdy97mhM015ksm__mDg
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame B642 0
0 65ms
64ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cz0b7lVpYYpvCII6V3gP19qf4C6iQ3OBmyfLZuNcO6ZqA4PsqEAEg9PnnY2CV4pCCoAegAYW-pvMDyAEJqQJyXUZFMxOyPuACAKgDAcgDCqoEpAJP0CLbFZvXxwLx1GOrwXcOJ_FLUqfq1e107rdNV30IqVAiNQIvmF2hNXXO1DHWg_682BWh8qrM3j5vfuEcBcnZpYWo-ZYb8Qw6ZKW2VXEZldNqKixoj32C3T6PsnLKegSd6i8FEyHfuE9j11zIXpTR27ofNlfSj9VYTmCJ29VpmfN4V3hxaNlyPUHQAp_VkY5-KQ2NJGL-pDvMFtYNOBo5Ewr5JiIcH78dD2ud6FMV4hjFpT4-v6LASaL1XDPU0ZoBCDZe2CVrjbhh0lw2umE2nko51_LA1ykRbt1aNHQ0kmSMl0TiYXSpueYOKPgtSBQs6hK0GMu0CiMVQsyBfFjgyv6AhZ_5T7Z9RpmJHLfZ6aD8wLorFVUZAUaFlsf7cS6u78FZwASjoZyW-gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH48HZDKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEJPLBtIICQiI4YAQEAEYHYAKA8gLAdgTDYgUBNAVAYAXAbIXHgocCAASFHB1Yi02NzQyNTI4OTg5NjgwNTY4GIObGg&sigh=n4blZinmY0A&uach_m=[UACH]&template_id=484
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C6F0 3 KB
3 KB 57ms
14ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 07:29:49 GMT
x-content-type-options: nosniff
server: cafe
age: 36137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Fri, 15 Apr 2022 07:29:49 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C6F0 344 B
402 B 48ms
5ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 15 Apr 2022 16:59:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C6F0 0
0 38ms
22ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOwHFHrkKhhMQsu-BXylyKGaMge9KAc8Xa-uES1_XMzwv0CN4MrQtONGlzjb_Kt9mAQkvTH8g0XkucqWNwYhTF83Lxvw
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C6F0 0
0 62ms
61ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CZPUElVpYYpzCII6V3gP19qf4C6iQ3OBmyfLZuNcO6ZqA4PsqEAEg9PnnY2CV4pCCoAegAYW-pvMDyAEJqQJyXUZFMxOyPuACAKgDAcgDCqoEpwJP0G67E38xbzHpOU-DAlWTH_umg8bOudHUUf8liB5-ouCvCGRQSkHg7S5Yupdc3yHRH5x3Z92n6Q1Uh5IscAPCyc_cnn6A7WylBCPZdOy2dQcA_29NG4asOaC7w4RlDIn8XlaOdzZBa2bZ0Myd6sDIPMPXX8aV_WmvB2TEd7SprwNvVOYf4CnLsQdoZUqSPMu4WURPfG8g37bTI-mrT8-y3_1ULqUaW3K1uY0CKSAA5BFtw-NKppk24CRuUhhbh8YDFuMzt6cEQul_UWEq6lZKvcnZtXB3AbffQujJVvn1GjvTkuLui9ufnRe7EAySscFVvA7-_5jFYtFp7HPfikqWBcfqrCGomX-LkG7tj_TW3FfpXaU577V7ulI9W96yvsd7nkHwBKjFwASjoZyW-gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH48HZDKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENioBdIICQiI4YAQEAEYHYAKA8gLAdgTDYgUBNAVAYAXAbIXHgocCAASFHB1Yi02NzQyNTI4OTg5NjgwNTY4GIObGg&sigh=fuXJyYmJQwY&uach_m=[UACH]&template_id=484
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 9896514671450073371
tpc.googlesyndication.com/simgad/ Frame 0A31 25 KB
25 KB 48ms
6ms Image
image/gif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9896514671450073371

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

730fa969cf7402b26778d3e0b24149f1a439f0e8ac5863ae518d069e383b167b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:19:36 GMT
x-content-type-options: nosniff
age: 447150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25559
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 14:20:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Apr 2023 13:19:36 GMT

GET
H2 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0A31 3 KB
3 KB 13ms
10ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 07:29:49 GMT
x-content-type-options: nosniff
server: cafe
age: 36137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Fri, 15 Apr 2022 07:29:49 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0A31 344 B
402 B 14ms
11ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 15 Apr 2022 16:59:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0A31 0
0 37ms
21ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyVvbIH-6vdL1rE3R-HYhuGMt0mpNGMZeUgyIIj7JNDBbBMuUUhrAS9K4R_KGIDYJUXFIN14e5BTRldg1af34_vhlujw
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0A31 0
0 48ms
48ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CkoItlVpYYp3CII6V3gP19qf4C7j0kZBpz7W-yukPloLNhYgWEAEg9PnnY2CV4pCCoAfIAQOpAnJdRkUzE7I-4AIAqAMByAMIqgSlAk_Q6huy6BSGofA6pznXXcVR7qKq77Q9ZWdnXIT5v7t2gm6aywzdJgTGd3qRM7gN6usNt3UyyYy6ZUjTa6tzj__OcF_u2YazF3qjqxWC0_noZ6hVY9Izm1nPl18pgSlHQOS9DCHseS9U7jMbNqgSFz39sy9N9mN_IFdpHT3vgdYpW5un2gYPnM3jAdPjomz-7jwjDP3d2pGwCMjE9lRd-tk6-aMFfgcwXAbfhMPE23x0YFSqZMYdDy2D3iW17Z0b6lTyoElDGW1zgUCS1XcI_KYL87pvWIEDFID0x_knEkdM-231fEcHQurwtrvh_hpgKLUVcyaKOSAAHAK-rV0yHJ_xXcPOYcvpp0IgzVidl29ZWPEQYm5DRlUQso6yRIafmFiCjQD7wASbp63aigTgBAGSBQQIBBgBkgUECAUYBKAGA4AH1qvungOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBD17gXSCAkIiOGAEBABGB2ACgPICwHYEw3QFQGAFwGyFx4KHAgAEhRwdWItNjc0MjUyODk4OTY4MDU2OBiDmxo&sigh=uYbxnY28qdM&uach_m=[UACH]
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 container.html Show response
9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3316 6 KB
3 KB 17ms
11ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041101.js?cb=31067089

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://english.nv.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 17:32:05 GMT
expires: Fri, 14 Apr 2023 17:32:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2076313506083323656
tpc.googlesyndication.com/simgad/13030886811247104819/ Frame B642 24 KB
24 KB 11ms
11ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13030886811247104819/2076313506083323656

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fe652a6463671670e2bd7a659a8b9575d7f545707aa0bfbb4e177fdd7a4f699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:23:36 GMT
x-content-type-options: nosniff
age: 468510
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24755
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 09:12:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Apr 2023 07:23:36 GMT

GET
DATA 200
OK truncated
/ Frame B642 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cac4449c70fb29ee5d4ac103f3448f59bbe47c0bd79e65cf5bb37c5f7ac0551f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B642 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2433c8e0fd733cadec4a32d3415273ba218c11f3a6a6856d56b756bcbe96e9ef

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B642 15 KB
16 KB 59ms
13ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 84947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 17:56:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame B642 15 KB
16 KB 52ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 84814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 17:58:32 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/13030886811247104819/ Frame C6F0 24 KB
24 KB 34ms
7ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13030886811247104819/2076313506083323656

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fe652a6463671670e2bd7a659a8b9575d7f545707aa0bfbb4e177fdd7a4f699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:23:36 GMT
x-content-type-options: nosniff
age: 468510
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24755
x-xss-protection: 0
last-modified: Thu, 29 Jul 2021 09:12:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Apr 2023 07:23:36 GMT

GET
DATA 200
OK truncated
/ Frame C6F0 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cac4449c70fb29ee5d4ac103f3448f59bbe47c0bd79e65cf5bb37c5f7ac0551f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C6F0 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a928d72c856f424de504fbef6e433e660b3424c502c90c4818b402d057730f80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame C6F0 15 KB
16 KB 37ms
15ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 84947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 17:56:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame C6F0 15 KB
15 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://english.nv.ua
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 84814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 13 Apr 2023 17:58:32 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B2A9 624 B
504 B 89ms
82ms Document
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGMH50rUBMAE&v=APEucNXyUQzo2S-px_pbQEZ08E3IRygSHNthe4aVAF1IZxHec2Xq5YFXE0PdVaOLkQmLDgDkC5gjtAmsjT5fVE5A0LucK4kNkGVvLz3iW81VLvvxD2En9mPXm1xHOPP_Z3UQ9YfqQY5iFVhsku688YbJqxZKGaZKSVa05MlTy5I2NKZr4AIOSKc

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 17:32:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 12DB 81 KB
33 KB 92ms
84ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdVTii0SmO7GB3U-0BjO06SW974ZHaMIxvQEcCWaVFuPo6e-hDBA--La4o50EguStWIDTB5RgEQADCUq8BRcsQnLIeN3WEBLsBqadYv7--qOA8b8x2wFMbO1IXOAQbFr362OZ0VD6yQdHQEHmAuvMPFx0aQA&dbm_d=AKAmf-DIHPbhcpjvFam5eLGCkJeH6ufLChQALfK9EnzBVwn2W85SmDymBdnOBZU7eiav9oFjBsTPmvPXYiIOHWW4NKz6WO0osmovYQT62_UjHCm3ddlQ4sAbw2nX1leStwdDogR0WWPbJKRqj4z0_nOUo-TkvF-rU5rSh4J30I-cYT9-e9BuX4aV6HMxUuOGv4hGIUZ6_SDCxftiKdKEDLS8Dkfni9lRWVJmotl3BKtgHJUSzZY7m1Yo_DQmniuFicokwhcqhGNh8QvLEpVwyrLMJ1YOA2NU2qyodMBcI5nZKCzi5mrl94DKF4Z-tPFOJ98ngJPxuTl_gj-YLXpwhv0n_x69ky1nzXhVYUtG3RsYBDwGOM8k0RwDtrqZD_vJvO6IlvywO9w0xqmKHbqEzANAk8kpwKFhGkLGFmZq_p72I0NxQTyUxkGuRejqRseGwdYC6PSaCo2Y37HssqmC9LloGAYTwU-a_k-Tp_2V5Y3g9TiKzgeI14RiAkgYrl1Zg5XjMBxFjdctSF2B2xZTTWw_-VaMG5OGDrXuLOTWednH-f3qVnaJTJUaGvxYSJuoQNcX-aKtIxXP8AQFf0MRxtITBmcSqwgQK0GRKoWEEIZlDfyMDmWRhQMdy2dkU4xBHO_ZgEQaRTO6iH-p7Dz0Swr3POWaxhtwosQ-VM0p0HVo6YG77Mt7l0Lcp8GPMePZ0bJuzNfedwPaQUG5wN7MpC2sG9Sl_T4LHynaxwKDg3WJbs53180rSWGRMR-YxU4-2f1Mz8fXz_BZp7tvHgkWERyocJNcw-frqltq3dY8KBV9OYKs_68Bu3exGSL0Yss1oaGJMIM-deFP5It8QQ5fAOg0wMT1nbz8v1pf8vj52ToDjWIaGAppd8UX77jelzdbdTbtvkiTqNx9Ni1HuCC2aOWFDCyzPsLR-s6j7RJagxWa-wY_ZKGOy2xfefTOKbHpcGajRiIAVt7yFwvhqSqCUUT7_AfLhW6vn4kAHu06DgYSjBfBVL4kCGXQznOOBVHfAidML6yNIR0FBylX0jU0szCpTZf9h2xaby7CnIT182jefw0Hqu8jW5LZqaNSTyZFoQ832nIoD7wH042XObiv8j8iuszFlLOr62U5bteTAJTr83N_eD_l2Y3vKLp72Ma4Pe5HMgUKl5yW6HNf2AWu8_ddGlo839bNYMlzBDSg0MOAf04-DROa7MImfFmF5U3xHld4OD-lEnLRQ2rZnOl2B4IdkXKndsyi1tgbeBl-kDu8hyAsdHe7zatxDIjX39jL3yOcC_AIhfVSRAeRLILFm63rJ5hTqa255qw4_yV51G9eGEcxamBO6mkXKRmO5v-FNeKcC1gBVbDzZpyDHgtzhdjwH-Smn08kWiXyv2VHwhOSV5ShR-EG2Z6iGZQGTsV411T0EMol4hr4ZGX7xYoZS-x34khLFEW5PV43BGTTiZG4uMkJJmja5bM-xZXvaxZyee7WOc97hQJs3QMmT4RoU3_AsSZQIy7OLx8jMpC8ZLgigbvtCRWRIUePrM43g4ZiCRGfE2dhgMP9zb5Nf1C_OE4ZBRnM8qHsFEsnJOCW_GJRXItz8M8OgMrQdh87bkhA3d33-Vbg1vM4Zb942wpUiF4Xpns3MrDPBbDmJNCwD6ZjtgWAtjZW06JhgMbZoT86DyPBwMPD48QnVM9cLolDFPEM8cw3p0xQdw7V09y8ctdvWa_f0JKRtPl50rc3cSd_Y8YeNJU2sxtKFUZqNyb7OHeAi7NxvV8QycKPNN_TcQrxOBa2G9mrqW4eVSzMSareeEfL00DGkyh-wStx9LXHuqSp8QJyrUMX6p2DicIK7OYJdHDckG9A5dzPkwnQRgGkMet2jDbvgyO_g505eRuMEe6Qcy2mvIur4ySC29QuB74D0s1x7ILMouz0uyyjjSoSJHo9j7aDjZs1KWJGle3sxlnizw_MczkxX_MHMY6zVVFenULfvJ30_X5HKlJuBgFDr6RNLYCMulBVxKtwjiaz8TZpWWX-Q0-1TKmdY-gpyojRnSGumtRvg7vxts1aP7AAkLRnqvh0AW5DAYHysIhBEyRmva8UY9lJxUQNZqlSx-wKZI0aOaks838xDjk7BxhTevAVLvMRqyPMDjIoOxuJGili0RxUQkXVTwqL0VMS6FDODbrBBf-qT-21CQMmxXR628b6xMiYvi7ffahs40a1oYgUWbTW6e5slTvkNb-UXDo5MvednFDxSlzvAtbIopsG4J-OXHZ7qMbix-9quvQVOmxEw7TYU3iWiAEHVXokpWQl7oIhf2RaT_Wn1IfFB-qDsij1t_NbKe6p2DN0xHRM3IRnI-G3QxfmyOUO2WyBhub3ZML8omWuiP2AbKiNj3S2Nc48evYa16A5oo0FaBkHXEY1tW0SEX4qiDG5RkLh7EfPUzMI25Cfy55OG5ZMfEG2Oo6izHakSkHZYDB9HDwwPb6kw6UvwoIc0Hngph2bHXNcgkpiT14yn9syWGgjUg67jANabS28LUVNG254wLsgjt4rBro6NuhR4i9ndv-kUlEp8E399Ja8ucinTY4YSjHb-CRpUC10lDKHcBeNRiEnVxtyQfXAbAJaDwdJtVaABcn1NmfBUYOsjwyGKDDeCUP1-xtU9OHAeNTliqYHFDWRm51QglnXV5OVWDtvpwc2PZNqocosOfjCj29oV5XaYP23xfB0vWkSjiWfBLrl3BnwX2y1szd_U0etB8YvQ0b63oCXj17OKwoiLegW6rz9PLLkwymejkIDA9HP5AdiLwj_vHPQZQGsFc5D6LBb6mwFGE7rr_cJTRagMHe6ZNat13Z6tzyGhgte391VBezOY5FEPmomlW7T9vn5qmk_d9RN8CeGnu_5P2Y9keghzHsshwyR5cyKTJj87C1fn2vTAqunDMXlzkfBH6jLmOe98nQldHFnggFs5kl8OzZCWUy9Th6zFvfxESPko5gpsL2QkFcyYpOnyXoDtx3UcdsjVFZd1FGNXUg2dyetTB8YN7DCzHpH2nxH01iUv39EbzmVBeChNld_wiOM6JcCNWWCfhEuHn37E4eCrN0030chqMHoQKks4evoAmT19ZdUEKB2QlBV3FbBMR3MGRi7yITc3ZJbae8uB4E5zWAegVlv3Xnm90UgDRs9fqztVerkxnlLezrW9vFO6YZJOgLKYGUPNMeEdVUTo0hZfzv7EUUuC8sUi_ZEpnEHBGk73IDTCuXW3HjVfo6E8dyysnECiB_huiwTM37KToHcVw8T30JP35bELYaJ_Xx9Ou4VuuYlr553pzlHlBtiiVbL3b0G4O5t_tlr2QjS9eDwLaIkzhHxRMtorYiGr6A4xPOrRcysAbHI6rEO17Hw6_Hi3hyE0XtseNzM6krNWATJTHqmsn8&cid=CAASJ-RoT05c40Uy7SQ4rr9gWCjq0kmp0Nstg-OwUWjnW0QB0xlMmq2OuQ&rfl=1%2Chttps%253A%252F%252Fenglish.nv.ua%252F%240

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

bc8aff4a2e208b42ac47738dc093dd26aebb290648263e59b0674d40b64296d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33705
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 12DB 42 B
63 B 72ms
55ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B6FI07NvzCFywAKoJUilXnXSbJ9JY_h4pOfmRh7oPvaL37AybTfKI07MbAZ9B76KTYbfmE6dtLI9LIIKhwHSCpiSe2d8P8U_t5Qk5znpRfUsph1hY

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 12DB 3 KB
1 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 17:27:35 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 12DB 15 KB
6 KB 14ms
11ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 17:31:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 12DB 0
0 20ms
17ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmKid0eWURZq4zjluDQGRTiAjY76W9lEIA7e5NMPpxk_F41zw9za1r6-jz035ZWWFsvZhajgNCB041tM2xMFpNE10K8g
Requested by: Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 12DB 119 KB
37 KB 71ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 17:32:06 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
201 B 45ms
43ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/458321/hbw_master_285119_882.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: Adtelligent /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://english.nv.ua
Date: Thu, 14 Apr 2022 17:32:05 GMT
Access-Control-Allow-Credentials: true
Server: Adtelligent
Connection: Keep-Alive

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 3316 2 KB
904 B 17ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:20:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 679
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 17:20:47 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3316 0
0 51ms
49ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ChKMolVpYYp_CII6V3gP19qf4C-Poobxpj9WKiqIKq5T45rQJEAEg9PnnY2CV4pCCoAegAarE5v0DyAEJqQJyXUZFMxOyPuACAKgDAcgDywSqBK8CT9CNB-IiUEcT2JY5sidVC01DUWTMfslEipf7zS43QKFsOHFYekvJFENz-1YDwVxzPStupocnfI52COkGDVwoz-IIjSFs9zwIDLZ7cnB2fmYQ3UxEH_tYhQsQF-QT9SjR8mMaPbSoRXakc2T0MSk1IKHaiK9fZriPK5xt7DcDod8LOAb_4P8THsAl_7f-fFQY7c0J4Us0iUFoGMh6jLOWptrGznpieE8tyq9rYKGU0Nyjs_kvDOkRX97Q_CuGKPdsrwgfEm372waTW0PnOthtzAC8wReGP6DjKJLJL9WfK2eMpY47BdlckWvKQC9PyNOyyjvjeLr9h5QQOqybjb_2fhMNSa2UwiWOB2wOXwyK8B3Gtsh04xTUGA87C31FNIoBCp0lyqYRm9zgkSEvaFLAwASD_o36tQLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHvruZAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBD4hgTSCAkIiOGAEBABGB2ACgPICwHYEw2IFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItNjc0MjUyODk4OTY4MDU2OBiDmxo&sigh=1CgagafZ844&uach_m=[UACH]&template_id=494
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 3316 19 KB
8 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite_fy2019.js

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:28:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 17:28:31 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 3316 3 KB
1 KB 20ms
18ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/window_focus_fy2019.js

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:27:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 17:27:35 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/ Frame 3316 15 KB
6 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220412/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:31:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 17:31:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3316 0
0 33ms
31ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQNkZ_zqnxSN1MGfI1zXVgAPhE0pKuLjYW1pShP6hGG-LcOoeMY0kcHZqlhExvvvyD71UdWbcaN0_xV4PFhb9j0F0wX_A
Requested by: Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3316 119 KB
36 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36908
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649677559247379"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 17:32:06 GMT

GET
H2 200 fb084ba56019ecef1e967c41e75d05fd.js Show response
www.gstatic.com/mysidia/ Frame 3316 29 KB
12 KB 49ms
6ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fb084ba56019ecef1e967c41e75d05fd.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 08:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 118493
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11996
x-xss-protection: 0
last-modified: Thu, 07 Apr 2022 03:53:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 12 Jul 2022 08:37:13 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 3316 18 KB
19 KB 80ms
8ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQzvGcSGXfWusT23gCbp_6q6m3LAKoZ4Eyn7YYsnk1EoOyy5oqCbFI39G22jWQ&usqp=CAI

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e597aca92098d36c0d98b4b158b202e2e2ea10ffe3dd40d63f9eca2cf8ab95a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 19:31:04 GMT
x-content-type-options: nosniff
age: 511262
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18931
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 12:06:35 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 08 Apr 2023 19:31:04 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 3316 26 KB
27 KB 79ms
7ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQ48nkQV6RnVymhM7e_jdyO6nm0xTZQcIAsDHRFpWMIDmEjhT19Ne_wfqSh8Ew&usqp=CAI

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4532ab29489b8659e0eca2c98dde1ce135cd54d8f336c672b45537911f264883

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 10 Apr 2022 18:05:11 GMT
x-content-type-options: nosniff
age: 343615
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26807
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 02:17:08 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 10 Apr 2023 18:05:11 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 3316 48 KB
48 KB 94ms
23ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQhogWHfgv4shWOF6N8Kl7G_D5J9w7BkekcMEyqR4xSNrg7VfRUSjJhUwslhw&usqp=CAI

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc02dec243c0a7e4ed785025e97ddc81a889a1365b5c01f67ebd3ff54c21afcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:07:36 GMT
x-content-type-options: nosniff
age: 469470
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48784
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 14:02:49 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 09 Apr 2023 07:07:36 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 3316 41 KB
42 KB 80ms
7ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcSKoKeayCHdcwx_0xDn5-mcw_l_0fAsNR0LgbPNIorOtEVROQ-tcQNxHM7P0-I&usqp=CAI

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24441d61a8b1e57749f5f61f34c905b609c572e6fe1c16e4529d9005913bf28d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 08:59:55 GMT
x-content-type-options: nosniff
age: 462731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41944
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 08:55:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 09 Apr 2023 08:59:55 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 3316 35 KB
36 KB 79ms
8ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQXre4uQmCxbDlZWypFW7IpmNsXAju9sgNrfLDwrdcnMRW4hOPcZqt7DlJsrw&usqp=CAI

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d64d6521e870aa7eab0c2ff112184e43eb58e548a5f350f0a113745e17f0d57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 09:12:07 GMT
x-content-type-options: nosniff
age: 461999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35943
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 01:57:31 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 09 Apr 2023 09:12:07 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 3316 49 KB
49 KB 85ms
14ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSecA3ab42h0f0DxCztRvfBYxWxkcowOfq5Kb-rZnHOgmQAhZ86f5U6FdRHnA&usqp=CAI

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4c24f2911fe73e56dbf275f8b8d3f49582cda2db7598cc4773861c1d7a4d2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 07:35:30 GMT
x-content-type-options: nosniff
age: 467796
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50529
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 06:49:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 09 Apr 2023 07:35:30 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 3316 37 KB
37 KB 85ms
14ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRoNhr8l90ZaWszRLNaQMYLa3Uzy7Zmb7UDcCuAju_5IUFcHk1mJt2M4XUG-w&usqp=CAI

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

23bda93ef5c792e67a634eead57a3293fd6a8cd3a677f76b564ad055f9eb226d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 08 Apr 2022 07:01:53 GMT
x-content-type-options: nosniff
age: 556213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37654
x-xss-protection: 0
last-modified: Fri, 18 Feb 2022 02:05:38 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 08 Apr 2023 07:01:53 GMT

GET
H3

200

5163448701951345751
tpc.googlesyndication.com/simgad/ Frame 3316
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr94DTFRC0ARi0ATIIDeOa_CQXdxw
https://tpc.googlesyndication.com/simgad/5163448701951345751

36 KB
36 KB

8ms
8ms

Image
image/png

2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5163448701951345751

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a54967295ebeb90136d083e31207814e32378b79e85524c9315669555d07a50e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 08:18:07 GMT
x-content-type-options: nosniff
age: 33239
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37280
x-xss-protection: 0
last-modified: Fri, 14 Dec 2018 16:25:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 14 Apr 2023 08:18:07 GMT

Redirect headers

date: Thu, 14 Apr 2022 16:56:38 GMT
x-content-type-options: nosniff
server: cafe
age: 2128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/5163448701951345751
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 14 May 2022 16:56:38 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 0A31
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

60ms
59ms

Image
text/html

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html
Protocol: H3
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date: Thu, 14 Apr 2022 17:32:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B642 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 07:29:49 GMT
x-content-type-options: nosniff
server: cafe
age: 36137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Fri, 15 Apr 2022 07:29:49 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B642 344 B
368 B 9ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 15 Apr 2022 16:59:05 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C6F0 3 KB
3 KB 9ms
7ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 07:29:49 GMT
x-content-type-options: nosniff
server: cafe
age: 36137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Fri, 15 Apr 2022 07:29:49 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C6F0 344 B
368 B 10ms
9ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 15 Apr 2022 16:59:05 GMT

GET
H3 200 9896514671450073371
tpc.googlesyndication.com/simgad/ Frame 0A31 25 KB
25 KB 10ms
8ms Image
image/gif 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9896514671450073371

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

730fa969cf7402b26778d3e0b24149f1a439f0e8ac5863ae518d069e383b167b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 13:19:36 GMT
x-content-type-options: nosniff
age: 447150
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25559
x-xss-protection: 0
last-modified: Fri, 18 Mar 2022 14:20:05 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 09 Apr 2023 13:19:36 GMT

GET
H3 200 uk.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0A31 3 KB
3 KB 11ms
9ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/uk.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 07:29:49 GMT
x-content-type-options: nosniff
server: cafe
age: 36137
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14587847488922671356
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3073
x-xss-protection: 0
expires: Fri, 15 Apr 2022 07:29:49 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 0A31 344 B
368 B 11ms
9ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1981
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 15 Apr 2022 16:59:05 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 12DB 169 KB
59 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
Origin: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 11:47:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20705
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 11:47:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220412/r20110914/elements/html/ Frame 12DB 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220412/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CdVTii0SmO7GB3U-0BjO06SW974ZHaMIxvQEcCWaVFuPo6e-hDBA--La4o50EguStWIDTB5RgEQADCUq8BRcsQnLIeN3WEBLsBqadYv7--qOA8b8x2wFMbO1IXOAQbFr362OZ0VD6yQdHQEHmAuvMPFx0aQA&dbm_d=AKAmf-DIHPbhcpjvFam5eLGCkJeH6ufLChQALfK9EnzBVwn2W85SmDymBdnOBZU7eiav9oFjBsTPmvPXYiIOHWW4NKz6WO0osmovYQT62_UjHCm3ddlQ4sAbw2nX1leStwdDogR0WWPbJKRqj4z0_nOUo-TkvF-rU5rSh4J30I-cYT9-e9BuX4aV6HMxUuOGv4hGIUZ6_SDCxftiKdKEDLS8Dkfni9lRWVJmotl3BKtgHJUSzZY7m1Yo_DQmniuFicokwhcqhGNh8QvLEpVwyrLMJ1YOA2NU2qyodMBcI5nZKCzi5mrl94DKF4Z-tPFOJ98ngJPxuTl_gj-YLXpwhv0n_x69ky1nzXhVYUtG3RsYBDwGOM8k0RwDtrqZD_vJvO6IlvywO9w0xqmKHbqEzANAk8kpwKFhGkLGFmZq_p72I0NxQTyUxkGuRejqRseGwdYC6PSaCo2Y37HssqmC9LloGAYTwU-a_k-Tp_2V5Y3g9TiKzgeI14RiAkgYrl1Zg5XjMBxFjdctSF2B2xZTTWw_-VaMG5OGDrXuLOTWednH-f3qVnaJTJUaGvxYSJuoQNcX-aKtIxXP8AQFf0MRxtITBmcSqwgQK0GRKoWEEIZlDfyMDmWRhQMdy2dkU4xBHO_ZgEQaRTO6iH-p7Dz0Swr3POWaxhtwosQ-VM0p0HVo6YG77Mt7l0Lcp8GPMePZ0bJuzNfedwPaQUG5wN7MpC2sG9Sl_T4LHynaxwKDg3WJbs53180rSWGRMR-YxU4-2f1Mz8fXz_BZp7tvHgkWERyocJNcw-frqltq3dY8KBV9OYKs_68Bu3exGSL0Yss1oaGJMIM-deFP5It8QQ5fAOg0wMT1nbz8v1pf8vj52ToDjWIaGAppd8UX77jelzdbdTbtvkiTqNx9Ni1HuCC2aOWFDCyzPsLR-s6j7RJagxWa-wY_ZKGOy2xfefTOKbHpcGajRiIAVt7yFwvhqSqCUUT7_AfLhW6vn4kAHu06DgYSjBfBVL4kCGXQznOOBVHfAidML6yNIR0FBylX0jU0szCpTZf9h2xaby7CnIT182jefw0Hqu8jW5LZqaNSTyZFoQ832nIoD7wH042XObiv8j8iuszFlLOr62U5bteTAJTr83N_eD_l2Y3vKLp72Ma4Pe5HMgUKl5yW6HNf2AWu8_ddGlo839bNYMlzBDSg0MOAf04-DROa7MImfFmF5U3xHld4OD-lEnLRQ2rZnOl2B4IdkXKndsyi1tgbeBl-kDu8hyAsdHe7zatxDIjX39jL3yOcC_AIhfVSRAeRLILFm63rJ5hTqa255qw4_yV51G9eGEcxamBO6mkXKRmO5v-FNeKcC1gBVbDzZpyDHgtzhdjwH-Smn08kWiXyv2VHwhOSV5ShR-EG2Z6iGZQGTsV411T0EMol4hr4ZGX7xYoZS-x34khLFEW5PV43BGTTiZG4uMkJJmja5bM-xZXvaxZyee7WOc97hQJs3QMmT4RoU3_AsSZQIy7OLx8jMpC8ZLgigbvtCRWRIUePrM43g4ZiCRGfE2dhgMP9zb5Nf1C_OE4ZBRnM8qHsFEsnJOCW_GJRXItz8M8OgMrQdh87bkhA3d33-Vbg1vM4Zb942wpUiF4Xpns3MrDPBbDmJNCwD6ZjtgWAtjZW06JhgMbZoT86DyPBwMPD48QnVM9cLolDFPEM8cw3p0xQdw7V09y8ctdvWa_f0JKRtPl50rc3cSd_Y8YeNJU2sxtKFUZqNyb7OHeAi7NxvV8QycKPNN_TcQrxOBa2G9mrqW4eVSzMSareeEfL00DGkyh-wStx9LXHuqSp8QJyrUMX6p2DicIK7OYJdHDckG9A5dzPkwnQRgGkMet2jDbvgyO_g505eRuMEe6Qcy2mvIur4ySC29QuB74D0s1x7ILMouz0uyyjjSoSJHo9j7aDjZs1KWJGle3sxlnizw_MczkxX_MHMY6zVVFenULfvJ30_X5HKlJuBgFDr6RNLYCMulBVxKtwjiaz8TZpWWX-Q0-1TKmdY-gpyojRnSGumtRvg7vxts1aP7AAkLRnqvh0AW5DAYHysIhBEyRmva8UY9lJxUQNZqlSx-wKZI0aOaks838xDjk7BxhTevAVLvMRqyPMDjIoOxuJGili0RxUQkXVTwqL0VMS6FDODbrBBf-qT-21CQMmxXR628b6xMiYvi7ffahs40a1oYgUWbTW6e5slTvkNb-UXDo5MvednFDxSlzvAtbIopsG4J-OXHZ7qMbix-9quvQVOmxEw7TYU3iWiAEHVXokpWQl7oIhf2RaT_Wn1IfFB-qDsij1t_NbKe6p2DN0xHRM3IRnI-G3QxfmyOUO2WyBhub3ZML8omWuiP2AbKiNj3S2Nc48evYa16A5oo0FaBkHXEY1tW0SEX4qiDG5RkLh7EfPUzMI25Cfy55OG5ZMfEG2Oo6izHakSkHZYDB9HDwwPb6kw6UvwoIc0Hngph2bHXNcgkpiT14yn9syWGgjUg67jANabS28LUVNG254wLsgjt4rBro6NuhR4i9ndv-kUlEp8E399Ja8ucinTY4YSjHb-CRpUC10lDKHcBeNRiEnVxtyQfXAbAJaDwdJtVaABcn1NmfBUYOsjwyGKDDeCUP1-xtU9OHAeNTliqYHFDWRm51QglnXV5OVWDtvpwc2PZNqocosOfjCj29oV5XaYP23xfB0vWkSjiWfBLrl3BnwX2y1szd_U0etB8YvQ0b63oCXj17OKwoiLegW6rz9PLLkwymejkIDA9HP5AdiLwj_vHPQZQGsFc5D6LBb6mwFGE7rr_cJTRagMHe6ZNat13Z6tzyGhgte391VBezOY5FEPmomlW7T9vn5qmk_d9RN8CeGnu_5P2Y9keghzHsshwyR5cyKTJj87C1fn2vTAqunDMXlzkfBH6jLmOe98nQldHFnggFs5kl8OzZCWUy9Th6zFvfxESPko5gpsL2QkFcyYpOnyXoDtx3UcdsjVFZd1FGNXUg2dyetTB8YN7DCzHpH2nxH01iUv39EbzmVBeChNld_wiOM6JcCNWWCfhEuHn37E4eCrN0030chqMHoQKks4evoAmT19ZdUEKB2QlBV3FbBMR3MGRi7yITc3ZJbae8uB4E5zWAegVlv3Xnm90UgDRs9fqztVerkxnlLezrW9vFO6YZJOgLKYGUPNMeEdVUTo0hZfzv7EUUuC8sUi_ZEpnEHBGk73IDTCuXW3HjVfo6E8dyysnECiB_huiwTM37KToHcVw8T30JP35bELYaJ_Xx9Ou4VuuYlr553pzlHlBtiiVbL3b0G4O5t_tlr2QjS9eDwLaIkzhHxRMtorYiGr6A4xPOrRcysAbHI6rEO17Hw6_Hi3hyE0XtseNzM6krNWATJTHqmsn8&cid=CAASJ-RoT05c40Uy7SQ4rr9gWCjq0kmp0Nstg-OwUWjnW0QB0xlMmq2OuQ&rfl=1%2Chttps%253A%252F%252Fenglish.nv.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:31:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 17:31:33 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220412/r20110914/ Frame 12DB 25 KB
10 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220412/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:31:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Apr 2022 17:31:35 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B2A9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJHNLK_PGUYHMAUI48M-1pw&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJHNLK_PGUYHMAUI48M-1pw&google_cver=1&C=1

43 B
894 B

27ms
26ms

Image
image/gif

69.192.160.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJHNLK_PGUYHMAUI48M-1pw&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGMH50rUBMAE&v=APEucNXyUQzo2S-px_pbQEZ08E3IRygSHNthe4aVAF1IZxHec2Xq5YFXE0PdVaOLkQmLDgDkC5gjtAmsjT5fVE5A0LucK4kNkGVvLz3iW81VLvvxD2En9mPXm1xHOPP_Z3UQ9YfqQY5iFVhsku688YbJqxZKGaZKSVa05MlTy5I2NKZr4AIOSKc
Protocol: HTTP/1.1
Server: 69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-245.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 14 Apr 2022 17:32:06 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJHNLK_PGUYHMAUI48M-1pw&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Thu, 14 Apr 2022 17:32:06 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B2A9
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YlhaloU9rJzokCEHQZoP0wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJHNLK_PGUYHMAUI48M-1pw&google_cver=1

43 B
894 B

19ms
19ms

Image
image/gif

69.192.160.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJHNLK_PGUYHMAUI48M-1pw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGMH50rUBMAE&v=APEucNXyUQzo2S-px_pbQEZ08E3IRygSHNthe4aVAF1IZxHec2Xq5YFXE0PdVaOLkQmLDgDkC5gjtAmsjT5fVE5A0LucK4kNkGVvLz3iW81VLvvxD2En9mPXm1xHOPP_Z3UQ9YfqQY5iFVhsku688YbJqxZKGaZKSVa05MlTy5I2NKZr4AIOSKc
Protocol: HTTP/1.1
Server: 69.192.160.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-245.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:06 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 14 Apr 2022 17:32:06 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJHNLK_PGUYHMAUI48M-1pw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B2A9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAR2BtumG4cDqDHXcsof28Q&google_cver=1

43 B
1016 B

80ms
79ms

Image
image/gif

185.33.220.100
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAR2BtumG4cDqDHXcsof28Q&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COaAltQCEIHeluACGMH50rUBMAE&v=APEucNXyUQzo2S-px_pbQEZ08E3IRygSHNthe4aVAF1IZxHec2Xq5YFXE0PdVaOLkQmLDgDkC5gjtAmsjT5fVE5A0LucK4kNkGVvLz3iW81VLvvxD2En9mPXm1xHOPP_Z3UQ9YfqQY5iFVhsku688YbJqxZKGaZKSVa05MlTy5I2NKZr4AIOSKc

Protocol

HTTP/1.1

Server

185.33.220.100 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:06 GMT
X-Proxy-Origin: 146.70.117.69; 146.70.117.69; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 059458c8-9f35-4966-bea9-cb1151e8346a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAR2BtumG4cDqDHXcsof28Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B2A9
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxNzk4MjEwMTAyNjQ4NDM0OA%3D%3D

170 B
188 B

28ms
27ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxNzk4MjEwMTAyNjQ4NDM0OA%3D%3D

Requested by

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 14 Apr 2022 17:32:06 GMT
X-Proxy-Origin: 146.70.117.69; 146.70.117.69; 399.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 73c1a58c-fcba-4db6-8f5f-99ecd6a099f5
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjQxNzk4MjEwMTAyNjQ4NDM0OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3316 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: da31117e98880864a6d2ea2142374998d4a33c6f2b328638a101d7f48ae66cdf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 99DE 35 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 15:07:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 15:07:16 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17405966027270914048/ Frame C214 3 KB
618 B 54ms
28ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40a6fde90e5fa4d7aac669a50ca1efd481e15e6672586fb51f636fbcccf26a04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 590
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Apr 2022 17:32:06 GMT
expires: Fri, 14 Apr 2023 17:32:06 GMT
last-modified: Fri, 01 Apr 2022 15:18:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 12DB 0
306 B 84ms
52ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuoG1oEVGjP1_tz5R94_fhuQ5M7lxPPeIhzLanDfTj-vj5-niQf5Dos25EcyTgDEpgJKzSdsduWgV9ih0-OerbnliNsZa7oWBFVV1GvAmuhhWqZZ6JuJ0zohNQloSWidzBWP3iT-D4BvLWcgGIVSCb6zg2ZNc3DF2rwewfM9v_Vle2Y38qJbsWEM9eQ1KNGjfA4vBaPvf9dhQom1t_Q6Tjl8HSyPF_m3PXqImuA043Xg0kDBcnAsKetrDQ0SqEzW4gq8Dt-6UKP9O_SwJoQwllzTDhhqlrd8SCw5oro0TsLsZhShV3s5ylzLztjrKs68StE4p-fvsP0L511QWHoP_UbPVBKlqxWOCshrV7XRNh8tqjJ0-e9Y_kR46_y5o8RmraKhE4zGJ8I5gDpdKbiVGbpSLKMy2H8QVjpQhDAhx4AQoIJKhPk-RClS6PWKYyLbZbDtfNSUH20VkEGqyuZm6lafaG9ZcCKlkuVMXdFwvM92XJYbKsBsZlYUMLb6uBSO2cj_T8ubO_ujyeEbijAh0yZv-3HAIvwqefOzRxlRZkN60QWu-HUFYlKf8emhHEkI3nTVUZpCQJnEbm5ZDuk-ZryzWEW_rRPd91d4YzGmN7pPbQ6Pp6KU2sS97Yj3YZ_LhLYMyRn9wiDyVTJveVRmsb2_eG94CoZ4nR91NK1XGtUBWjw1k7vFcIhJ_jvwL--5jekZrZiQbwqC4XbAdYGPlpGF-QkNDQXVaDNf4lzHg2Pz0JJc0k6fxIoQsBF5F_Js4-qshgguWHBupnCfqLJYu424_ktnURoK4yzTMQeDYrxQWoK1Q7jr1_xl0JX3Mp5QFehCe1AGtGQW52FtkrVBMnCUQFY1RMsrDivm91mwf6y6T7jEOpi3PNPM3okedwfwiXS9I_bRWX7TOuHl-ThDZQnBn1C3IGOnacyX0j8J9eUAbu5aU7I2-Xzk23mSHnul_Fx4ttVPIV79breFyUyWApN2uMd_rZs5wXFq1ChGmL_K01yM3bHUEifL98rQkoea-jGqBhwVTaTkFCRGrfGFvmZd4g4VhG1xON67AG1VhlXodoGRwlnzsUKLTOdKjkHu7yVDkbJY9VHESBc4GXjm7Yqi5WquhONuPrY-evOtl7DGIaxrEiROKSEkaLZHTt0QNeI91PmdunapanU3jOchJbPW6LB_cXJ7hQHFiNfDboCWTPt19qd8aMbCkz8WJGfVuES_LLVKQU17uEQjwgNC8oo&sai=AMfl-YTuc0KdTg6ZlrWtnGOpNQSdCUZJpy2QcShFZUBbZRMKMyehx-NdXYTXC1_kRKnngQKTogB14RlNH4fC6cBp0sX7H6G0m-IOn13NN-U5bEalMaU61a09HPsXxi2P0VgB1Atw9ir69Xt0lExtIGS9PpRm05SHPx2_ldwtbwBgc4mOBxNmQ2pyYayjecmHUErRKXRJb5FMdGoECQO2PTrKUuv3_XoYwwY&sig=Cg0ArKJSzFyFj99iMj4iEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=132&cbvp=1&cstd=127&cisv=r20220412.88985&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Thu, 14 Apr 2022 17:32:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 12DB 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
URL: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 07:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 121625
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Apr 2023 07:45:01 GMT

GET
DATA 200
OK truncated
/ Frame 12DB 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b2485a29454172a33d676cd90c83c7c60cc4b68afed733be3f24dce69d9b4ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 style.css
s0.2mdn.net/sadbundle/17405966027270914048/ Frame C214 4 KB
1 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17405966027270914048/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

595374b4287ac35757c51ffb0e544392397afbc8f4eecc7f6f97a6bcb3b6c18d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 15:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1296
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 15:18:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 15:23:55 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame C214 118 KB
40 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 20:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77285
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Apr 2022 20:04:01 GMT

GET
H3 200 pa.js Show response
s0.2mdn.net/sadbundle/17405966027270914048/ Frame C214 4 KB
1 KB 15ms
15ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17405966027270914048/pa.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 15:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1443
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 15:18:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 15:23:55 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/17405966027270914048/ Frame C214 19 KB
3 KB 15ms
15ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10cb35a5786ba742e0e5e91c22f42ae9cafa7acdfcab479053cfa8ed8b39adf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 15:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266891
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3353
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 15:18:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 15:23:55 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 62D1 22 KB
8 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 121625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 13 Apr 2022 07:45:01 GMT
expires: Thu, 13 Apr 2023 07:45:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 12DB 0
26 B 46ms
45ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuoG1oEVGjP1_tz5R94_fhuQ5M7lxPPeIhzLanDfTj-vj5-niQf5Dos25EcyTgDEpgJKzSdsduWgV9ih0-OerbnliNsZa7oWBFVV1GvAmuhhWqZZ6JuJ0zohNQloSWidzBWP3iT-D4BvLWcgGIVSCb6zg2ZNc3DF2rwewfM9v_Vle2Y38qJbsWEM9eQ1KNGjfA4vBaPvf9dhQom1t_Q6Tjl8HSyPF_m3PXqImuA043Xg0kDBcnAsKetrDQ0SqEzW4gq8Dt-6UKP9O_SwJoQwllzTDhhqlrd8SCw5oro0TsLsZhShV3s5ylzLztjrKs68StE4p-fvsP0L511QWHoP_UbPVBKlqxWOCshrV7XRNh8tqjJ0-e9Y_kR46_y5o8RmraKhE4zGJ8I5gDpdKbiVGbpSLKMy2H8QVjpQhDAhx4AQoIJKhPk-RClS6PWKYyLbZbDtfNSUH20VkEGqyuZm6lafaG9ZcCKlkuVMXdFwvM92XJYbKsBsZlYUMLb6uBSO2cj_T8ubO_ujyeEbijAh0yZv-3HAIvwqefOzRxlRZkN60QWu-HUFYlKf8emhHEkI3nTVUZpCQJnEbm5ZDuk-ZryzWEW_rRPd91d4YzGmN7pPbQ6Pp6KU2sS97Yj3YZ_LhLYMyRn9wiDyVTJveVRmsb2_eG94CoZ4nR91NK1XGtUBWjw1k7vFcIhJ_jvwL--5jekZrZiQbwqC4XbAdYGPlpGF-QkNDQXVaDNf4lzHg2Pz0JJc0k6fxIoQsBF5F_Js4-qshgguWHBupnCfqLJYu424_ktnURoK4yzTMQeDYrxQWoK1Q7jr1_xl0JX3Mp5QFehCe1AGtGQW52FtkrVBMnCUQFY1RMsrDivm91mwf6y6T7jEOpi3PNPM3okedwfwiXS9I_bRWX7TOuHl-ThDZQnBn1C3IGOnacyX0j8J9eUAbu5aU7I2-Xzk23mSHnul_Fx4ttVPIV79breFyUyWApN2uMd_rZs5wXFq1ChGmL_K01yM3bHUEifL98rQkoea-jGqBhwVTaTkFCRGrfGFvmZd4g4VhG1xON67AG1VhlXodoGRwlnzsUKLTOdKjkHu7yVDkbJY9VHESBc4GXjm7Yqi5WquhONuPrY-evOtl7DGIaxrEiROKSEkaLZHTt0QNeI91PmdunapanU3jOchJbPW6LB_cXJ7hQHFiNfDboCWTPt19qd8aMbCkz8WJGfVuES_LLVKQU17uEQjwgNC8oo&sai=AMfl-YTuc0KdTg6ZlrWtnGOpNQSdCUZJpy2QcShFZUBbZRMKMyehx-NdXYTXC1_kRKnngQKTogB14RlNH4fC6cBp0sX7H6G0m-IOn13NN-U5bEalMaU61a09HPsXxi2P0VgB1Atw9ir69Xt0lExtIGS9PpRm05SHPx2_ldwtbwBgc4mOBxNmQ2pyYayjecmHUErRKXRJb5FMdGoECQO2PTrKUuv3_XoYwwY&sig=Cg0ArKJSzFyFj99iMj4iEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=309&vt=11&dtpt=177&dett=3&cstd=127&cisv=r20220412.88985&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 17:32:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js Show response
pagead2.googlesyndication.com/bg/ Frame 62D1 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LJGn0i2Pg8yG-wzimFR5htSsDE5oolsrGkll4HQxngw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 15:07:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13643
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 15:07:16 GMT

GET
H3 200 OpenSans-SemiBold.woff
s0.2mdn.net/sadbundle/17405966027270914048/ Frame C214 68 KB
68 KB 9ms
9ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17405966027270914048/OpenSans-SemiBold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da697e4a5654c750168d62ba00fded8a38fd33ac179d8223fbfba9b35175eff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 15:23:56 GMT
x-content-type-options: nosniff
age: 266890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69884
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 15:18:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 15:23:56 GMT

GET
H3 200 OpenSans-Regular.woff
s0.2mdn.net/sadbundle/17405966027270914048/ Frame C214 66 KB
66 KB 16ms
16ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17405966027270914048/OpenSans-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb3e750c6fab3976f69f16b4f398de3d44e8fb7d596235c25a28df5ddacf48f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 15:23:56 GMT
x-content-type-options: nosniff
age: 266890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67540
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 15:18:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 15:23:56 GMT

GET
H3 200 OpenSans-Light.woff
s0.2mdn.net/sadbundle/17405966027270914048/ Frame C214 68 KB
68 KB 14ms
14ms Font
font/woff 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17405966027270914048/OpenSans-Light.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7dc606be4585fb0adfc94553e94388529c8e1edccc0524f76472c11704bb1f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 11 Apr 2022 15:23:56 GMT
x-content-type-options: nosniff
age: 266890
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69384
x-xss-protection: 0
last-modified: Fri, 01 Apr 2022 15:18:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 15:23:56 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C214 7 KB
5 KB 40ms
20ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d6dfa7f307d3ff4c37f67320e98928d86e94f244b457e2824ec3260981a71e94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 14 Apr 2022 17:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5511
x-xss-protection: 0

GET
H3 200 35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 3 KB
3 KB 17ms
14ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:27:20 GMT
x-content-type-options: nosniff
age: 14686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3374
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:04:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 13:27:20 GMT

GET
H3 200 35747479_20220117075632800_FXEU-Banks.jpg
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 569 KB
569 KB 17ms
14ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220117075632800_FXEU-Banks.jpg

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ceb17eea54dfefffec234cd2a1e015c224c4e5c03a977e0c77371510f1e1161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 15:23:29 GMT
x-content-type-options: nosniff
age: 7717
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582990
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 15:56:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 15:23:29 GMT

GET
H3 200 35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 68 B
94 B 16ms
13ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:27:20 GMT
x-content-type-options: nosniff
age: 14686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:05:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 13:27:20 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C214 17 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Apr 2022 17:32:06 GMT

GET
H3 200 jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js Show response
pagead2.googlesyndication.com/bg/ Frame 49F3 35 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jCkUzW4MJun-Op3iOFNjK-GGKJG_m8_dpwU-GZUxlWM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 12:00:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13627
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 14 Apr 2023 12:00:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 62D1 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2-ivllpYYqmJCoGQrAS28rqIDQAAAAA4AeAEAg&bg=!ubqluv7NAAZvJBiFTyQ7ACkAdvg8WvWKB52RbBXdlCQ-yrArSimpJdE7CTPRjBKDzyzcHkPyJmJ5dgIAAAC6UgAAAANoAQeZAt0HzxA-6ydc145LKZExGgMvMrkinErJl-gt6ZYjyE_Ck1JPvxQDPFg-a6WNIIX1ClMdcQW6WfWYTVIrViwMyC7WKqhMdqctVqe3qUAP6g8Xz7_Bgj5f3z2e1y722rhq26hxSxn4wIycGHcmIkoKCyUDHXDaAQJFVDqp_XGwdv3y0tL1TEieV7_co2Ka-NBZCceCLOmcjX8NskpswY274vMbfq0ZYw042DqgCKqupldeq6OiyIVOvM-qZYll1go7tiQ1ZnnFu0ISVLywte4EGO02AVeudGbwOHVjF8nZ-71ecCLTIH9SDnkUMYBC8f82oXl5B-CPXKlE-KU9eDG37RgUdm2hSfqp2NzUgyiGam_Fop-VRqGr-1I7mY9BZjLoNWL4Fpub-gk7IjLqth6Dm_lNZIQpO1iUOtIq0B2awAHOdgVWg0dIa8qJWqYFA0b9vAw3wMmCIAbAoV2KxuLUmFJdkSmW-Ev_2zdO5d3s-Vm-_yRvv6uGUqdiQXyQRMa2s2CrLRyiZtfuzWn_hqlfpm32YbU-5k4xGxkNXeMjGnDyqch81qETXsSu10bX6Z15LKYTmsmtm_XOBu-Uva5CNFX1L3Bblp5M3TKAki2mGqjLPrjktS7hpKjptvHRWoqwrQhZp8CRiMU3PevmUXJfKnPKEsXlZiupV25aAKWC7CLf12fDzDySQWSSzrvB8tumEo8_dqT_Huaefrd8nrbqsXlUbD2bp5YCvx1CNK2st4a449pExww5SkVECFdhDdPebcuZI1LQIj2mrK6_HGiNuwUSh4QV-TiGXBxWE2m4UzeaDj3KTTtrn-b0jY5pe7qmpg-4V-dbIBzpRotzdKCNvnItOkbXkpgFANcjKr4k0cmUkdh6-0hUpbYjCaGYwNcBGs5S-66_wMdEDVV77fuKiw9HkSWLbxNlhfijd-ftPhkCkKIMLlEg0XhAVSYHZdX9Y0eEKAHgJnvaZdcVp_uK

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 84ms
40ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:07 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Apr 2022 17:32:07 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 95 KB
31 KB 81ms
38ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 17:32:07 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 12:58:03 GMT
server: nginx
etag: W/"624c3cdb-17cf9"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 15 Apr 2022 17:32:07 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame B642 42 B
64 B 43ms
43ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss25sm8hRtdG9iVLr3r9xYwYAF01hNYztKJdO6w3eiWJVvLgbLgPeg-UXoLj-_3y_LXMo3WNbLTNOg243MMIiAjbAFI7OF2QcJ2bN_rtzR_Zxgg6ItMJw&sai=AMfl-YQdOMt8Nhv8IBqTsAMsMyryF35mnwinkDQVgqmEV-07QYDFa1LkZLoBgW7hh0ntIy8I2onI8sJgJY0O2Z3O9qvLG8DegrJGlW7p3yUx4lUPlxAOJ4BrCHqyWUBFQMc&sig=Cg0ArKJSzOCZmgjkHBe0EAE&id=ampim&o=1118,134&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=402&tls=1403&g=100&h=100&tt=1403&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=0

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 12DB 42 B
64 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv0i7CrTcohzh5q1ELLF6PnjolRgm2muMFa5wCkAX_Vvi00MMCV-kI-bHgQPB9_c4yse3DeBTC5GOCf3AvNrbpddnAuP2RkKpUMnPFJbpiL2KXWid_XYg&sai=AMfl-YTgRQMwonWrauWSVCQ_5s6cX5ZKNWZMHQvILfv4QNDodpLDQcKiQFTQUBj7wBRSEx1KPhhSrbfS3oDNsrkcqLe8DPralTBnaZ5bhDSl9tPhL_XLHScc6ic4cEHHM4s&sig=Cg0ArKJSzEaE5oHHvQnEEAE&cid=CAASJ-RoT05c40Uy7SQ4rr9gWCjq0kmp0Nstg-OwUWjnW0QB0xlMmq2OuQ&id=lidar2&mcvt=1001&p=175,279,265,1007&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220411&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=853575096&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1649957526024&rpt=456&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 71ms
19ms Preflight
application/json 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fenglish.nv.ua%2F&domain=english.nv.ua&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://english.nv.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://english.nv.ua
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 14 Apr 2022 17:32:07 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1706
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fenglish.nv.ua%2F&domain=english.nv.ua&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=tipDHnxlYjlVRHpQcnJNdndNSFkvMEpncU1iVXVmQlY4OVRGR2xpcUsrWitRbTNjRm8vdkpqdjlJdjRWMXFGb3RicXE3L3Bqc3RSQ1lxcDVrbVZJSURXNzlCcisrZVVoYTUxcW4rY3dFNWlWYzl6ekVLZ05jWEgvYnFJR3...

326 B
600 B

43ms
15ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=tipDHnxlYjlVRHpQcnJNdndNSFkvMEpncU1iVXVmQlY4OVRGR2xpcUsrWitRbTNjRm8vdkpqdjlJdjRWMXFGb3RicXE3L3Bqc3RSQ1lxcDVrbVZJSURXNzlCcisrZVVoYTUxcW4rY3dFNWlWYzl6ekVLZ05jWEgvYnFJR3crTlZtWVZTK01BdVVLZVoveU1CZ2dWT1FZcEhzbmRlY2srVDNvU3JXbkN0dVVZVUxKUDdhWEdlTnhSdXY2eUJHeHFtSEtZNzd0NDhXRzlwcG9CV2ZXY2JQK3J4Z0JrQzdjakV6ekJTaUZ3Sk54ZHhrVGpzPXw&cppv=2

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

8666f967fb27ea9f87d5d00c9de023230df87c35b69f6efe633ae61a3d76d90a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://english.nv.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:07 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2017
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:08 GMT
location: https://mug.criteo.com/sid?cpp=tipDHnxlYjlVRHpQcnJNdndNSFkvMEpncU1iVXVmQlY4OVRGR2xpcUsrWitRbTNjRm8vdkpqdjlJdjRWMXFGb3RicXE3L3Bqc3RSQ1lxcDVrbVZJSURXNzlCcisrZVVoYTUxcW4rY3dFNWlWYzl6ekVLZ05jWEgvYnFJR3crTlZtWVZTK01BdVVLZVoveU1CZ2dWT1FZcEhzbmRlY2srVDNvU3JXbkN0dVVZVUxKUDdhWEdlTnhSdXY2eUJHeHFtSEtZNzd0NDhXRzlwcG9CV2ZXY2JQK3J4Z0JrQzdjakV6ekJTaUZ3Sk54ZHhrVGpzPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://english.nv.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1716
content-length: 482
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
620 B 31ms
7ms XHR
application/json 54.36.109.186
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/ex19097/hb_285119_882.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.186 , France, ASN16276 (OVH, FR),

Reverse DNS

p06.id5-sync.com

Software

Resource Hash

3c0d0d723fd862a5fb87ce0de3939857d908f193baf8620ec8e480203b7e457a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://english.nv.ua/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://english.nv.ua
Date: Thu, 14 Apr 2022 17:32:08 GMT
Access-Control-Allow-Credentials: true
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 56ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Thu, 14 Apr 2022 17:32:07 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1031
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:27:20 GMT
x-content-type-options: nosniff
age: 14688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3374
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:04:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 13:27:20 GMT

GET
H3 200 35747479_20220117075632800_FXEU-Banks.jpg
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 569 KB
569 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220117075632800_FXEU-Banks.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ceb17eea54dfefffec234cd2a1e015c224c4e5c03a977e0c77371510f1e1161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 15:23:29 GMT
x-content-type-options: nosniff
age: 7719
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582990
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 15:56:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 15:23:29 GMT

GET
H3 200 35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 68 B
94 B 10ms
9ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:27:20 GMT
x-content-type-options: nosniff
age: 14688
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:05:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 13:27:20 GMT

GET
H3 200 35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 3 KB
3 KB 10ms
10ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:27:20 GMT
x-content-type-options: nosniff
age: 14690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3374
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:04:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 13:27:20 GMT

GET
H3 200 35747479_20220117075632800_FXEU-Banks.jpg
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 569 KB
569 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220117075632800_FXEU-Banks.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ceb17eea54dfefffec234cd2a1e015c224c4e5c03a977e0c77371510f1e1161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 15:23:29 GMT
x-content-type-options: nosniff
age: 7721
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582990
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 15:56:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 15:23:29 GMT

GET
H3 200 35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 68 B
94 B 12ms
11ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:27:20 GMT
x-content-type-options: nosniff
age: 14690
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:05:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 13:27:20 GMT

GET
H3 200 35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:27:20 GMT
x-content-type-options: nosniff
age: 14692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3374
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:04:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 13:27:20 GMT

GET
H3 200 35747479_20220117075632800_FXEU-Banks.jpg
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 569 KB
569 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220117075632800_FXEU-Banks.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ceb17eea54dfefffec234cd2a1e015c224c4e5c03a977e0c77371510f1e1161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 15:23:29 GMT
x-content-type-options: nosniff
age: 7723
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582990
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 15:56:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 15:23:29 GMT

GET
H3 200 35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 68 B
94 B 9ms
9ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:27:20 GMT
x-content-type-options: nosniff
age: 14692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:05:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 13:27:20 GMT

GET
H3 200 35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:27:20 GMT
x-content-type-options: nosniff
age: 14694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3374
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:04:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 13:27:20 GMT

GET
H3 200 35747479_20220117075632800_FXEU-Banks.jpg
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 569 KB
569 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220117075632800_FXEU-Banks.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ceb17eea54dfefffec234cd2a1e015c224c4e5c03a977e0c77371510f1e1161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 15:23:29 GMT
x-content-type-options: nosniff
age: 7725
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582990
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 15:56:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 15:23:29 GMT

GET
H3 200 35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 68 B
94 B 8ms
8ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:27:20 GMT
x-content-type-options: nosniff
age: 14694
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:05:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 13:27:20 GMT

GET
H3 200 35747479_20211020090433101_Forex_logo.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 3 KB
3 KB 8ms
7ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090433101_Forex_logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:27:20 GMT
x-content-type-options: nosniff
age: 14696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3374
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:04:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 13:27:20 GMT

GET
H3 200 35747479_20220117075632800_FXEU-Banks.jpg
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 569 KB
569 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20220117075632800_FXEU-Banks.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ceb17eea54dfefffec234cd2a1e015c224c4e5c03a977e0c77371510f1e1161

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 15:23:29 GMT
x-content-type-options: nosniff
age: 7727
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 582990
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 15:56:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 15:23:29 GMT

GET
H3 200 35747479_20211020090550552_1x1-00000000.png
s0.2mdn.net/ads/richmedia/studio/35747479/ Frame C214 68 B
94 B 8ms
8ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/35747479/35747479_20211020090550552_1x1-00000000.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17405966027270914048/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17405966027270914048/index.html?e=69&leftOffset=0&topOffset=0&c=pV11YF5Arw&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Thu, 14 Apr 2022 13:27:20 GMT
x-content-type-options: nosniff
age: 14696
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 20 Oct 2021 16:05:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 15 Apr 2022 13:27:20 GMT

GET
H2 200 dc_oe=ChMIqaz34YqU9wIVAQiLCh02uQ7REAAYACDBp8xQQhMI3uDQ4YqU9wIVjop3Ch11-wm_;met=1;&timestamp=1649957536742;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 12DB 42 B
494 B 226ms
43ms Image
image/gif 142.250.74.194

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIqaz34YqU9wIVAQiLCh02uQ7REAAYACDBp8xQQhMI3uDQ4YqU9wIVjop3Ch11-wm_;met=1;&timestamp=1649957536742;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Requested by

Host: english.nv.ua
URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Apr 2022 17:32:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: counter.nv.ua
URL: https://counter.nv.ua/set?a=50233871

Domain: a4p.adpartner.pro
URL: https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307558%26extuid%3D%7Buser_id%7D

Verdicts & Comments Add Verdict or Comment

224 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
english.nv.ua/nation	1969-12-31 23:59:59	Name: b Value: b
.hit.ua/	1970-01-21 04:36:05	Name: uid Value: 2979138100.1649957524.438024995
.nv.ua/	1970-01-20 04:28:53	Name: _gcl_au Value: 1.1.265634367.1649957525
english.nv.ua/	1970-01-25 07:39:25	Name: cbtYmTName Value: eANaERxaQloaQRxBSEpJTx0bTBsZTE5NWgXo
.nv.ua/	1970-01-20 02:20:43	Name: _gid Value: GA1.2.105963544.1649957525
.nv.ua/	1970-01-20 02:19:17	Name: _dc_gtm_UA-51943557-1 Value: 1
.nv.ua/	1970-01-20 19:50:29	Name: _ga_52RSPD3WMK Value: GS1.1.1649957524.1.0.1649957524.0
.nv.ua/	1970-01-20 19:50:29	Name: _ga Value: GA1.1.1814978448.1649957525
loadercdn.net/	1970-01-23 17:55:17	Name: vui Value: c68ed165c8c245339d7e4131e093741f
.nv.ua/	1970-01-20 11:48:05	Name: __gfp_64b Value: BkSLMCXDGZA5AwRKyFLanWb_tiUA_0G9x4L.h4N8fMz.G7\|1649957524
.hit.gemius.pl/	1970-01-20 02:29:22	Name: Gtest Value: KlSn_RGGQMGG7TH2TemFSi9issGMXP8c25nSGJcpcvLn6v1isG..
english.nv.ua/	1970-01-20 03:02:29	Name: _pbjs_userid_consent_data Value: 3524755945110770
.nv.ua/	1970-01-20 11:04:53	Name: _pubcid Value: c66bdd0c-2e6d-4a42-a385-0a4388fd3d32
.hit.gemius.pl/	1970-01-20 11:48:05	Name: Gdyn Value: KlGSOMGGQMGG7TH2TemFSi9issGMXP8c25nSGJcpcvLn6vMiGsRPIQlGvGGptMg8SLL8RLcGsy8Pge9iaQG.
.admixer.net/	1970-01-20 04:28:53	Name: am-uid Value: b15e95fd945848c39b68e6799b5cc135
.rubiconproject.com/	1970-01-20 11:04:53	Name: khaos Value: L1ZA3YH3-15-9L0E
.rubiconproject.com/	1970-01-20 11:04:53	Name: audit Value: 1\|naVuGyos1qqTygWWaIgJyPsKGGM1eolu5vVtDhgOVUO/zJBpTbUTSzFAPXP4qnrgdl7EMyLVF169QSxG1HSY5jH4Wm0It/pK5kqtGfLwNj8=
.ads.adnuntius.delivery/	1970-01-20 03:02:29	Name: usi Value: lws1!c7a481875645b223719917814b1c3f86
.ads.adnuntius.delivery/	1969-12-31 23:59:59	Name: sessionId Value: 06f5e4ebb7b8dff7f6529ef36658e022
.adtelligent.com/	1970-01-20 03:48:34	Name: vmuid Value: 712fd8cf7060e96d
.nv.ua/	1970-01-20 11:40:53	Name: __gads Value: ID=7a8a01aa7b71f7f4-225034f076cd0073:T=1649957525:S=ALNI_MZUQ0xnKt674KMVxazp8vSUrL71xA
.doubleclick.net/	1970-01-20 11:40:53	Name: IDE Value: AHWqTUkbntbkgy_Lg6QO93DzljIWnsJXtKxNetmFvthd71ajOg9WgS_GhouXf4OuJzU
.casalemedia.com/	1970-01-20 04:28:53	Name: CMPS Value: 3165
.adnxs.com/	1970-01-20 04:28:53	Name: uuid2 Value: 2417982101026484348
.doubleclick.net/	1970-01-20 02:19:21	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 11:04:53	Name: CMID Value: YlhaloU9rJzokCEHQZoP0wAA
.casalemedia.com/	1970-01-20 04:28:53	Name: CMPRO Value: 1107
.casalemedia.com/	1970-01-20 02:20:43	Name: CMST Value: YlhalmJYWpYA
.casalemedia.com/	1970-01-20 11:04:53	Name: CMRUM3 Value: 2d62585a962760CAESEJHNLK_PGUYHMAUI48M-1pw
.adnxs.com/	1970-01-20 04:28:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVMj^2l'!]tbPl1M>e)ZlrFUfJ+tGXxoPSLIM8Fx/)B_>lrP:rvF?M`_FkX^Vv>'p#ZV3If)y3KL9D3I?+>`5)?V
.nv.ua/	1970-01-20 11:40:53	Name: cto_bundle Value: LKGX3V9DckJueEhvN012ZiUyRkd1SE94d09kJTJCWkduWlBkQk90WXdoSnE5Wnc0VUR3STh4YWpGaElhZjBiYVY1c1Bsd0JSNkVxQjV5QVNNWEd4MVFjUlhqTXh1R05wa0psY0owY1dGbkJENiUyRjNIR3huSSUzRA
.nv.ua/	1970-01-20 11:40:53	Name: cto_bidid Value: OTCYzl8ycUJQRjlrbm1ScDhkS1ZMOVclMkZ5NmRYJTJCSHpWNU5pcHc2QTgwU0RCY2haTzZ3aEMxdGIlMkZzUldGSUU4YlFWRG5ZQ1d1cVJONHNjd0wwWEkyY1ZkJTJCNWJ3JTNEJTNE

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://english.nv.ua/nation/anonymous-hacks-gazprom-s-website-publishes-company-s-correspondence-50233871.html Message: Access to XMLHttpRequest at 'https://counter.nv.ua/set?a=50233871' from origin 'https://english.nv.ua' has been blocked by CORS policy: Request header field x-requested-with is not allowed by Access-Control-Allow-Headers in preflight response.
network	error	URL: https://counter.nv.ua/set?a=50233871 Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

9f7e3e978b6c9311f0bfbafecf3d53fa.safeframe.googlesyndication.com
a4p.adpartner.pro
ade.googlesyndication.com
ads.adnuntius.delivery
adservice.google.com
adservice.google.ro
adtelligent-d.openx.net
adx.adform.net
ap.lijit.com
bidder.criteo.com
c.hit.ua
cdn.ampproject.org
cdn.taboola.com
cm.g.doubleclick.net
counter.nv.ua
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
english.nv.ua
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
images.weserv.nl
inv-nets.admixer.net
loadercdn.net
ls.hit.gemius.pl
mug.criteo.com
pagead2.googlesyndication.com
player.adtelligent.com
prebid-eu.creativecdn.com
s.zmctrack.net
s0.2mdn.net
securepubads.g.doubleclick.net
static.criteo.net
static.nv.ua
stats.g.doubleclick.net
sync.adtelligent.com
sync.medidexs.com
t.trafmag.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
a4p.adpartner.pro
counter.nv.ua
142.250.184.226
142.250.185.98
142.250.74.194
146.0.227.110
146.59.30.100
151.101.65.44
178.250.2.131
178.250.2.146
185.184.8.90
185.187.81.40
185.187.81.41
185.33.220.100
185.64.189.112
193.200.65.5
216.52.2.48
23.227.139.243
23.32.59.34
2602:803:c003:200::31
2606:4700:10::6816:3649
2606:4700:10::6816:3749
2606:4700:3030::ac43:8f51
2606:4700:3036::ac43:c9e4
2a00:1450:4001:808::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2004
2a00:1450:4001:813::2006
2a00:1450:4001:813::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:830::200e
2a00:1450:400c:c00::9b
2a02:2638:1::13
2a02:2638:1::3
2a0c:5c81:5142::2
34.98.64.218
37.157.4.28
45.133.44.4
54.36.109.186
54.37.238.28
69.192.160.245
89.184.81.35
06883262e4cd116942c21b87f764ccd8f4b21ea67f38510d620e414fd843bf81
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c093df462f6a09627447e7d7bd93847910ad3709116a60417272352d6cf66a5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d64d6521e870aa7eab0c2ff112184e43eb58e548a5f350f0a113745e17f0d57
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0fd708301cca4705f88f0b89dd8efa7e98515857023012413fea964286f6c5e7
10cb35a5786ba742e0e5e91c22f42ae9cafa7acdfcab479053cfa8ed8b39adf0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1a06f0bcea8f092f4509a070717a766aec111106cb2d97513406564d1126c2eb
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
23bda93ef5c792e67a634eead57a3293fd6a8cd3a677f76b564ad055f9eb226d
2433c8e0fd733cadec4a32d3415273ba218c11f3a6a6856d56b756bcbe96e9ef
24441d61a8b1e57749f5f61f34c905b609c572e6fe1c16e4529d9005913bf28d
24b054d15550e51876a7b4a869f6cd7db552c1d4dc76976ea25dd36fe958cb46
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2930f4072ddb47d2304c1444bbe5254d3b9b57bc2968c5bc2a3b1c66d0c90f27
2a196663e6de25157d32fac32772ead483ce491370e7138bbe7587b741755740
2b2485a29454172a33d676cd90c83c7c60cc4b68afed733be3f24dce69d9b4ac
2c91a7d22d8f83cc86fb0ce298547986d4ac0c4e68a25b2b1a4965e074319e0c
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
320829d08d5e492bb1e0e2c49e7ddfe9a4d5c9f7ed57f4c1316914276450b4c8
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3877a009c29d6544113f27118f4d44385da6d6703ff8d53ed031e6da71825888
3c0d0d723fd862a5fb87ce0de3939857d908f193baf8620ec8e480203b7e457a
3fe652a6463671670e2bd7a659a8b9575d7f545707aa0bfbb4e177fdd7a4f699
4074f32d83141b649e3fa117575294977fc03d7376f6177b62ff3d866b25b880
40a6fde90e5fa4d7aac669a50ca1efd481e15e6672586fb51f636fbcccf26a04
42524ce07f6ab05f27342edc02440b28590a7fe433adae3133a7e6bef2482e41
4532ab29489b8659e0eca2c98dde1ce135cd54d8f336c672b45537911f264883
45ab9e7b0e794c83734cabbf56eed01300e4d2829837cacf44dfbd959b819a2a
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4ac5a55227dbb54e7d3dcb2f172ad9aa0088b749ae04b7cd9ccad8ab4752c67e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b88a304d6162d0e7bc1ea1c3b8c9e9f6b6751002a6d58b6a7bb2c4dd383dea8
4ceb17eea54dfefffec234cd2a1e015c224c4e5c03a977e0c77371510f1e1161
4dd2dad15b5ff4f376070d3d6c66b47c9b87f99ab4c6f21882980f61c9036b32
4f2fb66cd232ecbef930d690546b5ab30feda30db4ac234c9745b04b579bbff0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50cd98c691a301517044b441f50d0650cf2d0955717749c276efdd5089f01d7b
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
53c0dcd72001f384774c1c82956fb4f2b105dee21251b942ee6c8ba1f46b1be9
569a9c58d86150b1ea102998d4895c783a68e8f8de99f8be0a0cda32804a4c1c
572350c5da7a17006b84f16eed1e8a4610874a855415fd85164e8712c58f638f
57fa3fd4a65322659944ca03e975fdc031addd892ded4a1809c8f055e75942d8
595374b4287ac35757c51ffb0e544392397afbc8f4eecc7f6f97a6bcb3b6c18d
5c4c24f2911fe73e56dbf275f8b8d3f49582cda2db7598cc4773861c1d7a4d2c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
64a9185d11765f5032214324cdf7d4c99cd2e6c291d9bd2239868f980539a9d8
65e20cb2d247d583efe3b20202f739f2c42dea3424705f8a41d4e5065c9c77ca
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d133cde47581a7585136a8f60870d85c16f83fafb613d2fc6e180e534e403b1
6e7c485b01ce61de0f2cb054b8c5530d3112f65f834d5efcb222555d7d893f70
6f818456ece89fb5cbb7592ef428593c9f32c318fe3e676ec3c372e53e9af4a9
730fa969cf7402b26778d3e0b24149f1a439f0e8ac5863ae518d069e383b167b
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7dc606be4585fb0adfc94553e94388529c8e1edccc0524f76472c11704bb1f7d
817d9335590ca0885bf13ef39d8bde5aca244d665eb3c311408529edcff950ce
81fb0be281dd4a4c81b2780d5ebb874244029fd2494c66c3be03630b30f4d05a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8666f967fb27ea9f87d5d00c9de023230df87c35b69f6efe633ae61a3d76d90a
89b32d2c190d8bd0b1660601ca99800e162e6583dfd5dd2705ff0f718cdef485
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b5c3609c519347212970ed363c6ef4ea8c9d0c7c1ac86aa269c8fe1578a4f23
8c2914cd6e0c26e9fe3a9de23853632be1862891bf9bcfdda7053e1995319563
8f686801f351cbffd4cd174b7e6baaf6d7f250561b3843ae227b3e5ea9c2b077
8fb8fc201a6f570ebfce0b3504f6da40f0976cd36c20e2983b6e5b172ebf56a0
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
95a0e658fd10ff677106d2b96727957dd231d94a06e9bfc912615843521d8276
96cd8db302b43bec12e41f290345950790ec22bde5c9c843cbc0d3c129b0e87d
981672a5e4651f68a1f33ccb5a02e3f53460b851b8d38a143e96d5d390b2c162
9b5b0bb3e5bb4b5362395f02def04a1389abe2b88c0883a3b63f60c79437a771
9b871512327c09ce91dd649b3f96a63b7408ef267c8cc5710114e629730cb61f
9b8fdb55750c6931cb3eff4f06daa56366e40426d7727f165ed41bb52ad4335f
9cbc882dd5d7afa636753dad25190b52795dee1fe28925123047a867cbb29ce5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2770e1666e4fd3a32cf87e44f5254a09a754e5bdf317218e8706fc65faefcb4
a493c1587354a72f2e7810ada3fb73bab23de3e41f5725ba8a3620b6cbd263f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54967295ebeb90136d083e31207814e32378b79e85524c9315669555d07a50e
a590006544400f77507234925a9bbea357265b053d2de4b6ed371149c285ebe7
a5c76c5cdd769bc7a048c8f65c56a7000adb29c8472d36eb4514af572a5ec5f8
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a8f20f756294872f4cd2f84e721c1047cfb6ab40611da0bc3e5a1a2c50a333c2
a928d72c856f424de504fbef6e433e660b3424c502c90c4818b402d057730f80
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b518f44abe6f5287b9141e121ffa32644a45644183ef3a8a194a021a381faf4c
b697a3d48705444c3234c577ac86ec0adcad410c3e4515afcfcaf0bb08ac4978
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
b9d6824de39593de8fd9abd5d8f3a87520f7e82d26889fd199109d4a4373d15a
bb5d4883b68a1e1586bfb36fb34aad640800efcf05b6eb0dabf30a8f4bb17c81
bc02dec243c0a7e4ed785025e97ddc81a889a1365b5c01f67ebd3ff54c21afcd
bc8aff4a2e208b42ac47738dc093dd26aebb290648263e59b0674d40b64296d6
bcbcd83de6b8f6891406ac45df0ee6e6c3352932104eb4559eb2ed8c675fc35f
bd1286dafec46757624ab86823a12c8b4d4ad5fb5c6661cbd05ad7b1758a4aee
bfabce7939c2e54fe677105273157300c7cc7d0ece61b02df942a7d31c66cc34
c06a5c912be41b7ba022a2e4635ad1fe54cddf04d7717448f3077d5b4840dcf4
c14cb624d43fe734fd4c844bf77cb5dc398137f7b222c6fc16b594c26f603d25
c2f3a5a13122f87c41184e7fb2b039c8af3201aa00617aac16e691991d7b5864
c565d6a34aa90e196a4f50b1ee73a5bd6722666813e9681607eb608fdc3ec88c
c5ebdae615537e7a35988b6836ef24b227e786cd143b77d780a041b2d76f5bc4
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
cac4449c70fb29ee5d4ac103f3448f59bbe47c0bd79e65cf5bb37c5f7ac0551f
d11243f375981ad71ed5cad2589556bc0ec780a30c9fe40b7f66e18a787e07f3
d6dfa7f307d3ff4c37f67320e98928d86e94f244b457e2824ec3260981a71e94
d76c0de81daa83a186eb4607d36d518d27045937fc36819c858576387d744ba4
d8415306a69cba6d6a7dfbf9b25c209ea7c3bdc91d944bb6b4798242374066fd
d9f493597b175e7ac223e3eba044146d970605f001ff549d3838fdf344f913a6
da31117e98880864a6d2ea2142374998d4a33c6f2b328638a101d7f48ae66cdf
da697e4a5654c750168d62ba00fded8a38fd33ac179d8223fbfba9b35175eff1
df7fff0720ee9f3d1c3d2f1abb97385bf79b99949a5912bcf692dee6da59716b
e1a32081e8be1dcbc0ab8b4dca8b47e659609ae9b005c075fecd81da7a7d6eca
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e522221082f0e3d37056ae77e5e8e6d21622053fc3f25ee5b9d15a0969f073b2
e597aca92098d36c0d98b4b158b202e2e2ea10ffe3dd40d63f9eca2cf8ab95a2
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e8c725b6914acb76ce4adce73ee529a18b7864412656254da86db0aeeca6b2aa
eb3e750c6fab3976f69f16b4f398de3d44e8fb7d596235c25a28df5ddacf48f7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa5599ff48b4b9ef3b7169f442e442d6a8b4eee0812a9ff013056c6069cfd49b
feaf7a60de1a6364aae57567f508c57d85876c42c8d15699261dd8de1390f5f8
ff84e434d34789f9bf332b6cbcb305b3b94ddafb7013a22f3fc7a33abf6b9147

english.nv.ua Open in urlscan Pro 2606:4700:10::6816:3749 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

210 Requests

95 %HTTPS

51 %IPv6

36 Domains

59 Subdomains

49 IPs

9 Countries

5950 kBTransfer

9768 kBSize

32 Cookies

10 Outgoing links

Redirected requests

210 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

english.nv.ua Open in urlscan Pro
2606:4700:10::6816:3749 Public Scan

Screenshot
Live screenshot

Full Image

210
Requests

95 %
HTTPS

51 %
IPv6

36
Domains

59
Subdomains

49
IPs

9
Countries

5950 kB
Transfer

9768 kB
Size

32
Cookies

210 HTTP transactions
7 data transactions